holm/shorewall_code
1
0
Fork 0
forked from extern/shorewall_code
Code Pull Requests Activity

Delete diff's from the development path

Browse Source 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@7047 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
This commit is contained in:
teastep 2007-08-03 22:58:56 +00:00
parent 5ca45e1fa1
commit 30567220fd
5 changed files with 3 additions and 310 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

147
Shorewall-common/diff-3.4-lib.base
View File

@ -1,147 +0,0 @@
--- /home/teastep/shorewall/branches/3.4/Shorewall/lib.base 2007-06-17 14:30:30.000000000 -0700
+++ lib.base 2007-07-22 06:29:50.000000000 -0700
@@ -1,6 +1,6 @@
#!/bin/sh
#
-# Shorewall 3.4 -- /usr/share/shorewall/lib.base
+# Shorewall 4.0 -- /usr/share/shorewall/lib.base
#
# This program is under GPL [http://www.gnu.org/copyleft/gpl.htm]
#
@@ -21,20 +21,26 @@
# along with this program; if not, write to the Free Software
# Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA
#
-# This library contains the code common to all Shorewall components. It is copied into
-# the compiled script with the -e compiler flag is specified and is loaded by
-# /sbin/shorewall, /usr/share/shorewall/compiler and /usr/share/shorewall/firewall. It
-# is also released as part of Shorewall Lite where it is used by /sbin/shorewall-lite
-# and /usr/share/shorewall-lite/shorecap.
+# This library contains the code common to all Shorewall components.
+#
+# - It is copied into the compiled script with the -e compiler flag is specified to
+# shorewall-shell.
+# - It is loaded by /sbin/shorewall.
+# - It is loaded by /usr/share/shorewall/firewall.
+# - It is loaded by /usr/share/shorewall-shell/compiler.
+# - It is released as part of Shorewall Lite where it is used by /sbin/shorewall-lite
+# and /usr/share/shorewall-lite/shorecap.
+# - It is released as part of Shorewall Perl where it is copied into the compiled script
+# by the compiler.
#
-SHOREWALL_LIBVERSION=30404
+SHOREWALL_LIBVERSION=40000
SHOREWALL_CAPVERSION=30405
[ -n "${VARDIR:=/var/lib/shorewall}" ]
[ -n "${SHAREDIR:=/usr/share/shorewall}" ]
[ -n "${CONFDIR:=/etc/shorewall}" ]
-SHELLSHAREDIR=/usr/share/shorewall
+SHELLSHAREDIR=/usr/share/shorewall-shell
PERLSHAREDIR=/usr/share/shorewall-perl
#
@@ -360,6 +366,8 @@
eval loaded=\$LIB_${1}_LOADED
if [ -z "$loaded" ]; then
+ [ -f $lib ] || lib=${SHELLSHAREDIR}/lib.$1
+
if [ -f $lib ]; then
progress_message "Loading library $lib..."
. $lib
@@ -380,7 +388,7 @@
#
# Note: The following set of IP address manipulation functions have anomalous
-# behavior when the shell only supports 32-bit signed arithmatic and
+# behavior when the shell only supports 32-bit signed arithmetic and
# the IP address is 128.0.0.0 or 128.0.0.1.
#
@@ -692,7 +700,7 @@
#
find_rt_interface() {
- ip route ls | while read addr rest; do
+ ip route list | while read addr rest; do
case $addr in
*/*)
in_network ${1%/*} $addr && echo $(find_device $rest)
@@ -713,14 +721,14 @@
find_nexthop() # $1 = interface
{
- echo $(find_gateway `ip route ls | grep "[[:space:]]nexthop.* $1"`)
+ echo $(find_gateway `ip route list | grep "[[:space:]]nexthop.* $1"`)
}
#
# Find the default route's interface
#
find_default_interface() {
- ip route ls | while read first rest; do
+ ip route list | while read first rest; do
[ "$first" = default ] && echo $(find_device $rest) && return
done
}
@@ -746,7 +754,7 @@
find_interface_by_mac() {
local mac=$1 first second rest dev
- ip link ls | while read first second rest; do
+ ip link list | while read first second rest; do
case $first in
*:)
dev=$second
@@ -764,7 +772,7 @@
# Determine if Interface is up
#
interface_is_up() {
- [ -n "$(ip link ls dev $1 2> /dev/null | grep -e '[<,]UP[,>]')" ]
+ [ -n "$(ip link list dev $1 2> /dev/null | grep -e '[<,]UP[,>]')" ]
}
#
@@ -1232,11 +1240,11 @@
#
# First assume that this is some sort of point-to-point interface
#
- gateway=$( find_peer $(ip addr ls $interface ) )
+ gateway=$( find_peer $(ip addr list $interface ) )
#
# Maybe there's a default route through this gateway already
#
- [ -n "$gateway" ] || gateway=$(find_gateway $(ip route ls dev $interface))
+ [ -n "$gateway" ] || gateway=$(find_gateway $(ip route list dev $interface))
#
# Last hope -- is there a load-balancing route through the interface?
#
@@ -1251,7 +1259,7 @@
# Disable IPV6
#
disable_ipv6() {
- local foo="$(ip -f inet6 addr ls 2> /dev/null)"
+ local foo="$(ip -f inet6 addr list 2> /dev/null)"
if [ -n "$foo" ]; then
if qt mywhich ip6tables; then
@@ -1381,7 +1389,7 @@
#
get_device_mtu() # $1 = device
{
- local output="$(ip link ls dev $1 2> /dev/null)" # quotes required for /bin/ash
+ local output="$(ip link list dev $1 2> /dev/null)" # quotes required for /bin/ash
if [ -n "$output" ]; then
echo $(find_mtu $output)
@@ -1396,7 +1404,7 @@
#
get_device_mtu1() # $1 = device
{
- local output="$(ip link ls dev $1 2> /dev/null)" # quotes required for /bin/ash
+ local output="$(ip link list dev $1 2> /dev/null)" # quotes required for /bin/ash
local mtu
if [ -n "$output" ]; then

