forked from extern/shorewall_code
Add -f option to the restart command
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8607 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
This commit is contained in:
parent
a01d47579d
commit
36e147f57b
@ -6,6 +6,8 @@ Changes in 4.2.0-Beta3
|
||||
|
||||
3) Implement USE_DEFAULT_RT
|
||||
|
||||
4) Add -f option to the restart command.
|
||||
|
||||
Changes in 4.2.0-Beta2
|
||||
|
||||
1) Only issue a warning on RFC 1918 violation.
|
||||
|
@ -130,6 +130,10 @@ Other Changes in Shoreall 4.2.0 Beta 3.
|
||||
Shorewall is started, then all policy routing will stop working
|
||||
(except for those routing rules in the priority range 1-998).
|
||||
|
||||
3) The 'shorewall restart' command now supports an -f option. When
|
||||
this option is specified, no compilation occurs; rather, the script
|
||||
which last started or restarted Shorewall is used.
|
||||
|
||||
New Features in Shorewall 4.2.
|
||||
|
||||
1) Shorewall 4.2 contains support for multiple Internet providers
|
||||
|
@ -761,6 +761,10 @@ restart_command() {
|
||||
DEBUG=Yes
|
||||
option=${option#d}
|
||||
;;
|
||||
f*)
|
||||
FAST=Yes
|
||||
option=${option#f}
|
||||
;;
|
||||
n*)
|
||||
NOROUTES=Yes
|
||||
option=${option#n}
|
||||
@ -804,6 +808,7 @@ restart_command() {
|
||||
fi
|
||||
|
||||
SHOREWALL_DIR=$(resolve_file $1)
|
||||
[ -n "$FAST" ] && fatal_error "Directory may not be specified with the -f option"
|
||||
export SHOREWALL_DIR
|
||||
;;
|
||||
*)
|
||||
@ -816,20 +821,27 @@ restart_command() {
|
||||
export NOROUTES
|
||||
export PURGE
|
||||
|
||||
progress_message3 "Compiling..."
|
||||
if [ -z "$FAST" ]; then
|
||||
progress_message3 "Compiling..."
|
||||
|
||||
if compiler run $debugging $nolock compile ${VARDIR}/.restart; then
|
||||
[ -n "$nolock" ] || mutex_on
|
||||
$SHOREWALL_SHELL ${VARDIR}/.restart $debugging restart
|
||||
rc=$?
|
||||
[ -n "$nolock" ] || mutex_off
|
||||
else
|
||||
rc=$?
|
||||
logger -p kern.err "ERROR:Shorewall restart failed"
|
||||
fi
|
||||
if compiler run $debugging $nolock compile ${VARDIR}/.restart; then
|
||||
[ -n "$nolock" ] || mutex_on
|
||||
$SHOREWALL_SHELL ${VARDIR}/.restart $debugging restart
|
||||
rc=$?
|
||||
[ -n "$nolock" ] || mutex_off
|
||||
else
|
||||
rc=$?
|
||||
logger -p kern.err "ERROR:Shorewall restart failed"
|
||||
fi
|
||||
else
|
||||
[ -x ${VARDIR}/.restore ] || fatal_error "No ${VARDIR}/.restore file found"
|
||||
[ -n "$nolock" ] || mutex_on
|
||||
$SHOREWALL_SHELL ${VARDIR}/.restore $debugging restart
|
||||
rc=$?
|
||||
[ -n "$nolock" ] || mutex_off
|
||||
fi
|
||||
|
||||
|
||||
return $rc
|
||||
return $rc
|
||||
}
|
||||
|
||||
#
|
||||
@ -1436,7 +1448,7 @@ usage() # $1 = exit status
|
||||
echo " reject <address> ..."
|
||||
echo " reload [ -s ] [ -c ] [ -r <root user> ] [ -C {shell|perl} ] [ <directory> ] <system>"
|
||||
echo " reset"
|
||||
echo " restart [ -n ] [ -p ] [ -C {shell|perl} ] [ <directory> ]"
|
||||
echo " restart [ -n ] [ -p ] [ -f ] [ -C {shell|perl} ] [ <directory> ]"
|
||||
echo " restore [ -n ] [ <file name> ]"
|
||||
echo " save [ <file name> ]"
|
||||
echo " show [ -x ] [ -m ] [-f] [ -t {filter|mangle|nat} ] [ {chain [<chain> [ <chain> ... ]|actions|capabilities|classifiers|config|connections|filters|ip|log|macros|mangle|nat|routing|tc|vardir|zones} ]"
|
||||
|
@ -682,7 +682,7 @@ EOF
|
||||
run_started_exit
|
||||
fi
|
||||
|
||||
cp -f $(my_pathname) ${VARDIR}/.restore
|
||||
[ $0 = ${VARDIR}/.restore ] || cp -f $(my_pathname) ${VARDIR}/.restore
|
||||
fi
|
||||
|
||||
date > ${VARDIR}/restarted
|
||||
|
@ -1167,7 +1167,7 @@ compile_refresh_firewall()
|
||||
|
||||
append_file refreshed
|
||||
|
||||
save_command "cp -f \$(my_pathname) \${VARDIR}/.restore"
|
||||
save_command "[ \$0 = \${VARDIR}/.restore ] || cp -f \$(my_pathname) \${VARDIR}/.restore"
|
||||
|
||||
INDENT=""
|
||||
|
||||
|
@ -356,6 +356,8 @@
|
||||
|
||||
<arg><option>-p</option></arg>
|
||||
|
||||
<arg><option>-f</option></arg>
|
||||
|
||||
<arg><option>-C</option> <option>{shell|perl}</option></arg>
|
||||
|
||||
<arg><replaceable>directory</replaceable></arg>
|
||||
@ -1064,6 +1066,10 @@
|
||||
table to be flushed; the <command>conntrack</command> utility must
|
||||
be installed to use this option.</para>
|
||||
|
||||
<para>The <option>-f</option> option suppresses the compilation step
|
||||
and simply reused the compiled script which last started/restarted
|
||||
Shorewall. </para>
|
||||
|
||||
<para>The <option>-C</option> option determines the compiler to use
|
||||
(Shorewall-shell or Shorewall-perl). If not specified, the
|
||||
SHOREWALL_COMPILER setting in <ulink
|
||||
|
Loading…
Reference in New Issue
Block a user