Implement capabilities versioning

git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@6581 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb

Shorewall-common/diff-3.4-lib.base

@@ -1,21 +1,15 @@
---- /home/teastep/shorewall/branches/3.4/Shorewall/lib.base	2007-06-14 17:30:33.000000000 -0700
+--- /home/teastep/shorewall/branches/3.4/Shorewall/lib.base	2007-06-17 14:30:30.000000000 -0700
-+++ Shorewall-common/lib.base	2007-06-16 08:40:13.000000000 -0700
++++ lib.base	2007-06-17 14:36:20.000000000 -0700
-@@ -28,12 +28,12 @@
+@@ -28,7 +28,7 @@
  # and /usr/share/shorewall-lite/shorecap.
  #
  
 -SHOREWALL_LIBVERSION=30404
 +SHOREWALL_LIBVERSION=40000
+ SHOREWALL_CAPVERSION=30405
  
  [ -n "${VARDIR:=/var/lib/shorewall}" ]
- [ -n "${SHAREDIR:=/usr/share/shorewall}" ]
+@@ -360,6 +360,8 @@
- [ -n "${CONFDIR:=/etc/shorewall}" ]
--SHELLSHAREDIR=/usr/share/shorewall
-+SHELLSHAREDIR=/usr/share/shorewall-shell
- PERLSHAREDIR=/usr/share/shorewall-perl
- 
- #
-@@ -359,6 +359,8 @@
      eval loaded=\$LIB_${1}_LOADED
  
      if [ -z "$loaded" ]; then

Shorewall-common/diff-3.4-lib.config

@@ -1,6 +1,6 @@
---- /home/teastep/shorewall/branches/3.4/Shorewall/lib.config	2007-06-16 07:38:21.000000000 -0700
+--- /home/teastep/shorewall/branches/3.4/Shorewall/lib.config	2007-06-17 14:17:01.000000000 -0700
-+++ Shorewall-common/lib.config	2007-06-16 07:38:05.000000000 -0700
++++ lib.config	2007-06-17 14:35:28.000000000 -0700
-@@ -1851,6 +1851,44 @@
+@@ -1857,6 +1857,44 @@
  	IP_FORWARDING=On
      fi
  
@@ -45,7 +45,7 @@
      [ -n "${BLACKLIST_DISPOSITION:=DROP}" ]
  
      case "$CLAMPMSS" in
-@@ -1862,8 +1900,6 @@
+@@ -1868,8 +1906,6 @@
      esac
  
      ADD_SNAT_ALIASES=$(added_param_value_no ADD_SNAT_ALIASES $ADD_SNAT_ALIASES)

Shorewall-common/lib.base

@@ -29,11 +29,12 @@
 #
 
 SHOREWALL_LIBVERSION=40000
+SHOREWALL_CAPVERSION=30405
 
 [ -n "${VARDIR:=/var/lib/shorewall}" ]
 [ -n "${SHAREDIR:=/usr/share/shorewall}" ]
 [ -n "${CONFDIR:=/etc/shorewall}" ]
-SHELLSHAREDIR=/usr/share/shorewall-shell
+SHELLSHAREDIR=/usr/share/shorewall
 PERLSHAREDIR=/usr/share/shorewall-perl
 
 #
@@ -1070,6 +1071,8 @@ determine_capabilities() {
 
     qt $IPTABLES -F fooX1234
     qt $IPTABLES -X fooX1234
+
+    CAPVERSION=$SHOREWALL_CAPVERSION
 }
 
 report_capabilities() {
@@ -1154,6 +1157,8 @@ report_capabilities1() {
     report_capability1 MANGLE_FORWARD
     report_capability1 COMMENTS
     report_capability1 ADDRTYPE
+    
+    echo CAPVERSION=$SHOREWALL_CAPVERSION
 }
 
 #

Shorewall-common/lib.config

@@ -1829,6 +1829,12 @@ do_initialize() {
 	[ -f $f ] && . $f || startup_error "The -e flag requires a capabilities file"
     fi
 
+    if [ -n "$CAPVERSION" ]; then
+	[ $CAPVERSION -ge $SHOREWALL_CAPVERSION ] || error_message "WARNING: $f is out of date -- it does not contain all of the capabilities defined by Shorewall version $VERSION"
+    else
+	error_message "WARNING: $f may be out of date"
+    fi
+
     ORIGINAL_POLICY_MATCH=$POLICY_MATCH
     
     ADD_IP_ALIASES="$(added_param_value_yes ADD_IP_ALIASES $ADD_IP_ALIASES)"