Add 'reload' command

git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@4099 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb

Shorewall/help

@@ -248,6 +248,15 @@ reset)
     All the packet and byte counters in the firewall are reset."
 	;;
 
+reload)
+	echo "reload: reload <system>
+    Causes the shorewall configuration in the current working directory to be
+    compiled into a program called 'firewall'. If compilation is successful,
+    the 'firewall' script is copied via scp to the /usr/share/shorewall-lite/ 
+    directory on <system>. If the script is copied successfully, Shorewall 
+    Lite on <system> is restarted via ssh."
+	;;
+
 restart)
 	echo "restart: restart [ -n ] [ <configuration-directory> ]
     Restart is the same as a shorewall stop && shorewall start.

Shorewall/shorewall

@@ -1282,6 +1282,13 @@ restore_command() {
     fi
 }
 #
+# Reload command executor
+#
+reload_command() 
+{
+    shorewall compile -e . firewall && scp firewall root@${1}:/usr/share/shorewall-lite/ && ssh root@${1} '/sbin/shorewall-lite restart' && progress_message3 "System $1 reloaded"
+}
+#
 # Help information
 #
 help()
@@ -1316,6 +1323,7 @@ usage() # $1 = exit status
     echo "   logwatch [<refresh interval>]"
     echo "   refresh"
     echo "   reject <address> ..."
+    echo "   reload <system>"
     echo "   reset"
     echo "   restart [ -n ] [ <directory> ]"
     echo "   restore [ -n ] [ <file name> ]"
@@ -1622,6 +1630,11 @@ case "$COMMAND" in
     	shift
     	show_command $@
 	;;
+    reload)
+	shift
+	[ $# -eq 1 ] || usage 1
+	reload_command $1
+	;;
     status)
 	[ $# -eq 1 ] || usage 1
 	echo "Shorewall-$version Status at $HOSTNAME - $(date)"

docs/CompiledPrograms.xml

@@ -305,6 +305,8 @@
 
         <member>refresh</member>
 
+        <member>reload</member>
+
         <member>try</member>
 
         <member>safe-start</member>
@@ -397,30 +399,20 @@
     </section>
 
     <section>
-      <title>A simple shell program for remote firewall replacement</title>
+      <title>/sbin/shorewall reload command (Added in 3.2.0 RC4)</title>
 
-      <para>I use the following <ulink
-      url="ftp://ftp1.shorewall.net/pub/shorewall/contrib/compile">simple
-      shell program</ulink> for compiling firewall scripts and installing them
-      on firewall systems:</para>
+      <para>The reload command allows for easy updating of remote firewall
+      systems. At shorewall.net, I keep my firewall configurations in
+      sub-directories under ~/Configs. The name of the directory corresponds
+      to the DNS name of the system. </para>
 
-      <blockquote>
-        <programlisting>#/bin/bash
-
-[ $# -eq 1 ] || { echo "Usage: $(basename $0) &lt;system&gt;" &gt;&amp;2; exit 2; }
-
-/sbin/shorewall compile -e . firewall &amp;&amp; scp firewall root@${1}:/usr/share/shorewall-lite/ &amp;&amp; ssh root@${1} 'shorewall-lite restart'</programlisting>
-      </blockquote>
-
-      <para>I install this program in
-      <filename>/usr/local/bin/compile</filename> and I have my configuration
-      directories in ~/Config. So, for example, to recompile the firewall
-      script for the 'gateway' system and install the script on gateway, I do
-      the following:</para>
+      <para>To recompile the firewall script for the system named gateway and
+      to install that script on gateway, I issue the following
+      commands:</para>
 
       <blockquote>
         <programlisting>teastep@wookie:~$ <command>cd Configs/gateway</command>
-teastep@wookie:~/Configs/gateway$ <command>compile gateway</command>
+teastep@wookie:~/Configs/gateway$ <command>/sbin/shorewall reload gateway</command>
 Compiling...
 Shorewall configuration compiled to firewall
 firewall                                                                                                                  100%   29KB  29.3KB/s   00:00

docs/starting_and_stopping_shorewall.xml

@@ -943,6 +943,38 @@
         </listitem>
       </varlistentry>
 
+      <varlistentry>
+        <term>reload (Added in Shorewall 3.2.0 RC4 -- not supported by
+        Shorewall Lite)</term>
+
+        <listitem>
+          <para><command>reload &lt;system&gt;</command></para>
+
+          <para>Allows a non-root user to compile a shorewall script and
+          install it on a remote system (provided that the user has access to
+          the remote system via ssh). The command is equivalent to:</para>
+
+          <simplelist>
+            <member><command>/sbin/shorewall compile -e . firewall
+            &amp;&amp;\</command></member>
+
+            <member><command>scp firewall
+            root@&lt;system&gt;:/usr/share/shorewall-lite/
+            &amp;&amp;\</command></member>
+
+            <member><command>ssh root@&lt;system&gt; '/sbin/shorewall-lite
+            restart'</command></member>
+          </simplelist>
+
+          <para>In other words, the configuration in the current working
+          directory is compiled to a file called <filename>firewall</filename>
+          in that directory. If compilation succeeds, then
+          <filename>firewall</filename> is copied to the remote system using
+          scp. If the copy succeeds, Shorewall Lite on the remote system is
+          restarted via ssh.</para>
+        </listitem>
+      </varlistentry>
+
       <varlistentry>
         <term>reset</term>