holm/shorewall_code
1
0
Fork 0
forked from extern/shorewall_code
Code Pull Requests Activity

OpenWRT support in the installers

Browse Source 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
This commit is contained in:
Tom Eastep 2015-11-04 13:29:59 -08:00
parent ca0ac0473c
commit 3d4cde76aa
8 changed files with 364 additions and 55 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

43
Shorewall-core/install.sh
View File

@ -66,15 +66,6 @@ mywhich() {
return 2
}
run_install()
{
if ! install $*; then
echo
echo "ERROR: Failed to install $*" >&2
exit 1
fi
}
cant_autostart()
{
echo
@ -88,7 +79,20 @@ delete_file() # $1 = file to delete
install_file() # $1 = source $2 = target $3 = mode
{
run_install $T $OWNERSHIP -m $3 $1 ${2}
if cp -f $1 $2; then
if chmod $3 $2; then
if [ -n "$OWNER" ]; then
if chown $OWNER:$GROUP $2; then
return
fi
else
return 0
fi
fi
fi
echo "ERROR: Failed to install $2" >&2
exit 1
}
require()
@ -133,8 +137,6 @@ while [ $finished -eq 0 ]; do
esac
done
[ -n $(mywhich install) ] || fatal_error "This installer requires the 'install' utility"
#
# Read the RC file
#
@ -183,10 +185,6 @@ done
[ "${INITFILE}" != 'none/' ] && require INITSOURCE && require INITDIR
T="-T"
INSTALLD='-D'
if [ -z "$BUILD" ]; then
case $(uname) in
cygwin*|CYGWIN*)
@ -228,6 +226,8 @@ if [ -z "$BUILD" ]; then
BUILD=suse
elif [ -f /etc/arch-release ] ; then
BUILD=archlinux
elif [ -f ${CONFDIR}/openwrt-release ] ; then
BUILD=openwrt
else
BUILD=linux
fi
@ -254,17 +254,15 @@ case $BUILD in
[ -z "$OWNER" ] && OWNER=root
[ -z "$GROUP" ] && GROUP=wheel
INSTALLD=
T=
;;
*)
[ -z "$OWNER" ] && OWNER=root
[ -z "$GROUP" ] && GROUP=root
if [ $(id -n) -eq 0 ]; then
[ -z "$OWNER" ] && OWNER=root
[ -z "$GROUP" ] && GROUP=root
fi
;;
esac
OWNERSHIP="-o $OWNER -g $GROUP"
#
# Determine where to install the firewall script
#
@ -307,7 +305,6 @@ if [ -n "$DESTDIR" ]; then
if [ $BUILD != cygwin ]; then
if [ `id -u` != 0 ] ; then
echo "Not setting file owner/group permissions, not running as root."
OWNERSHIP=""
fi
fi
fi

26
Shorewall-core/shorewallrc Normal file
View File

@ -0,0 +1,26 @@
#
# Created by Shorewall Core version 4.6.12 configure - Wed Nov 4 12:18:09 PST 2015
#
# Input: HOST=openwrt
#
HOST=openwrt
PREFIX=/usr
SHAREDIR=${PREFIX}/share
LIBEXECDIR=${PREFIX}/share
PERLLIBDIR=${PREFIX}/share/shorewall
CONFDIR=/etc
SBINDIR=/sbin
MANDIR=${PREFIX}/man
INITDIR=/etc/init.d
INITSOURCE=init.openwrt.sh
INITFILE=$PRODUCT
AUXINITSOURCE=
AUXINITFILE=
SERVICEDIR=
SERVICEFILE=
SYSCONFFILE=default.openwrt
SYSCONFDIR=${CONFDIR}/sysconfig
SPARSE=
ANNOTATED=
VARLIB=/lib
VARDIR=${VARLIB}/$PRODUCT

