diff --git a/Shorewall-lite/shorewall-lite b/Shorewall-lite/shorewall-lite index 0e6ca4753..3f6a91b0a 100755 --- a/Shorewall-lite/shorewall-lite +++ b/Shorewall-lite/shorewall-lite @@ -365,8 +365,10 @@ usage() # $1 = exit status echo " allow
..." echo " clear" echo " delete [:] ... " + echo " disable " echo " drop
..." echo " dump [ -x ]" + echo " enable " echo " forget [ ]" echo " help" echo " ipcalc {
/ |
}" @@ -664,7 +666,7 @@ case "$COMMAND" in ;; status) [ $# -eq 1 ] || usage 1 - [ "$(id -u)" != 0 ] && fatal_error "ERROR: The status command may only be run by root" + [ "$(id -u)" != 0 ] && fatal_error "The status command may only be run by root" echo "Shorewall Lite $SHOREWALL_VERSION Status at $g_hostname - $(date)" echo if shorewall_is_started ; then @@ -754,6 +756,14 @@ case "$COMMAND" in shift add_command $@ ;; + disable|enable) + get_config Yes + if shorewall_is_started; then + run_it ${VARDIR}/firewall $g_debugging $@ + else + fatal_error "Shorewall is not running" + fi + ;; save) [ -n "$debugging" ] && set -x diff --git a/Shorewall/Perl/Shorewall/Zones.pm b/Shorewall/Perl/Shorewall/Zones.pm index 406e61845..3917838cc 100644 --- a/Shorewall/Perl/Shorewall/Zones.pm +++ b/Shorewall/Perl/Shorewall/Zones.pm @@ -76,6 +76,7 @@ our @EXPORT = qw( NOTHING get_interface_option interface_has_option set_interface_option + set_interface_provider interface_zones verify_required_interfaces compile_updown diff --git a/Shorewall/lib.cli b/Shorewall/lib.cli index bc7236e92..230ae6ffd 100644 --- a/Shorewall/lib.cli +++ b/Shorewall/lib.cli @@ -29,7 +29,7 @@ # fatal_error() # $@ = Message { - echo " $@" >&2 + echo " ERROR: $@" >&2 exit 2 } diff --git a/Shorewall/shorewall b/Shorewall/shorewall index 7da8c1f61..7da8e8127 100755 --- a/Shorewall/shorewall +++ b/Shorewall/shorewall @@ -1379,7 +1379,7 @@ reload_command() # $* = original arguments less the command. progress_message "Getting Capabilities on system $system..." if ! rsh_command "MODULESDIR=$MODULESDIR MODULE_SUFFIX=\"$MODULE_SUFFIX\" IPTABLES=$IPTABLES DONT_LOAD=\"$DONT_LOAD\" $libexec/shorewall-lite/shorecap" > $directory/capabilities; then - fatal_error "ERROR: Capturing capabilities on system $system failed" + fatal_error "Capturing capabilities on system $system failed" fi fi @@ -1460,7 +1460,7 @@ export_command() # $* = original arguments less the command. target=$2 ;; *) - fatal_error "ERROR: Invalid command syntax (\"man shorewall\" for help)" + fatal_error "Invalid command syntax (\"man shorewall\" for help)" ;; esac @@ -1499,8 +1499,10 @@ usage() # $1 = exit status echo " clear" echo " compile [ -e ] [ -d ] [ ] [ ]" echo " delete [:] ... " + echo " disable " echo " drop
..." echo " dump [ -x ]" + echo " enable " echo " export [ ] [@][:]" echo " forget [ ]" echo " help" @@ -1844,6 +1846,14 @@ case "$COMMAND" in shift update_command $@ ;; + disable|enable) + get_config Yes + if shorewall_is_started; then + run_it ${VARDIR}/firewall $g_debugging $@ + else + fatal_error "Shorewall is not running" + fi + ;; show|list) get_config Yes No Yes shift @@ -1861,7 +1871,7 @@ case "$COMMAND" in ;; status) [ $# -eq 1 ] || usage 1 - [ "$(id -u)" != 0 ] && fatal_error "ERROR: The status command may only be run by root" + [ "$(id -u)" != 0 ] && fatal_error "The status command may only be run by root" get_config echo "Shorewall-$SHOREWALL_VERSION Status at $g_hostname - $(date)" echo diff --git a/Shorewall6-lite/shorewall6-lite b/Shorewall6-lite/shorewall6-lite index 1dd9017d9..6c82412b5 100755 --- a/Shorewall6-lite/shorewall6-lite +++ b/Shorewall6-lite/shorewall6-lite @@ -361,8 +361,10 @@ usage() # $1 = exit status echo "where is one of:" echo " allow
..." echo " clear" + echo " disable " echo " drop
