forked from extern/shorewall_code
Many fixes for Shorewall-init
Signed-off-by: Tom Eastep <teastep@shorewall.net>
This commit is contained in:
parent
00352baba7
commit
2c6d1c8d14
@ -93,7 +93,11 @@ for PRODUCT in $PRODUCTS; do
|
||||
VARDIR=/var/lib/$PRODUCT
|
||||
[ -f /etc/$PRODUCT/vardir ] && . /etc/$PRODUCT/vardir
|
||||
if [ -x $VARDIR/firewall ]; then
|
||||
/sbin/$PRODUCT -v0 $COMMAND $IFACE
|
||||
( . /usr/share/$product/lib.base
|
||||
mutex_on
|
||||
${VARDIR}/firewall -V0 $COMMAND $IFACE || echo_notdone
|
||||
mutex_off
|
||||
)
|
||||
fi
|
||||
done
|
||||
|
||||
|
@ -84,7 +84,20 @@ shorewall_start () {
|
||||
VARDIR=/var/lib/$product
|
||||
[ -f /etc/$product/vardir ] && . /etc/$product/vardir
|
||||
if [ -x ${VARDIR}/firewall ]; then
|
||||
${VARDIR}/firewall stop || echo_notdone
|
||||
#
|
||||
# Run in a sub-shell to avoid name collisions
|
||||
#
|
||||
(
|
||||
. /usr/share/$product/lib.base
|
||||
#
|
||||
# Get mutex so the firewall state is stable
|
||||
#
|
||||
mutex_on
|
||||
if ! ${VARDIR}/firewall status > /dev/null 2>&1; then
|
||||
${VARDIR}/firewall stop || echo_notdone
|
||||
fi
|
||||
mutex_off
|
||||
)
|
||||
fi
|
||||
done
|
||||
|
||||
@ -103,7 +116,11 @@ shorewall_stop () {
|
||||
VARDIR=/var/lib/$product
|
||||
[ -f /etc/$product/vardir ] && . /etc/$product/vardir
|
||||
if [ -x ${VARDIR}/firewall ]; then
|
||||
${VARDIR}/firewall clear || echo_notdone
|
||||
( . /usr/share/$product/lib.base
|
||||
mutex_on
|
||||
${VARDIR}/firewall clear || echo_notdone
|
||||
mutex_off
|
||||
)
|
||||
fi
|
||||
done
|
||||
|
||||
|
@ -55,15 +55,17 @@ fi
|
||||
|
||||
# Initialize the firewall
|
||||
shorewall_start () {
|
||||
local product
|
||||
local vardir
|
||||
local PRODUCT
|
||||
local VARDIR
|
||||
|
||||
echo -n "Initializing \"Shorewall-based firewalls\": "
|
||||
for product in $PRODUCTS; do
|
||||
vardir=/var/lib/$product
|
||||
[ -f /etc/$product/vardir ] && . /etc/$product/vardir
|
||||
if [ -x ${vardir}/firewall ]; then
|
||||
${vardir}/firewall stop || exit 1
|
||||
for PRODUCT in $PRODUCTS; do
|
||||
VARDIR=/var/lib/$PRODUCT
|
||||
[ -f /etc/$PRODUCT/vardir ] && . /etc/$PRODUCT/vardir
|
||||
if [ -x ${VARDIR}/firewall ]; then
|
||||
if ! /sbin/$PRODUCT status > /dev/null 2>&1; then
|
||||
${VARDIR}/firewall stop || echo_notdone
|
||||
fi
|
||||
fi
|
||||
done
|
||||
|
||||
@ -72,15 +74,15 @@ shorewall_start () {
|
||||
|
||||
# Clear the firewall
|
||||
shorewall_stop () {
|
||||
local product
|
||||
local vardir
|
||||
local PRODUCT
|
||||
local VARDIR
|
||||
|
||||
echo -n "Clearing \"Shorewall-based firewalls\": "
|
||||
for product in $PRODUCTS; do
|
||||
vardir=/var/lib/$PRODUCT
|
||||
[ -f /etc/$product/vardir ] && . /etc/$product/vardir
|
||||
if [ -x ${vardir}/firewall ]; then
|
||||
${vardir}/firewall clear || exit 1
|
||||
for PRODUCT in $PRODUCTS; do
|
||||