26
Shorewall-core/shorewallrc.openwrt Normal file
View File

@ -0,0 +1,26 @@
#
# Created by Shorewall Core version 5.0.2-Beta2 configure - Mon, Nov 02, 2015 8:13:14 AM
#
# Input: host=default initsource=init.openwrt.sh sysconfdir=${CONFDIR}/sysconfig sysconffile=default.openwrt varlib=/lib
#
HOST=linux
PREFIX=/usr
SHAREDIR=${PREFIX}/share
LIBEXECDIR=${PREFIX}/share
PERLLIBDIR=${PREFIX}/share/shorewall
CONFDIR=/etc
SBINDIR=/sbin
MANDIR=${PREFIX}/man
INITDIR=/etc/init.d
INITSOURCE=init.openwrt.sh
INITFILE=$PRODUCT
AUXINITSOURCE=
AUXINITFILE=
SERVICEDIR=
SERVICEFILE=
SYSCONFFILE=default.openwrt
SYSCONFDIR=${CONFDIR}/sysconfig
SPARSE=
ANNOTATED=
VARLIB=/lib
VARDIR=${VARLIB}/$PRODUCT

25
Shorewall-lite/default.openwrt Normal file
View File

@ -0,0 +1,25 @@
# sysV init file script configuration(/etc/sysconfdir/shorewall-lite)
# startup option(default "-vvv")
OPTIONS=
# change default start run level(if none empty; /etc/init.d/shorewall-lite enable)
START=50
# change default stop run level(if none empty; /etc/init.d/shorewall-lite enable)
STOP=
# option to pass when shorewall start is executed
STARTOPTIONS=
# option to pass when shorewall restart is executed
RESTARTOPTIONS=
# option to pass when shorewall reload is executed
RELOADOPTIONS=
# option to pass when shorewall stop is executed
STOPOPTIONS=
# option to pass when shorewall status is executed
STATUSOPTIONS=

98
Shorewall-lite/init.openwrt.sh Executable file
View File

@ -0,0 +1,98 @@
#!/bin/sh /etc/rc.common
#
# The Shoreline Firewall (Shorewall) Packet Filtering Firewall - V4.5
#
# (c) 1999,2000,2001,2002,2003,2004,2005,2006,2007,2012,2014 - Tom Eastep (teastep@shorewall.net)
# (c) 2015 - Matt Darfeuille - (matdarf@gmail.com)
#
# On most distributions, this file should be called /etc/init.d/shorewall.
#
# Complete documentation is available at http://shorewall.net
#
# This program is part of Shorewall.
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by the
# Free Software Foundation, either version 2 of the license or, at your
# option, any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, see <http://www.gnu.org/licenses/>.
#
# If an error occurs while starting or restarting the firewall, the
# firewall is automatically stopped.
#
# Commands are:
#
# shorewall-lite start Starts the firewall
# shorewall-lite restart Restarts the firewall
# shorewall-lite reload Reload the firewall
# (same as restart)
# shorewall-lite stop Stops the firewall
# shorewall-lite status Displays firewall status
#
# description: Packet filtering firewall
# openwrt stuph
# start and stop runlevel variable
#START=21
#STOP=91
# variable to display what the status command do when /etc/init.d/shorewall-lite is invoke without argument
EXTRA_COMMANDS="status"
EXTRA_HELP="Displays shorewall status"
################################################################################
# Get startup options (override default)
################################################################################
OPTIONS="-vvv"
#
# The installer may alter this
#
. /usr/share/shorewall/shorewallrc
if [ -f ${SYSCONFDIR}/shorewall-lite ]; then
. ${SYSCONFDIR}/shorewall-lite
fi
START=${START:-21}
STOP=${STOP:-91}
SHOREWALL_INIT_SCRIPT=1
################################################################################
# E X E C U T I O N B E G I N S H E R E #
################################################################################
# arg1 of init script is arg2 when rc.common is sourced; set to action variable
command="$action"
start() {
exec ${SBINDIR}/shorewall-lite $OPTIONS $command ${STARTOPTIONS:-$@}
}
boot() {
local command="start"
start
}
restart() {
exec ${SBINDIR}/shorewall-lite $OPTIONS $command ${RESTARTOPTIONS:-$@}
}
reload() {
exec ${SBINDIR}/shorewall-lite $OPTIONS $command ${RELOADOPTION:-$@}
}
stop() {
exec ${SBINDIR}/shorewall-lite $OPTIONS $command ${STOPOPTIONS:-$@}
}
status() {
exec ${SBINDIR}/shorewall-lite $OPTIONS $command ${STATUSOPTIONS:-$@}
}

