Make 'trace' a synonym for 'debug'

git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1136 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-02-10 23:30:20 +00:00 · 2004-02-10 23:30:20 +00:00 · 485a4d06ae
commit 485a4d06ae
parent 76c17d9f9f
4 changed files with 28 additions and 7 deletions
--- a/Shorewall2/changelog.txt
+++ b/Shorewall2/changelog.txt
@ -32,3 +32,5 @@ Changes since 1.4.10

 16) Removed the DropBcast and DropNonSyn actions and replaced them with
    builtin actions dropBcast and dropNonSyn.
+
+17) Make "trace" a synonym for "debug"
--- a/Shorewall2/firewall
+++ b/Shorewall2/firewall
@ -571,7 +571,7 @@ validate_interfaces_file() {
 			error_message \
 			    "Warning: The 'dropunclean' and 'logunclean' options are not supported by Shorewall 2.0"
 			error_message \
-			    "         PLEASE STAND BY WHILE shorewall REFORMATS YOUR HARD DRIVE TO REMOVE THESE OPTIONS..."
+			    "         PLEASE STAND BY WHILE SHOREWALL REFORMATS YOUR HARD DRIVE TO REMOVE THESE OPTIONS..."
 			sleep 5
 			error_message "GOTCHA!!!! :-)"
 			error_message \
--- a/Shorewall2/releasenotes.txt
+++ b/Shorewall2/releasenotes.txt
@ -5,7 +5,7 @@ Problems Corrected since prior version.

 	 None - this is the initial release.
 -----------------------------------------------------------------------
-Issues when migrating from Shorewall to Shorewall:
+Issues when migrating from Shorewall 1.4.x to Shorewall 2.0.0:

 1) The 'dropunclean' and 'logunclean' interface options are no longer
   supported. If either option is specified in
@ -18,11 +18,11 @@ Issues when migrating from Shorewall to Shorewall:
   now always take precidence over one-to-one NAT specifications.

 3) The default value for the ALL INTERFACES column in
-   /etc/shorewall/nat has changed. In Shorewall, if the column was
+   /etc/shorewall/nat has changed. In Shorewall 1.*, if the column was
   left empty, a value of "Yes" was assumed. This has been changed so
   that a value of "No" is now assumed.

-4) The following files don't exist in Shorewall:
+4) The following files don't exist in Shorewall 2.0:

       /etc/shorewall/common.def
       /etc/shorewall/common
@ -152,7 +152,14 @@ New Features:

 4) There is a new PERSISTENT column in the proxyarp file. A value of
   "Yes" in this column means that the route added by Shorewall for
-   this host will remain after a "shorewall stop" or "shorewall clear". 
+   this host will remain after a "shorewall stop" or "shorewall clear".
+
+5) "trace" is now a synonym for "debug" in /sbin/shorewall commands.
+   So to trace the "start" command, you could enter:
+
+      shorewall trace start 2> /tmp/trace
+
+   The trace information would be written to the file /tmp/trace.


 
--- a/Shorewall2/shorewall
+++ b/Shorewall2/shorewall
@ -531,7 +531,7 @@ help()
 #
 usage() # $1 = exit status
 {
-    echo "Usage: $(basename $0) [debug] [nolock] [-c <directory>] <command>"
+    echo "Usage: $(basename $0) [debug|trace] [nolock] [-c <directory>] <command>"
    echo "where <command> is one of:"
    echo "   add <interface>[:<host>] <zone>"
    echo "   allow <address> ..."
@ -573,7 +573,7 @@ show_reset() {
 #
 debugging=

-if [ $# -gt 0 ] && [ "$1" = "debug" ]; then
+if [ $# -gt 0 ] && [ "$1" = "debug" -o "$1" = "trace" ]; then
    debugging=debug
    shift
 fi
@ -698,6 +698,7 @@ case "$1" in
 	exec $SHOREWALL_SHELL $FIREWALL $debugging $nolock $1 $2 $3
 	;;
    show|list)
+    	[ -n "$debugging" ] && set -x
 	case "$2" in
 	connections)
 	    [ $# -gt 2 ] && usage 1
@ -757,6 +758,7 @@ case "$1" in
 	esac
 	;;
    monitor)
+    	[ -n "$debugging" ] && set -x
 	if [ $# -eq 2 ]; then
 	    monitor_firewall $2
 	elif [ $# -eq 1 ]; then
@ -766,6 +768,7 @@ case "$1" in
 	fi
 	;;
    status)
+    	[ -n "$debugging" ] && set -x
 	[ $# -eq 1 ] || usage 1
 	get_config
 	clear
@ -788,6 +791,7 @@ case "$1" in
 	cat /proc/net/ip_conntrack
 	;;
    hits)
+    	[ -n "$debugging" ] && set -x
 	[ $# -eq 1 ] || usage 1
 	get_config
 	clear
@ -848,6 +852,7 @@ case "$1" in
 	fi
 	;;
    logwatch)
+    	[ -n "$debugging" ] && set -x
 	if [ $# -eq 2 ]; then
 	    logwatch $2
 	elif [ $# -eq 1 ]; then
@ -857,6 +862,7 @@ case "$1" in
 	fi
 	;;
    drop)
+    	[ -n "$debugging" ] && set -x
 	[ $# -eq 1 ] && usage 1
 	mutex_on
 	while [ $# -gt 1 ]; do
@ -869,6 +875,7 @@ case "$1" in
 	mutex_off
 	;;
    reject)
+    	[ -n "$debugging" ] && set -x
 	[ $# -eq 1 ] && usage 1
 	mutex_on
 	while [ $# -gt 1 ]; do
@ -881,6 +888,7 @@ case "$1" in
 	mutex_off
 	;;
    allow)
+    	[ -n "$debugging" ] && set -x
 	[ $# -eq 1 ] && usage 1
 	mutex_on
 	while [ $# -gt 1 ]; do
@ -894,6 +902,7 @@ case "$1" in
 	mutex_off
 	;;
    save)
+    	[ -n "$debugging" ] && set -x
 	[ $# -ne 1 ] && usage 1
 	mutex_on
 	if qt iptables -L shorewall -n; then
@ -910,6 +919,7 @@ case "$1" in
 	mutex_off
 	;;
    ipcalc)
+    	[ -n "$debugging" ] && set -x
 	if [ $# -eq 2 ]; then
 	    address=${2%/*}
 	    vlsm=${2#*/}
@ -933,6 +943,7 @@ case "$1" in
 	;;

    iprange)
+    	[ -n "$debugging" ] && set -x
 	case $2 in
 	    *.*.*.*-*.*.*.*)
 		ip_range $2
@ -943,6 +954,7 @@ case "$1" in
 	esac
 	;;
    call) 
+    	[ -n "$debugging" ] && set -x
 	#
 	# Undocumented way to call functions in /usr/share/shorewall/functions directly
 	#