holm/shorewall_code
1
0
Fork 0
forked from extern/shorewall_code
Code Pull Requests Activity

Fix 'status' command in /usr/share/shorewall/firewall; try to make release notes clearer

Browse Source 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2429 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
This commit is contained in:
teastep 2005-07-28 20:22:25 +00:00
parent 989e1e87a5
commit 48502e75bb
2 changed files with 28 additions and 17 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
Shorewall/firewall
View File

@ -8758,9 +8758,18 @@ case "$COMMAND" in
status) status)
[ $# -ne 1 ] && usage [ $# -ne 1 ] && usage
do_initialize
echo "Shorewall-$version Status at $HOSTNAME - $(date)" echo "Shorewall-$version Status at $HOSTNAME - $(date)"
echo echo
$IPTABLES -L -n -v if chain_exists shorewall; then
echo "Shorewall is started"
echo
[ -f /var/lib/shorewall/restarted ] && \
echo "Counters reset $(cat /var/lib/shorewall/restarted)" && \
echo
else
echo "Shorewall is not started"
fi
;; ;;
reset) reset)

34
Shorewall/releasenotes.txt
View File

@ -31,7 +31,24 @@ Migration Considerations:
2) The "DISPLAY" and "COMMENTS" columns in the /etc/shorewall/zones 2) The "DISPLAY" and "COMMENTS" columns in the /etc/shorewall/zones
file have been removed and have been replaced by the former file have been removed and have been replaced by the former
columns of the /etc/shorewall/ipsec file. The latter file has been columns of the /etc/shorewall/ipsec file. The latter file has been
removed. As a result, the columns in the /etc/shorewall/zones file removed.
To attempt to adhere to the principle of least astonishment, the
old /etc/shorewall/ipsec file will continue to be supported. A new
IPSECFILE variable in /etc/shorewall/shorewall.conf determines the
name of the file that Shorewall looks in for IPSEC information. If
that variable is not set or is set to the empty value then
IPSECFILE=ipsec is assumed. So if you simply upgrade and don't do
something idiotic like replace your current shorewall.conf file with
the new one, your old configuration will continue to work. A dummy
'ipsec' file is included in the release so that your package manager
(e.g., rpm) won't remove your existing file.
The shorewall.conf file included in this release sets
IPSECFILE=zones so that new users are expected to use the new zone
file format.
As a result, the columns in the /etc/shorewall/zones file
are now as follows: are now as follows:
ZONE Short name of the zone (5 Characters or less in ZONE Short name of the zone (5 Characters or less in
@ -95,21 +112,6 @@ Migration Considerations:
THE ORDER OF THE ENTRIES IN THIS FILE IS IMPORTANT IF YOU HAVE THE ORDER OF THE ENTRIES IN THIS FILE IS IMPORTANT IF YOU HAVE
NESTED OR OVERLAPPING ZONES DEFINED THROUGH /etc/shorewall/hosts. NESTED OR OVERLAPPING ZONES DEFINED THROUGH /etc/shorewall/hosts.
To attempt to adhere to the principle of least astonishment, the
old /etc/shorewall/ipsec file will continue to be supported. A new
IPSECFILE variable in /etc/shorewall/shorewall.conf determines the
name of the file that Shorewall looks in for IPSEC information. If
that variable is not set or is set to the empty value then
IPSECFILE=ipsec is assumed. So if you simply upgrade and don't do
something idiotic like replace your current shorewall.conf file with
the new one, your old configuration will continue to work. A dummy
'ipsec' file is included in the release so that your package manager
(e.g., rpm) won't remove your existing file.
The shorewall.conf file included in this release sets
IPSECFILE=zones so that new users are expected to use the new zone
file format.
3) The DROPINVALID option has been removed from shorewall.conf. The 3) The DROPINVALID option has been removed from shorewall.conf. The
behavior will be as if DROPINVALID=No had been specified. If you behavior will be as if DROPINVALID=No had been specified. If you