78
Shorewall-lite/install.sh
View File

@ -67,15 +67,6 @@ mywhich() {
return 2
}
run_install()
{
if ! install $*; then
echo
echo "ERROR: Failed to install $*" >&2
exit 1
fi
}
cant_autostart()
{
echo
@ -89,7 +80,28 @@ delete_file() # $1 = file to delete
install_file() # $1 = source $2 = target $3 = mode
{
run_install $T $OWNERSHIP -m $3 $1 ${2}
if cp -f $1 $2; then
if chmod $3 $2; then
if [ -n "$OWNER" ]; then
if chown $OWNER:$GROUP $2; then
return
fi
else
return 0
fi
fi
fi
echo "ERROR: Failed to install $2" >&2
exit 1
}
make_directory() # $1 = directory , $2 = mode
{
mkdir -p $1
chmod 755 $1
[ -n "$OWNERSHIP" ] && chown $OWNERSHIP $1
}
require()
@ -151,8 +163,6 @@ while [ $finished -eq 0 ] ; do
esac
done
[ -n $(mywhich install) ] || fatal_error "This installer requires the 'install' utility"
#
# Read the RC file
#
@ -203,8 +213,6 @@ PATH=${SBINDIR}:/bin:/usr${SBINDIR}:/usr/bin:/usr/local/bin:/usr/local${SBINDIR}
# Determine where to install the firewall script
#
cygwin=
INSTALLD='-D'
T='-T'
if [ -z "$BUILD" ]; then
case $(uname) in
@ -247,6 +255,8 @@ if [ -z "$BUILD" ]; then
BUILD=slackware
elif [ -f ${CONFDIR}/arch-release ] ; then
BUILD=archlinux
elif [ -f ${CONFDIR}/openwrt-release ] ; then
BUILD=openwrt
else
BUILD=linux
fi
@ -262,16 +272,16 @@ case $BUILD in
apple)
[ -z "$OWNER" ] && OWNER=root
[ -z "$GROUP" ] && GROUP=wheel
INSTALLD=
T=
;;
*)
[ -z "$OWNER" ] && OWNER=root
[ -z "$GROUP" ] && GROUP=root
if [ $(id -n) -eq 0 ]; then
[ -z "$OWNER" ] && OWNER=root
[ -z "$GROUP" ] && GROUP=root
fi
;;
esac
OWNERSHIP="-o $OWNER -g $GROUP"
[ -n "$OWNER" ] && OWNERSHIP="$OWNER:$GROUP"
[ -n "$HOST" ] || HOST=$BUILD
@ -302,6 +312,9 @@ case "$HOST" in
suse)
echo "Installing Suse-specific configuration..."
;;
openwrt)
echo "Installing OpenWRT-specific configuration..."
;;
linux)
;;
*)
@ -318,8 +331,9 @@ if [ -n "$DESTDIR" ]; then
OWNERSHIP=""
fi
install -d $OWNERSHIP -m 755 ${DESTDIR}${SBINDIR}
install -d $OWNERSHIP -m 755 ${DESTDIR}${INITDIR}
make_directory ${DESTDIR}${SBINDIR} 755
make_directory ${DESTDIR}${INITDIR} 755
else
if [ ! -f ${SHAREDIR}/shorewall/coreversion ]; then
echo "$PRODUCT $VERSION requires Shorewall Core which does not appear to be installed" >&2
@ -359,7 +373,7 @@ fi
delete_file ${DESTDIR}/usr/share/$PRODUCT/xmodules
install_file $PRODUCT ${DESTDIR}${SBINDIR}/$PRODUCT 0544
[ -n "${INITFILE}" ] && install -d $OWNERSHIP -m 755 ${DESTDIR}${INITDIR}
[ -n "${INITFILE}" ] && make_directory ${DESTDIR}${INITDIR} 755
echo "$Product control program installed in ${DESTDIR}${SBINDIR}/$PRODUCT"
@ -401,7 +415,7 @@ fi
if [ -n "$SERVICEDIR" ]; then
mkdir -p ${DESTDIR}${SERVICEDIR}
[ -z "$SERVICEFILE" ] && SERVICEFILE=$PRODUCT.service
run_install $OWNERSHIP -m 644 $SERVICEFILE ${DESTDIR}${SERVICEDIR}/$PRODUCT.service
install_file $SERVICEFILE ${DESTDIR}${SERVICEDIR}/$PRODUCT.service 644