..." echo " dump [ -x ]" + echo " enable " echo " forget [ ]" echo " help" echo " load [ -s ] [ -c ] [ -r ] [ ] " @@ -648,7 +650,7 @@ case "$COMMAND" in ;; status) [ $# -eq 1 ] || usage 1 - [ "$(id -u)" != 0 ] && fatal_error "ERROR: The status command may only be run by root" + [ "$(id -u)" != 0 ] && fatal_error "The status command may only be run by root" echo "Shorewall6 Lite $SHOREWALL_VERSION Status at $g_hostname - $(date)" echo if shorewall6_is_started ; then @@ -728,6 +730,14 @@ case "$COMMAND" in allow) allow_command $@ ;; + disable|enable) + get_config Yes + if shorewall6_is_started; then + run_it ${VARDIR}/firewall $g_debugging $@ + else + fatal_error "Shorewall is not running" + fi + ;; save) [ -n "$debugging" ] && set -x @@ -806,7 +816,6 @@ case "$COMMAND" in temp=$(ip_network $address); echo " NETWORK=$temp" temp=$(broadcastaddress $address); echo " BROADCAST=$temp" ;; - iprange) [ -n "$debugging" ] && set -x case $2 in diff --git a/Shorewall6/lib.cli b/Shorewall6/lib.cli index 180eb5064..b64a53d5b 100644 --- a/Shorewall6/lib.cli +++ b/Shorewall6/lib.cli @@ -29,7 +29,7 @@ # fatal_error() # $@ = Message { - echo " $@" >&2 + echo " ERROR: $@" >&2 exit 2 } diff --git a/Shorewall6/shorewall6 b/Shorewall6/shorewall6 index ca6a0cb86..4c0a36d9e 100755 --- a/Shorewall6/shorewall6 +++ b/Shorewall6/shorewall6 @@ -1380,7 +1380,7 @@ reload_command() # $* = original arguments less the command. progress_message "Getting Capabilities on system $system..." if ! rsh_command "MODULESDIR=$MODULESDIR MODULE_SUFFIX=\"$MODULE_SUFFIX\" IP6TABLES=$IP6TABLES DONT_LOAD=\"$DONT_LOAD\" $libexec/shorewall6-lite/shorecap" > $directory/capabilities; then - fatal_error "ERROR: Capturing capabilities on system $system failed" + fatal_error "Capturing capabilities on system $system failed" fi fi @@ -1461,7 +1461,7 @@ export_command() # $* = original arguments less the command. target=$2 ;; *) - fatal_error "ERROR: Invalid command syntax (\"man shorewall6\" for help)" + fatal_error "Invalid command syntax (\"man shorewall6\" for help)" ;; esac @@ -1500,8 +1500,10 @@ usage() # $1 = exit status echo " clear" echo " compile [ -e ] [ -d ] [ ] [ ]" echo " delete [:] ... " + echo " disable " echo " drop
..." echo " dump [ -x ]" + echo " enable " echo " export [ ] [@][:]" echo " forget [ ]" echo " help" @@ -1840,6 +1842,14 @@ case "$COMMAND" in shift update_command $@ ;; + disable|enable) + get_config Yes + if shorewall6_is_started; then + run_it ${VARDIR}/firewall $g_debugging $@ + else + fatal_error "Shorewall is not running" + fi + ;; show|list) get_config Yes No Yes shift @@ -1857,7 +1867,7 @@ case "$COMMAND" in ;; status) [ $# -eq 1 ] || usage 1 - [ "$(id -u)" != 0 ] && fatal_error "ERROR: The status command may only be run by root" + [ "$(id -u)" != 0 ] && fatal_error "The status command may only be run by root" get_config echo "Shorewall6-$SHOREWALL_VERSION Status at $g_hostname - $(date)" echo diff --git a/manpages-lite/shorewall-lite.xml b/manpages-lite/shorewall-lite.xml index 96206998b..e5f2b2721 100644 --- a/manpages-lite/shorewall-lite.xml +++ b/manpages-lite/shorewall-lite.xml @@ -40,6 +40,19 @@ + + shorewall + + | + + -options + + + + interface + + shorewall-lite @@ -67,6 +80,19 @@ + + shorewall + + | + + -options + + + + interface + + shorewall-lite diff --git a/manpages/shorewall.xml b/manpages/shorewall.xml index 46763e04a..f8446014b 100644 --- a/manpages/shorewall.xml +++ b/manpages/shorewall.xml @@ -117,6 +117,19 @@ zone + + shorewall + + | + + -options + + + + interface + + shorewall @@ -146,6 +159,19 @@ + + shorewall + + | + + -options + + + + interface + + shorewall diff --git a/manpages6-lite/shorewall6-lite.xml b/manpages6-lite/shorewall6-lite.xml index 9f9d6b19b..3d12ab446 100644 --- a/manpages6-lite/shorewall6-lite.xml +++ b/manpages6-lite/shorewall6-lite.xml @@ -40,6 +40,19 @@ + + shorewall + + | + + -options + + + + interface + + shorewall6-lite @@ -67,6 +80,19 @@ + + shorewall + + | + + -options + + + + interface + + shorewall6-lite diff --git a/manpages6/shorewall6.xml b/manpages6/shorewall6.xml index a885b6b6c..445ed285f 100644 --- a/manpages6/shorewall6.xml +++ b/manpages6/shorewall6.xml @@ -98,6 +98,19 @@ pathname + + shorewall + + | + + -options + + + + interface + + shorewall6 @@ -127,6 +140,19 @@ + + shorewall + + | + + -options + + + + interface + + shorewall6