Implement capabilities versioning

git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@6581 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2007-06-17 21:39:01 +00:00 · 2007-06-17 21:39:01 +00:00 · 57fd93a5be
commit 57fd93a5be
parent b536abdaa1
4 changed files with 21 additions and 16 deletions
--- a/Shorewall-common/diff-3.4-lib.base
+++ b/Shorewall-common/diff-3.4-lib.base
@ -1,21 +1,15 @@
--- /home/teastep/shorewall/branches/3.4/Shorewall/lib.base	2007-06-14 17:30:33.000000000 -0700
-+++ Shorewall-common/lib.base	2007-06-16 08:40:13.000000000 -0700
-@@ -28,12 +28,12 @@
+--- /home/teastep/shorewall/branches/3.4/Shorewall/lib.base	2007-06-17 14:30:30.000000000 -0700
+++ lib.base	2007-06-17 14:36:20.000000000 -0700
+@@ -28,7 +28,7 @@
 # and /usr/share/shorewall-lite/shorecap.
 #
 
 -SHOREWALL_LIBVERSION=30404
 +SHOREWALL_LIBVERSION=40000
+ SHOREWALL_CAPVERSION=30405
 
 [ -n "${VARDIR:=/var/lib/shorewall}" ]
- [ -n "${SHAREDIR:=/usr/share/shorewall}" ]
- [ -n "${CONFDIR:=/etc/shorewall}" ]
-SHELLSHAREDIR=/usr/share/shorewall
-+SHELLSHAREDIR=/usr/share/shorewall-shell
- PERLSHAREDIR=/usr/share/shorewall-perl
- 
- #
-@@ -359,6 +359,8 @@
+@@ -360,6 +360,8 @@
     eval loaded=\$LIB_${1}_LOADED
 
     if [ -z "$loaded" ]; then
--- a/Shorewall-common/diff-3.4-lib.config
+++ b/Shorewall-common/diff-3.4-lib.config
@ -1,6 +1,6 @@
--- /home/teastep/shorewall/branches/3.4/Shorewall/lib.config	2007-06-16 07:38:21.000000000 -0700
-+++ Shorewall-common/lib.config	2007-06-16 07:38:05.000000000 -0700
-@@ -1851,6 +1851,44 @@
+--- /home/teastep/shorewall/branches/3.4/Shorewall/lib.config	2007-06-17 14:17:01.000000000 -0700
+++ lib.config	2007-06-17 14:35:28.000000000 -0700
+@@ -1857,6 +1857,44 @@
 	IP_FORWARDING=On
     fi
 
@ -45,7 +45,7 @@
     [ -n "${BLACKLIST_DISPOSITION:=DROP}" ]
 
     case "$CLAMPMSS" in
-@@ -1862,8 +1900,6 @@
+@@ -1868,8 +1906,6 @@
     esac
 
     ADD_SNAT_ALIASES=$(added_param_value_no ADD_SNAT_ALIASES $ADD_SNAT_ALIASES)
--- a/Shorewall-common/lib.base
+++ b/Shorewall-common/lib.base
@ -29,11 +29,12 @@
 #

 SHOREWALL_LIBVERSION=40000
+SHOREWALL_CAPVERSION=30405

 [ -n "${VARDIR:=/var/lib/shorewall}" ]
 [ -n "${SHAREDIR:=/usr/share/shorewall}" ]
 [ -n "${CONFDIR:=/etc/shorewall}" ]
-SHELLSHAREDIR=/usr/share/shorewall-shell
+SHELLSHAREDIR=/usr/share/shorewall
 PERLSHAREDIR=/usr/share/shorewall-perl

 #
@ -1070,6 +1071,8 @@ determine_capabilities() {

    qt $IPTABLES -F fooX1234
    qt $IPTABLES -X fooX1234
+
+    CAPVERSION=$SHOREWALL_CAPVERSION
 }

 report_capabilities() {
@ -1154,6 +1157,8 @@ report_capabilities1() {
    report_capability1 MANGLE_FORWARD
    report_capability1 COMMENTS
    report_capability1 ADDRTYPE
+    
+    echo CAPVERSION=$SHOREWALL_CAPVERSION
 }

 #
--- a/Shorewall-common/lib.config
+++ b/Shorewall-common/lib.config
@ -1829,6 +1829,12 @@ do_initialize() {
 	[ -f $f ] && . $f || startup_error "The -e flag requires a capabilities file"
    fi

+    if [ -n "$CAPVERSION" ]; then
+	[ $CAPVERSION -ge $SHOREWALL_CAPVERSION ] || error_message "WARNING: $f is out of date -- it does not contain all of the capabilities defined by Shorewall version $VERSION"
+    else
+	error_message "WARNING: $f may be out of date"
+    fi
+
    ORIGINAL_POLICY_MATCH=$POLICY_MATCH
    
    ADD_IP_ALIASES="$(added_param_value_yes ADD_IP_ALIASES $ADD_IP_ALIASES)"