[ ${SBINDIR} != /sbin ] && eval sed -i \'s\|/sbin/\|${SBINDIR}/\|\' ${DESTDIR}${SERVICEDIR}/$PRODUCT.service
echo "Service file $SERVICEFILE installed as ${DESTDIR}${SERVICEDIR}/$PRODUCT.service"
fi
@ -423,7 +437,7 @@ fi
#
# Install the Makefile
#
run_install $OWNERSHIP -m 0600 Makefile ${DESTDIR}${CONFDIR}/$PRODUCT
install_file Makefile ${DESTDIR}${CONFDIR}/$PRODUCT/Makefile 0600
[ $SHAREDIR = /usr/share ] || eval sed -i \'s\|/usr/share/\|${SHAREDIR}/\|\' ${DESTDIR}${CONFDIR}/$PRODUCT/Makefile
[ $SBINDIR = /sbin ] || eval sed -i \'s\|/sbin/\|${SBINDIR}/\|\' ${DESTDIR}${CONFDIR}/$PRODUCT/Makefile
echo "Makefile installed as ${DESTDIR}${CONFDIR}/$PRODUCT/Makefile"
@ -463,17 +477,17 @@ echo "Capability file builder installed in ${DESTDIR}${LIBEXECDIR}/$PRODUCT/shor
#
if [ -f modules ]; then
run_install $OWNERSHIP -m 0600 modules ${DESTDIR}${SHAREDIR}/$PRODUCT
install_file modules ${DESTDIR}${SHAREDIR}/$PRODUCT/modules 0600
echo "Modules file installed as ${DESTDIR}${SHAREDIR}/$PRODUCT/modules"
fi
if [ -f helpers ]; then
run_install $OWNERSHIP -m 0600 helpers ${DESTDIR}${SHAREDIR}/$PRODUCT
install_file helpers ${DESTDIR}${SHAREDIR}/$PRODUCT/helpers 600
echo "Helper modules file installed as ${DESTDIR}${SHAREDIR}/$PRODUCT/helpers"
fi
for f in modules.*; do
run_install $OWNERSHIP -m 0644 $f ${DESTDIR}${SHAREDIR}/$PRODUCT/$f
install_file $f ${DESTDIR}${SHAREDIR}/$PRODUCT/$f 644
echo "Module file $f installed as ${DESTDIR}${SHAREDIR}/$PRODUCT/$f"
done
@ -484,17 +498,17 @@ done
if [ -d manpages ]; then
cd manpages
[ -n "$INSTALLD" ] || mkdir -p ${DESTDIR}${MANDIR}/man5/ ${DESTDIR}${MANDIR}/man8/
mkdir -p ${DESTDIR}${MANDIR}/man5/ ${DESTDIR}${MANDIR}/man8/
for f in *.5; do
gzip -c $f > $f.gz
run_install $T $INSTALLD $OWNERSHIP -m 0644 $f.gz ${DESTDIR}${MANDIR}/man5/$f.gz
install_file $f.gz ${DESTDIR}${MANDIR}/man5/$f.gz 644
echo "Man page $f.gz installed to ${DESTDIR}${MANDIR}/man5/$f.gz"
done
for f in *.8; do
gzip -c $f > $f.gz
run_install $T $INSTALLD $OWNERSHIP -m 0644 $f.gz ${DESTDIR}${MANDIR}/man8/$f.gz
install_file $f.gz ${DESTDIR}${MANDIR}/man8/$f.gz 644
echo "Man page $f.gz installed to ${DESTDIR}${MANDIR}/man8/$f.gz"
done
@ -504,7 +518,7 @@ if [ -d manpages ]; then
fi
if [ -d ${DESTDIR}${CONFDIR}/logrotate.d ]; then
run_install $OWNERSHIP -m 0644 logrotate ${DESTDIR}${CONFDIR}/logrotate.d/$PRODUCT
install_file logrotate ${DESTDIR}${CONFDIR}/logrotate.d/$PRODUCT 644
echo "Logrotate file installed as ${DESTDIR}${CONFDIR}/logrotate.d/$PRODUCT"
fi
@ -535,7 +549,7 @@ if [ -n "$SYSCONFFILE" -a -f "$SYSCONFFILE" -a ! -f ${DESTDIR}${SYSCONFDIR}/${PR
chmod 755 ${DESTDIR}${SYSCONFDIR}
fi
run_install $OWNERSHIP -m 0644 ${SYSCONFFILE} ${DESTDIR}${SYSCONFDIR}/${PRODUCT}
install_file ${SYSCONFFILE} ${DESTDIR}${SYSCONFDIR}/${PRODUCT}
echo "$SYSCONFFILE installed in ${DESTDIR}${SYSCONFDIR}/${PRODUCT}"
fi

