Implement 'restart -c'

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-05-23 06:39:26 -07:00 · 2011-05-23 06:39:26 -07:00 · 485a7fb29d
commit 485a7fb29d
parent e95003b82a
6 changed files with 49 additions and 5 deletions
--- a/Shorewall/changelog.txt
+++ b/Shorewall/changelog.txt
@ -4,6 +4,8 @@ Changes in Shorewall 4.4.20 Beta 4

 2)  Implement LEGACY_FASTSTART option.

+3)  Add a '-c' option to the restart command.
+
 Changes in Shorewall 4.4.20 Beta 3

 1)  Add auditing support.
--- a/Shorewall/releasenotes.txt
+++ b/Shorewall/releasenotes.txt
@ -147,6 +147,14 @@ VI.   PROBLEMS CORRECTED AND NEW FEATURES IN PRIOR RELEASES
    LEGACY_FASTSTART=No, 'start -f' and 'restart -f' compare with
    /var/lib/shorewall[6]/firewall.

+7)  A '-c' (compile) option has been added to the 'restart'
+    command in both Shorewall and Shorewall6. It overrides the setting
+    of AUTOMAKE and unconditionally forces a recompilation of the
+    configuration.
+
+    When both -c and -f are specified, the result is determined by the
+    option that appears last.
+
 ----------------------------------------------------------------------------
             I V.  R E L E A S E  4 . 4  H I G H L I G H T S
 ----------------------------------------------------------------------------
--- a/Shorewall/shorewall
+++ b/Shorewall/shorewall
@ -724,6 +724,10 @@ restart_command() {
 			    g_fast=Yes
 			    option=${option#f}
 			    ;;
+			c*)
+			    AUTOMAKE=
+			    option=${option#c}
+			    ;;			    
 			n*)
 			    g_noroutes=Yes
 			    option=${option#n}
@ -1385,7 +1389,7 @@ usage() # $1 = exit status
    echo "   reject <address> ..."
    echo "   reload [ -s ] [ -c ] [ -r <root user> ] [ <directory> ] <system>"
    echo "   reset [ <chain> ... ]"
-    echo "   restart [ -n ] [ -p ] [ -f ] [ <directory> ]"
+    echo "   restart [ -n ] [ -p ] [-d] [ -f ] [ -c ][ <directory> ]"
    echo "   restore [ -n ] [ <file name> ]"
    echo "   save [ <file name> ]"
    echo "   show [ -x ] [ -t {filter|mangle|nat} ] [ {chain [<chain> [ <chain> ... ]"
--- a/Shorewall6/shorewall6
+++ b/Shorewall6/shorewall6
@ -651,6 +651,10 @@ restart_command() {
 			    g_fast=Yes
 			    option=${option#f}
 			    ;;
+			c*)
+			    AUTOMAKE=
+			    option=${option#c}
+			    ;;			    
 			n*)
 			    g_noroutes=Yes
 			    option=${option#n}
@ -1310,7 +1314,7 @@ usage() # $1 = exit status
    echo "   reject <address> ..."
    echo "   reload [ -s ] [ -c ] [ -r <root user> ] [ <directory> ] <system>"
    echo "   reset [ <chain> ... ]"
-    echo "   restart [ -n ] [ -f ] [ <directory> ]"
+    echo "   restart [ -n ] [ -p ] [-d] [ -f ] [ -c ][ <directory> ]"
    echo "   restore [ -n ] [ <file name> ]"
    echo "   save [ <file name> ]"
    echo "   show [ -x ] [ -m ] [-f] [ -t {filter|mangle} ] [ {chain [<chain> [ <chain> ... ]|actions|capabilities|classifiers|config|connections|filters|ip|log [<regex>]|macros|mangle|nat|policies|raw|routing|tc|vardir|zones} ]"
--- a/manpages/shorewall.xml
+++ b/manpages/shorewall.xml
@ -377,10 +377,12 @@

      <arg><option>-n</option></arg>

-      <arg><option>-p</option></arg>
+      <arg><option>-p</option><arg><option>-d</option></arg></arg>

      <arg><option>-f</option></arg>

+      <arg><option>-c</option></arg>
+
      <arg><replaceable>directory</replaceable></arg>
    </cmdsynopsis>

@ -1114,9 +1116,18 @@
          table to be flushed; the <command>conntrack</command> utility must
          be installed to use this option.</para>

+          <para>The <option>-d </option>option causes the compiler to run
+          under the Perl debugger.</para>
+
          <para>The <option>-f</option> option suppresses the compilation step
          and simply reused the compiled script which last started/restarted
-          Shorewall.</para>
+          Shorewall, provided that /etc/shorewall and its contents have not
+          been modified since the last start/restart.</para>
+
+          <para>The <option>-c</option> option was added in Shorewall 4.4.20
+          and performs the compilation step unconditionally, overriding the
+          AUTOMAKE setting in <ulink
+          url="shorewall.conf.html">shorewall.conf</ulink>(5).</para>
        </listitem>
      </varlistentry>

--- a/manpages6/shorewall6.xml
+++ b/manpages6/shorewall6.xml
@ -922,9 +922,24 @@
          <para>The <option>-n</option> option causes Shorewall6 to avoid
          updating the routing table(s).</para>

+          <para>The <option>-p</option> option causes the connection tracking
+          table to be flushed; the <command>conntrack</command> utility must
+          be installed to use this option.</para>
+
+          <para>The <option>-d </option>option causes the compiler to run
+          under the Perl debugger.</para>
+
          <para>The <option>-f</option> option suppresses the compilation step
          and simply reused the compiled script which last started/restarted
-          Shorewall6.</para>
+          Shorewall, provided that /etc/shorewall6 and its contents have not
+          been modified since the last start/restart.</para>
+
+          <para>The <option>-c</option> option was added in Shorewall 4.4.20
+          and performs the compilation step unconditionally, overriding the
+          AUTOMAKE setting in <ulink
+          url="shorewall6.conf.html">shorewall6.conf</ulink>(5). When both
+          <option>-f</option> and <option>-c </option>are present, the result
+          is determined by the option that appears last.</para>
        </listitem>
      </varlistentry>