From 57fd93a5be3223aa4dec099a36fdb38d83ae4acc Mon Sep 17 00:00:00 2001 From: teastep Date: Sun, 17 Jun 2007 21:39:01 +0000 Subject: [PATCH] Implement capabilities versioning git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@6581 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb --- Shorewall-common/diff-3.4-lib.base | 16 +++++----------- Shorewall-common/diff-3.4-lib.config | 8 ++++---- Shorewall-common/lib.base | 7 ++++++- Shorewall-common/lib.config | 6 ++++++ 4 files changed, 21 insertions(+), 16 deletions(-) diff --git a/Shorewall-common/diff-3.4-lib.base b/Shorewall-common/diff-3.4-lib.base index 55992d9dc..ace4a6f6a 100644 --- a/Shorewall-common/diff-3.4-lib.base +++ b/Shorewall-common/diff-3.4-lib.base @@ -1,21 +1,15 @@ ---- /home/teastep/shorewall/branches/3.4/Shorewall/lib.base 2007-06-14 17:30:33.000000000 -0700 -+++ Shorewall-common/lib.base 2007-06-16 08:40:13.000000000 -0700 -@@ -28,12 +28,12 @@ +--- /home/teastep/shorewall/branches/3.4/Shorewall/lib.base 2007-06-17 14:30:30.000000000 -0700 ++++ lib.base 2007-06-17 14:36:20.000000000 -0700 +@@ -28,7 +28,7 @@ # and /usr/share/shorewall-lite/shorecap. # -SHOREWALL_LIBVERSION=30404 +SHOREWALL_LIBVERSION=40000 + SHOREWALL_CAPVERSION=30405 [ -n "${VARDIR:=/var/lib/shorewall}" ] - [ -n "${SHAREDIR:=/usr/share/shorewall}" ] - [ -n "${CONFDIR:=/etc/shorewall}" ] --SHELLSHAREDIR=/usr/share/shorewall -+SHELLSHAREDIR=/usr/share/shorewall-shell - PERLSHAREDIR=/usr/share/shorewall-perl - - # -@@ -359,6 +359,8 @@ +@@ -360,6 +360,8 @@ eval loaded=\$LIB_${1}_LOADED if [ -z "$loaded" ]; then diff --git a/Shorewall-common/diff-3.4-lib.config b/Shorewall-common/diff-3.4-lib.config index 8fd22f2f3..5b0b41447 100644 --- a/Shorewall-common/diff-3.4-lib.config +++ b/Shorewall-common/diff-3.4-lib.config @@ -1,6 +1,6 @@ ---- /home/teastep/shorewall/branches/3.4/Shorewall/lib.config 2007-06-16 07:38:21.000000000 -0700 -+++ Shorewall-common/lib.config 2007-06-16 07:38:05.000000000 -0700 -@@ -1851,6 +1851,44 @@ +--- /home/teastep/shorewall/branches/3.4/Shorewall/lib.config 2007-06-17 14:17:01.000000000 -0700 ++++ lib.config 2007-06-17 14:35:28.000000000 -0700 +@@ -1857,6 +1857,44 @@ IP_FORWARDING=On fi @@ -45,7 +45,7 @@ [ -n "${BLACKLIST_DISPOSITION:=DROP}" ] case "$CLAMPMSS" in -@@ -1862,8 +1900,6 @@ +@@ -1868,8 +1906,6 @@ esac ADD_SNAT_ALIASES=$(added_param_value_no ADD_SNAT_ALIASES $ADD_SNAT_ALIASES) diff --git a/Shorewall-common/lib.base b/Shorewall-common/lib.base index 29d903016..1aa61c4e9 100644 --- a/Shorewall-common/lib.base +++ b/Shorewall-common/lib.base @@ -29,11 +29,12 @@ # SHOREWALL_LIBVERSION=40000 +SHOREWALL_CAPVERSION=30405 [ -n "${VARDIR:=/var/lib/shorewall}" ] [ -n "${SHAREDIR:=/usr/share/shorewall}" ] [ -n "${CONFDIR:=/etc/shorewall}" ] -SHELLSHAREDIR=/usr/share/shorewall-shell +SHELLSHAREDIR=/usr/share/shorewall PERLSHAREDIR=/usr/share/shorewall-perl # @@ -1070,6 +1071,8 @@ determine_capabilities() { qt $IPTABLES -F fooX1234 qt $IPTABLES -X fooX1234 + + CAPVERSION=$SHOREWALL_CAPVERSION } report_capabilities() { @@ -1154,6 +1157,8 @@ report_capabilities1() { report_capability1 MANGLE_FORWARD report_capability1 COMMENTS report_capability1 ADDRTYPE + + echo CAPVERSION=$SHOREWALL_CAPVERSION } # diff --git a/Shorewall-common/lib.config b/Shorewall-common/lib.config index 2ff3b8ae0..3fab60500 100644 --- a/Shorewall-common/lib.config +++ b/Shorewall-common/lib.config @@ -1829,6 +1829,12 @@ do_initialize() { [ -f $f ] && . $f || startup_error "The -e flag requires a capabilities file" fi + if [ -n "$CAPVERSION" ]; then + [ $CAPVERSION -ge $SHOREWALL_CAPVERSION ] || error_message "WARNING: $f is out of date -- it does not contain all of the capabilities defined by Shorewall version $VERSION" + else + error_message "WARNING: $f may be out of date" + fi + ORIGINAL_POLICY_MATCH=$POLICY_MATCH ADD_IP_ALIASES="$(added_param_value_yes ADD_IP_ALIASES $ADD_IP_ALIASES)"