VARDIR=/var/lib/$PRODUCT
|
||||
[ -f /etc/$PRODUCT/vardir ] && . /etc/$PRODUCT/vardir
|
||||
if [ -x ${VARDIR}/firewall ]; then
|
||||
${VARDIR}/firewall clear || exit 1
|
||||
fi
|
||||
done
|
||||
|
||||
|
@ -635,11 +635,6 @@ case "$COMMAND" in
|
||||
run_it $g_firewall $debugging $nolock $COMMAND
|
||||
[ -n "$nolock" ] || mutex_off
|
||||
;;
|
||||
up|down)
|
||||
[ -n "$nolock" ] || mutex_on
|
||||
run_it $g_firewall $debugging $nolock $COMMAND
|
||||
[ -n "$nolock" ] || mutex_off
|
||||
;;
|
||||
reset)
|
||||
verify_firewall_script
|
||||
run_it $SHOREWALL_SHELL $g_firewall $debugging $nolock $@
|
||||
|
@ -1631,23 +1631,17 @@ case "$COMMAND" in
|
||||
get_config
|
||||
[ $# -ne 1 ] && usage 1
|
||||
[ -x $g_firewall ] || fatal_error "Shorewall has never been started"
|
||||
mutex_on
|
||||
run_it $g_firewall $g_debugging $nolock $COMMAND
|
||||
mutex_off
|
||||
;;
|
||||
up|down)
|
||||
[ -x $g_firewall ] || fatal_error "Shorewall has never been started"
|
||||
mutex_on
|
||||
run_it $g_firewall $g_debugging $nolock $@
|
||||
mutex_off
|
||||
[ -n "$nolock" ] || mutex_on
|
||||
run_it $g_firewall $g_debugging $COMMAND
|
||||
[ -n "$nolock" ] || mutex_off
|
||||
;;
|
||||
reset)
|
||||
get_config
|
||||
shift
|
||||
mutex_on
|
||||
[ -n "$nolock" ] || mutex_on
|
||||
[ -x $g_firewall ] || fatal_error "Shorewall has never been started"
|
||||
run_it $g_firewall $g_debugging $nolock reset $@
|
||||
mutex_off
|
||||
run_it $g_firewall $g_debugging reset $@
|
||||
[ -n "$nolock" ] || mutex_off
|
||||
;;
|
||||
compile)
|
||||
get_config Yes
|
||||
|
@ -619,11 +619,6 @@ case "$COMMAND" in
|
||||
run_it $g_firewall $debugging $nolock $COMMAND
|
||||
[ -n "$nolock" ] || mutex_off
|
||||
;;
|
||||
up|down)
|
||||
[ -n "$nolock" ] || mutex_on
|
||||
run_it $g_firewall $debugging $nolock $@
|
||||
[ -n "$nolock" ] || mutex_off
|
||||
;;
|
||||
restart)
|
||||
shift
|
||||
restart_command $@
|
||||
|
@ -1544,22 +1544,17 @@ case "$COMMAND" in
|
||||
[ $# -ne 1 ] && usage 1
|
||||
get_config
|
||||
[ -x $g_firewall ] || fatal_error "Shorewall6 has never been started"
|
||||
mutex_on
|
||||
run_it $g_firewall $g_debugging $nolock $COMMAND
|
||||
mutex_off
|
||||
;;
|
||||
up|down)
|
||||
mutex_on
|
||||
run_it $g_firewall $g_debugging $nolock $@
|
||||
mutex_off
|
||||
[ -n "$nolock" ] || mutex_on
|
||||
run_it $g_firewall $g_debugging $COMMAND
|
||||
[ -n "$nolock" ] || mutex_off
|
||||
;;
|
||||
reset)
|
||||
get_config
|
||||
shift
|
||||
mutex_on
|
||||
[ -n "$nolock" ] || mutex_on
|
||||
[ -x $g_firewall ] || fatal_error "Shorewall6 has never been started"
|
||||
run_it $g_firewall $g_debugging $nolock reset $@
|
||||
mutex_off
|
||||
run_it $g_firewall $g_debugging reset $@
|
||||
[ -n "$nolock" ] || mutex_off
|
||||
;;
|
||||
compile)
|
||||
get_config Yes
|
||||
|
Loading…
Reference in New Issue
Block a user