Correct default route save/restore

Signed-off-by: Tom Eastep <teastep@shorewall.net>

Shorewall/Perl/Shorewall/Misc.pm

@@ -1887,7 +1887,7 @@ EOF
     emit 'delete_tc1' if $config{CLEAR_TC};
 
     emit( 'undo_routing',
-	  'restore_default_route'
+	  "restore_default_route $config{USE_DEFAULT_RT}"
 	  );
 
     my @chains = $config{ADMINISABSENTMINDED} ? qw/INPUT FORWARD/ : qw/INPUT OUTPUT FORWARD/;

Shorewall/Perl/Shorewall/Providers.pm

@@ -758,13 +758,21 @@ sub finish_providers() {
 
 	emit  ( 'if [ -n "$DEFAULT_ROUTE" ]; then' );
 	emit  ( "    run_ip route replace default scope global table $table \$DEFAULT_ROUTE" );
-	emit  ( "    qt \$IP -$family route del default table " . MAIN_TABLE ) if $config{USE_DEFAULT_RT};
+
+	if ( $config{USE_DEFAULT_RT} ) {
+	    emit  ( "    while qt \$IP -$family route del default table " . MAIN_TABLE . '; do',
+		    '        true',
+		    '    done',
+		    ''
+		  );
+	}
+ 
 	emit  ( "    progress_message \"Default route '\$(echo \$DEFAULT_ROUTE | sed 's/\$\\s*//')' Added\"",
 		'else',
 		'    error_message "WARNING: No Default route added (all \'balance\' providers are down)"' );
 
 	if ( $config{RESTORE_DEFAULT_ROUTE} ) {
-	    emit '    restore_default_route && error_message "NOTICE: Default route restored"'
+	    emit qq(    restore_default_route $config{USE_DEFAULT_RT} && error_message "NOTICE: Default route restored")
 	} else {
 	    emit qq(    qt \$IP -$family route del default table $table && error_message "WARNING: Default route deleted from table $table");
 	}
@@ -775,7 +783,7 @@ sub finish_providers() {
 	emit ( '#',
 	       '# We don\'t have any \'balance\' providers so we restore any default route that we\'ve saved',
 	       '#',
-	       'restore_default_route' ,
+	       "restore_default_route $config{USE_DEFAULT_RT}" ,
 	       '' );
     }
 
@@ -871,7 +879,7 @@ sub setup_providers() {
 	push_indent;
 
 	emit "\nundo_routing";
-	emit 'restore_default_route';
+	emit "restore_default_route $config{USE_DEFAULT_RT}";
 
 	if ( $config{NULL_ROUTE_RFC1918} ) {
 	    emit  ( '#',

Shorewall/Perl/prog.header

@@ -518,7 +518,27 @@ save_default_route() {
 #
 # Restore the default route that was in place before the initial 'shorewall start'
 #
-restore_default_route() {
+replace_default_route() {
+    if [ -n "$default_route" ]; then
+	case "$default_route" in
+	    *metric*)
+	        #
+	        # Don't restore a default route with a metric unless USE_DEFAULT_RT=Yes. Otherwise, we only replace the one with metric 0
+	        #
+		[ -n "$1" ] && qt $IP -4 route replace $default_route && progress_message "Default Route (${default_route# }) restored"
+		default_route=
+		;;
+	    *)
+		qt $IP -4 route replace $default_route && progress_message "Default Route (${default_route# }) restored"
+		result=0
+		default_route=
+		;;
+	esac
+    fi
+}
+
+restore_default_route() # $1 = USE_DEFAULT_RT
+{
     local result
 
     if [ -z "$g_noroutes" -a -f ${VARDIR}/default_route ]; then
@@ -530,25 +550,7 @@ restore_default_route() {
 	while read route ; do
 	    case $route in
 		default*)
-		    if [ -n "$default_route" ]; then
-			case "$default_route" in
-			    *metric*)
-		                #
-		                # Don't restore a route with a metric -- we only replace the one with metric == 0
-		                #
-				qt $IP -4 route delete default metric 0 && \
-				    progress_message "Default Route with metric 0 deleted"
-				;;
-			    *)
-				qt $IP -4 route replace $default_route && \
-				    result=0 && \
-				    progress_message "Default Route (${default_route# }) restored"
-				;;
-			esac
-
-			break
-		    fi
-
+		    replace_default_route $1
 		    default_route="$default_route $route"
 		    ;;
 		*)
@@ -557,6 +559,15 @@ restore_default_route() {
 	    esac
 	done < ${VARDIR}/default_route
 
+	replace_default_route $1
+	
+	if [ $result = 1 ]; then
+	    #
+	    # We added a default route with metric 0 but there wasn't one previously
+	    #
+	    qt -4 ip route del default metric 0 && progress_message "Default route with metric 0 deleted"
+	fi
+
 	rm -f ${VARDIR}/default_route
     fi
 

Shorewall/Perl/prog.header6

@@ -506,7 +506,14 @@ save_default_route() {
 #
 # Restore the default route that was in place before the initial 'shorewall start'
 #
-restore_default_route() {
+replace_default_route() {
+    qt $IP -6 route replace $default_route && \
+	result=0 && \
+	progress_message "Default Route (${default_route# }) restored"
+}
+
+restore_default_route() # $1 = USE_DEFAULT_RT
+{
     local result
 
     if [ -z "$g_noroutes" -a -f ${VARDIR}/default_route ]; then
@@ -517,24 +524,21 @@ restore_default_route() {
 
 	while read route ; do
 	    case $route in
-		default)
+		default*)
 		    if [ -n "$default_route" ]; then
 			case "$default_route" in
 			    *metric*)
-		                #
-		                # Don't restore a route with a metric -- we only replace the one with metric == 0
-		                #
-				qt $IP -6 route delete default metric 0 && \
-				    progress_message "Default Route with metric 0 deleted"
+				#
+				# Don't restore a default route with a metric unless USE_DEFAULT_RT=Yes. Otherwise, we only replace the one with metric 0
+				#
+				[ -n "$1" ] && replace_default_route
+				default_route=
 				;;
 			    *)
-				qt $IP -6 route replace $default_route && \
-				    result=0 && \
-				    progress_message "Default Route (${default_route# }) restored"
+				replace_default_route
+				default_route=
 				;;
 			esac
-
-			break
 		    fi
 
 		    default_route="$default_route $route"
@@ -545,6 +549,15 @@ restore_default_route() {
 	    esac
 	done < ${VARDIR}/default_route
 
+	if [ -n "$default_route" ]; then
+	    replace_default_route
+	elif [ $result = 1 ]; then
+	    #
+	    # We added a default route with metric 0 but there wasn't one previously
+	    #
+	    qt -6 ip route del default metric 0 && progress_message "Default route with metric 0 deleted"
+	fi
+
 	rm -f ${VARDIR}/default_route
     fi