65
Shorewall-common/diff-3.4-lib.cli
View File

@ -1,65 +0,0 @@
--- /home/teastep/shorewall/branches/3.4/Shorewall/lib.cli 2007-06-28 17:05:43.000000000 -0700
+++ lib.cli 2007-07-22 06:29:50.000000000 -0700
@@ -1,6 +1,6 @@
#!/bin/sh
#
-# Shorewall 3.4 -- /usr/share/shorewall/lib.cli.
+# Shorewall 4.0 -- /usr/share/shorewall/lib.cli.
#
# This program is under GPL [http://www.gnu.org/copyleft/gpl.htm]
#
@@ -363,18 +363,18 @@
# Show routing configuration
#
show_routing() {
- if [ -n "$(ip rule ls)" ]; then
+ if [ -n "$(ip rule list)" ]; then
heading "Routing Rules"
- ip rule ls
- ip rule ls | while read rule; do
+ ip rule list
+ ip rule list | while read rule; do
echo ${rule##* }
done | sort -u | while read table; do
heading "Table $table:"
- ip route ls table $table
+ ip route list table $table
done
else
heading "Routing Table"
- ip route ls
+ ip route list
fi
}
@@ -530,7 +530,7 @@
[ $# -gt 1 ] && usage 1
echo "$PRODUCT $version IP at $HOSTNAME - $(date)"
echo
- ip addr ls
+ ip addr list
;;
routing)
[ $# -gt 1 ] && usage 1
@@ -541,7 +541,7 @@
config)
. ${SHAREDIR}/configpath
echo "Default CONFIG_PATH is $CONFIG_PATH"
- echo "LITEDIR is $LITEDIR"
+ [ -n "$LITEDIR" ] && echo "LITEDIR is $LITEDIR"
;;
chain)
shift
@@ -697,10 +697,10 @@
[ -f /proc/net/ip_conntrack ] && cat /proc/net/ip_conntrack || cat /proc/net/nf_conntrack
heading "IP Configuration"
- ip addr ls
+ ip addr list
heading "IP Stats"
- ip -stat link ls
+ ip -stat link list
if qt mywhich brctl; then
heading "Bridges"

