diff --git a/docs/MultiISP.xml b/docs/MultiISP.xml index 7e2d07ab2..5fe940cba 100644 --- a/docs/MultiISP.xml +++ b/docs/MultiISP.xml @@ -2245,7 +2245,83 @@ defaults { include /etc/lsm/shorewall.conf - /etc/lsm/script#!/bin/sh + /etc/lsm/script (Shorewall 4.4.23 and + later)#!/bin/sh +# +# (C) 2009 Mika Ilmaranta <ilmis@nullnet.fi> +# (C) 2009 Tom Eastep <teastep@shorewall.net> +# +# License: GPLv2 +# + +STATE=${1} +NAME=${2} +CHECKIP=${3} +DEVICE=${4} +WARN_EMAIL=${5} +REPLIED=${6} +WAITING=${7} +TIMEOUT=${8} +REPLY_LATE=${9} +CONS_RCVD=${10} +CONS_WAIT=${11} +CONS_MISS=${12} +AVG_RTT=${13} + +if [ -f /usr/share/shorewall-lite/lib.base ]; then + VARDIR=/var/lib/shorewall-lite + STATEDIR=/etc/shorewall-lite + TOOL=/sbin/shorewall-lite +else + VARDIR=/var/lib/shorewall + STATEDIR=/etc/shorewall + TOOL=/sbin/shorewall +fi + +[ -f ${STATEDIR}/vardir ] && . ${STATEDIR}/vardir + +cat <<EOM | mail -s "${NAME} ${STATE}, DEV ${DEVICE}" ${WARN_EMAIL} + +Hi, + +Connection ${NAME} is now ${STATE}. + +Following parameters were passed: +newstate = ${STATE} +name = ${NAME} +checkip = ${CHECKIP} +device = ${DEVICE} +warn_email = ${WARN_EMAIL} + +Packet counters: +replied = ${REPLIED} packets replied +waiting = ${WAITING} packets waiting for reply +timeout = ${TIMEOUT} packets that have timed out (= packet loss) +reply_late = ${REPLY_LATE} packets that received a reply after timeout +cons_rcvd = ${CONS_RCVD} consecutively received replies in sequence +cons_wait = ${CONS_WAIT} consecutive packets waiting for reply +cons_miss = ${CONS_MISS} consecutive packets that have timed out +avg_rtt = ${AVG_RTT} average rtt, notice that waiting and timed out packets have rtt = 0 when calculating this + +Your LSM Daemon + +EOM + +if [ ${STATE} = up ]; then +# echo 0 > ${VARDIR}/${DEVICE}.status # Uncomment this line if you are running Shorewall 4.4.x or earlier + ${VARDIR}/firewall enable ${DEVICE} +else +# echo 1 > ${VARDIR}/${DEVICE}.status # Uncomment this line if you are running Shorewall 4.4.x or earlier + ${VARDIR}/firewall disable ${DEVICE} +fi + +$TOOL show routing >> /var/log/lsm + +exit 0 + +#EOFPrior to Shorewall 4.4.23, it was necessary to restart + the firewall when an interface transitions between the usable and + unusable states.#!/bin/sh # # (C) 2009 Mika Ilmaranta <ilmis@nullnet.fi> # (C) 2009 Tom Eastep <teastep@shorewall.net> @@ -2311,88 +2387,12 @@ EOM # [ ${STATE} = up ] && state=0 || state=1 # echo $state > ${VARDIR}/${DEVICE}.status -$TOOL restart -f >> /var/log/lsm 2>&1 +$TOOL restart -f >> /var/log/lsm 2>&1 $TOOL show routing >> /var/log/lsm exit 0 -#EOFBeginning with Shorewall 4.4.23, it is not necessary to - restart the firewall when an interface transitions between the usable - and unusable - states./etc/lsm/script#!/bin/sh -# -# (C) 2009 Mika Ilmaranta <ilmis@nullnet.fi> -# (C) 2009 Tom Eastep <teastep@shorewall.net> -# -# License: GPLv2 -# - -STATE=${1} -NAME=${2} -CHECKIP=${3} -DEVICE=${4} -WARN_EMAIL=${5} -REPLIED=${6} -WAITING=${7} -TIMEOUT=${8} -REPLY_LATE=${9} -CONS_RCVD=${10} -CONS_WAIT=${11} -CONS_MISS=${12} -AVG_RTT=${13} - -if [ -f /usr/share/shorewall-lite/lib.base ]; then - VARDIR=/var/lib/shorewall-lite - STATEDIR=/etc/shorewall-lite - TOOL=/sbin/shorewall-lite -else - VARDIR=/var/lib/shorewall - STATEDIR=/etc/shorewall - TOOL=/sbin/shorewall -fi - -[ -f ${STATEDIR}/vardir ] && . ${STATEDIR}/vardir - -cat <<EOM | mail -s "${NAME} ${STATE}, DEV ${DEVICE}" ${WARN_EMAIL} - -Hi, - -Connection ${NAME} is now ${STATE}. - -Following parameters were passed: -newstate = ${STATE} -name = ${NAME} -checkip = ${CHECKIP} -device = ${DEVICE} -warn_email = ${WARN_EMAIL} - -Packet counters: -replied = ${REPLIED} packets replied -waiting = ${WAITING} packets waiting for reply -timeout = ${TIMEOUT} packets that have timed out (= packet loss) -reply_late = ${REPLY_LATE} packets that received a reply after timeout -cons_rcvd = ${CONS_RCVD} consecutively received replies in sequence -cons_wait = ${CONS_WAIT} consecutive packets waiting for reply -cons_miss = ${CONS_MISS} consecutive packets that have timed out -avg_rtt = ${AVG_RTT} average rtt, notice that waiting and timed out packets have rtt = 0 when calculating this - -Your LSM Daemon - -EOM - -if [ ${STATE} = up ]; then -# echo 0 > ${VARDIR}/${DEVICE}.status # Uncomment this line if you are running Shorewall 4.4.x or earlier - ${VARDIR}/firewall enable ${DEVICE} -else -# echo 1 > ${VARDIR}/${DEVICE}.status # Uncomment this line if you are running Shorewall 4.4.x or earlier - ${VARDIR}/firewall disable ${DEVICE} -fi - -$TOOL show routing >> /var/log/lsm - -exit 0 - #EOF