25
Shorewall6-lite/default.openwrt Normal file
View File

@ -0,0 +1,25 @@
# sysV init file script configuration(/etc/sysconfdir/shorewall-lite)
# startup option(default "-vvv")
OPTIONS=
# change default start run level(if none empty; /etc/init.d/shorewall-lite enable)
START=50
# change default stop run level(if none empty; /etc/init.d/shorewall-lite enable)
STOP=
# option to pass when shorewall start is executed
STARTOPTIONS=
# option to pass when shorewall restart is executed
RESTARTOPTIONS=
# option to pass when shorewall reload is executed
RELOADOPTIONS=
# option to pass when shorewall stop is executed
STOPOPTIONS=
# option to pass when shorewall status is executed
STATUSOPTIONS=

98
Shorewall6-lite/init.openwrt.sh Executable file
View File

@ -0,0 +1,98 @@
#!/bin/sh /etc/rc.common
#
# The Shoreline Firewall (Shorewall) Packet Filtering Firewall - V4.5
#
# (c) 1999,2000,2001,2002,2003,2004,2005,2006,2007,2012,2014 - Tom Eastep (teastep@shorewall.net)
# (c) 2015 - Matt Darfeuille - (matdarf@gmail.com)
#
# On most distributions, this file should be called /etc/init.d/shorewall.
#
# Complete documentation is available at http://shorewall.net
#
# This program is part of Shorewall.
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by the
# Free Software Foundation, either version 2 of the license or, at your
# option, any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, see <http://www.gnu.org/licenses/>.
#
# If an error occurs while starting or restarting the firewall, the
# firewall is automatically stopped.
#
# Commands are:
#
# shorewall6-lite start Starts the firewall
# shorewall6-lite restart Restarts the firewall
# shorewall6-lite reload Reload the firewall
# (same as restart)
# shorewall6-lite stop Stops the firewall
# shorewall6-lite status Displays firewall status
#
# description: Packet filtering firewall
# openwrt stuph
# start and stop runlevel variable
#START=21
#STOP=91
# variable to display what the status command do when /etc/init.d/shorewall6-lite is invoke without argument
EXTRA_COMMANDS="status"
EXTRA_HELP="Displays shorewall status"
################################################################################
# Get startup options (override default)
################################################################################
OPTIONS="-vvv"
#
# The installer may alter this
#
. /usr/share/shorewall/shorewallrc
if [ -f ${SYSCONFDIR}/shorewall6-lite ]; then
. ${SYSCONFDIR}/shorewall6-lite
fi
START=${START:-21}
STOP=${STOP:-91}
SHOREWALL_INIT_SCRIPT=1
################################################################################
# E X E C U T I O N B E G I N S H E R E #
################################################################################
# arg1 of init script is arg2 when rc.common is sourced; set to action variable
command="$action"
start() {
exec ${SBINDIR}/shorewall6-lite $OPTIONS $command ${STARTOPTIONS:-$@}
}
boot() {
local command="start"
start
}
restart() {
exec ${SBINDIR}/shorewall6-lite $OPTIONS $command ${RESTARTOPTIONS:-$@}
}
reload() {
exec ${SBINDIR}/shorewall6-lite $OPTIONS $command ${RELOADOPTION:-$@}
}
stop() {
exec ${SBINDIR}/shorewall6-lite $OPTIONS $command ${STOPOPTIONS:-$@}
}
status() {
exec ${SBINDIR}/shorewall6-lite $OPTIONS $command ${STATUSOPTIONS:-$@}
}