65
Shorewall-common/diff-3.4-lib.config
View File

@ -1,65 +0,0 @@
--- /home/teastep/shorewall/branches/3.4/Shorewall/lib.config 2007-06-22 13:44:06.000000000 -0700
+++ lib.config 2007-06-19 15:56:40.000000000 -0700
@@ -1865,7 +1865,7 @@
if [ -n "$IP_FORWARDING" ]; then
case "$IP_FORWARDING" in
- On|Off|Keep|on|off|keep|ON|OFF|KEEP)
+ On|Off|Yes|No|Keep|on|off|yes|no|keep|ON|OFF|YES|NO|KEEP)
;;
*)
startup_error "Invalid value ($IP_FORWARDING) for IP_FORWARDING"
@@ -1875,6 +1875,44 @@
IP_FORWARDING=On
fi
+ if [ -n "$ROUTE_FILTER" ]; then
+ case "$ROUTE_FILTER" in
+ Yes|yes|YES)
+ ROUTE_FILTER=yes
+ ;;
+ No|no|NO)
+ ROUTE_FILTER=no
+ ;;
+ Keep|keep|KEEP)
+ ROUTE_FILTER=
+ ;;
+ *)
+ startup_error "Invalid value ($ROUTE_FILTER) for ROUTE_FILTER"
+ ;;
+ esac
+ else
+ ROUTE_FILTER=
+ fi
+
+ if [ -n "$LOG_MARTIANS" ]; then
+ case "$LOG_MARTIANS" in
+ Yes|yes|YES)
+ LOG_MARTIANS=yes
+ ;;
+ No|no|NO)
+ LOG_MARTIANS=no
+ ;;
+ Keep|keep|KEEP)
+ LOG_MARTIANS=
+ ;;
+ *)
+ startup_error "Invalid value ($LOG_MARTIANS) for LOG_MARTIANS"
+ ;;
+ esac
+ else
+ LOG_MARTIANS=
+ fi
+
[ -n "${BLACKLIST_DISPOSITION:=DROP}" ]
case "$CLAMPMSS" in
@@ -1886,8 +1924,6 @@
esac
ADD_SNAT_ALIASES=$(added_param_value_no ADD_SNAT_ALIASES $ADD_SNAT_ALIASES)
- ROUTE_FILTER=$(added_param_value_no ROUTE_FILTER $ROUTE_FILTER)
- LOG_MARTIANS=$(added_param_value_no LOG_MARTIANS $LOG_MARTIANS)
DETECT_DNAT_IPADDRS=$(added_param_value_no DETECT_DNAT_IPADDRS $DETECT_DNAT_IPADDRS)
MACLIST_TARGET=reject

30
Shorewall-common/diff-3.4-shorewall
View File

@ -1,30 +0,0 @@
--- /home/teastep/shorewall/branches/3.4/Shorewall/shorewall 2007-06-18 11:32:15.000000000 -0700
+++ shorewall 2007-06-19 06:36:20.000000000 -0700
@@ -1305,7 +1305,7 @@
echo " stop"
echo " status"
echo " try [ -C {shell|perl} ] <directory> [ <timeout> ]"
- echo " version"
+ echo " version [ -a ]"
echo " safe-start [ -C {shell|perl} ] [ <directory> ]"
echo " safe-restart [ -C {shell|perl} ] [ <directory> ]"
echo
@@ -1449,6 +1449,10 @@
echo $version
if [ -n "$all" ]; then
+ if [ -f /usr/share/shorewall-shell/version ]; then
+ echo "Shorewall-shell $(cat /usr/share/shorewall-shell/version)"
+ fi
+
if [ -f /usr/share/shorewall-perl/version ]; then
echo "Shorewall-perl $(cat /usr/share/shorewall-perl/version)"
fi
@@ -1534,6 +1538,7 @@
[ $# -ne 1 ] && usage 1
get_config
export NOROUTES
+ [ -x ${VARDIR}/.restore ] && FIREWALL=${VARDIR}/.restore
exec $SHOREWALL_SHELL $FIREWALL $debugging $nolock $COMMAND
;;
compile)

6
Shorewall-common/lib.config
View File

@ -376,10 +376,10 @@ validate_interfaces_file() {
dhcp|tcpflags|arp_filter|routefilter|logmartians|sourceroute|blacklist|nosmurfs|upnp|-) dhcp|tcpflags|arp_filter|routefilter|logmartians|sourceroute|blacklist|nosmurfs|upnp|-)
;; ;;
proxyarp) proxyarp)
lib_load proxyarp "The 'proxyarp' option on interface $interface" [ "$PROGRAM" = compiler ] && lib_load proxyarp "The 'proxyarp' option on interface $interface"
;; ;;
maclist) maclist)
lib_load maclist "The 'maclist' option" [ "$PROGRAM" = compiler ] && lib_load maclist "The 'maclist' option"
;; ;;
norfc1918) norfc1918)
if [ "$PROGRAM" != compiler ]; then if [ "$PROGRAM" != compiler ]; then
@ -627,7 +627,7 @@ validate_hosts_file() {
norfc1918|blacklist|tcpflags|nosmurfs|-) norfc1918|blacklist|tcpflags|nosmurfs|-)
;; ;;
maclist) maclist)
lib_load maclist "The 'maclist' option" [ "$PROGRAM" = compiler ] && lib_load maclist "The 'maclist' option"
;; ;;
ipsec) ipsec)
[ -n "$POLICY_MATCH" ] || \ [ -n "$POLICY_MATCH" ] || \