holm/shorewall_code
1
0
Fork 0
forked from extern/shorewall_code
Code Pull Requests Activity

More Shorewall Lite Updates

Browse Source 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@3981 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
This commit is contained in:
teastep 2006-06-03 17:16:27 +00:00
parent 4bd371be4b
commit 5fee7defcf
4 changed files with 154 additions and 113 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

139
docs/CompiledPrograms.xml
View File

@ -5,7 +5,7 @@
<!--$Id$--> <!--$Id$-->
<articleinfo> <articleinfo>
<title>Compiled Firewall Programs</title> <title>Compiled Firewall Programs and Shorewall Lite</title>
<authorgroup> <authorgroup>
<author> <author>
@ -103,6 +103,14 @@
</listitem> </listitem>
</itemizedlist> </itemizedlist>
</listitem> </listitem>
<listitem>
<para>You must install Shorewall Lite on the system where you want
to run the script. You then install the compiled program in
/usr/share/shorewall/firewall and use the /sbin/shorewall program
included with Shorewall Lite to control the firewall just as if the
full Shorewall distribution was installed.</para>
</listitem>
</orderedlist> </orderedlist>
</section> </section>
</section> </section>
@ -114,8 +122,8 @@
command:</para> command:</para>
<blockquote> <blockquote>
<para><command>shorewall compile [ -e ] [ -d &lt;distro&gt; ] [ <para><command>shorewall compile [ -e ] [ &lt;directory name&gt; ]
&lt;directory name&gt; ] &lt;path name&gt;</command></para> &lt;path name&gt;</command></para>
</blockquote> </blockquote>
<para>where</para> <para>where</para>
@ -128,8 +136,8 @@
<listitem> <listitem>
<para>Indicates that the program is to be "exported" to another <para>Indicates that the program is to be "exported" to another
system. When this flag is set, the "detectnets" interface is not system. When this flag is set, the "detectnets" interface is not
allowed but the created program may be run on a system that allowed but the created program may be run on a system that has
doesn't even have Shorewall installed.</para> only Shorewall Lite installed</para>
<para>When this flag is given, Shorewall does not probe the <para>When this flag is given, Shorewall does not probe the
current system to determine the kernel/iptables features that it current system to determine the kernel/iptables features that it
@ -139,33 +147,6 @@
</listitem> </listitem>
</varlistentry> </varlistentry>
<varlistentry>
<term>-d &lt;distro&gt;</term>
<listitem>
<para>is normally used with "-e" and specifies the Linux
distribution that is running on the remote system. The program
will be tailored so that it integrates with the initialization
script system (init) on that system. Distributions currently
supported are:</para>
<simplelist>
<member>suse</member>
<member>redhat</member>
<member>debian (Note that Debian compiled programs may not be
installed directly into <filename
class="directory">/etc/init.d</filename> — they require the
soon-to-be-released Shorewall-minimal Debian package.</member>
</simplelist>
<para>If <emphasis role="bold">-d</emphasis> is not specified, the
compiled program is generally not suitable for being installed in
<filename class="directory">/etc/init.d</filename>.</para>
</listitem>
</varlistentry>
<varlistentry> <varlistentry>
<term>&lt;directory name&gt;</term> <term>&lt;directory name&gt;</term>
@ -188,57 +169,64 @@
</section> </section>
<section> <section>
<title>/usr/share/shorewall/configfiles (Added in version 3.2.0 RC <title>Shorewall Lite (Added in version 3.2.0 RC 1)</title>
1)</title>
<para>The <filename <para>Shorewall Lite is a companion product to Shorewall and is designed
class="directory">/usr/share/shorewall/configfiles</filename> directory to allow you to maintain all Shorewall configuration information on a
contains a copy of the Shorewall configuration files that are normally single system within your network.</para>
installed in <filename class="directory">/etc/shorewall</filename>.</para>
<para>Suppose that you want to create a configuration directory for remote <orderedlist numeration="loweralpha">
system 'gateway'.</para>
<orderedlist>
<listitem> <listitem>
<para><command>mkdir gateway</command></para> <para>You install the full Shorewall release on one system within your
network. You need not configure Shorewall there and you may totally
disable startup of Shorewall in your init scripts. For ease of
reference, we call this system the 'administrative system'.</para>
</listitem> </listitem>
<listitem> <listitem>
<para><command>cp /usr/share/shorewall/configfiles/* <para>On each system where you wish to run a Shorewall-generated
gateway</command></para> firewall, you install Shorewall Lite. For ease of reference, we will
call these systems the 'firewall systems'.</para>
</listitem> </listitem>
<listitem> <listitem>
<para>Generate a <filename>capabilities</filename> file on the <para>On the administrative system you create a separete
'gateway' system as described in the next section and copy that file 'configuration directory' for each firewall system. You copy the
to the <filename class="directory">gateway</filename> contents of /usr/share/shorewall/configfiles into each configuration
directory.</para> directory.</para>
</listitem> </listitem>
<listitem> <listitem>
<para>Modify the files in the <filename <para>On each firewall system, you run:</para>
class="directory">gateway</filename> directory to match the
configuration on 'gateway'.</para> <programlisting><command>/usr/share/shorewall/shorecap &gt; capabilities</command>
<command>scp capabilities &lt;admin system&gt;:&lt;this system's config dir&gt;</command></programlisting>
</listitem> </listitem>
<listitem> <listitem>
<para><command>cd gateway</command></para> <para>On the administrative system, for each firewall system you do
the following (this may be done by a non-root user):</para>
<orderedlist>
<listitem>
<para>modify the files in the corresponding configuration
directory appropriately.</para>
</listitem>
<listitem>
<para></para>
<programlisting><command>cd &lt;configuration directory&gt;</command>
<command>/sbin/shorewall compile -e . firewall</command>
<command>scp firewall root@&lt;firewall system&gt;:/usr/share/shorewall/</command></programlisting>
</listitem>
</orderedlist>
</listitem> </listitem>
<listitem> <listitem>
<para><command>/sbin/shorewall compile -e . firewall</command></para> <para>On each firewall system:</para>
</listitem>
<listitem> <programlisting><command>shorewall start</command></programlisting>
<para>Copy the <filename>firewall</filename> file to <filename
class="directory">/etc/init.d</filename> on system 'gateway' and
arrange for it to be started at boot time.</para>
</listitem>
<listitem>
<para>On the 'gateway' system, <command>/etc/init.d/firewall
start</command></para>
</listitem> </listitem>
</orderedlist> </orderedlist>
</section> </section>
@ -254,10 +242,10 @@
<blockquote> <blockquote>
<programlisting>NAT_ENABLED=Yes # NAT <programlisting>NAT_ENABLED=Yes # NAT
MANGLE_ENABLED=Yes # Packet Mangling MANGLE_ENABLED=Yes # Packet Mangling
CONNTRACK_MATCH=Yes # Connection Tracking Match
USEPKTTYPE= # Packet Type Match
MULTIPORT=Yes # Multi-port Match MULTIPORT=Yes # Multi-port Match
XMULTIPORT=Yes # Extended Multi-port Match XMULTIPORT=Yes # Extended Multi-port Match
CONNTRACK_MATCH=Yes # Connection Tracking Match
USEPKTTYPE= # Packet Type Match
POLICY_MATCH=Yes # Policy Match POLICY_MATCH=Yes # Policy Match
PHYSDEV_MATCH=Yes # Physdev Match PHYSDEV_MATCH=Yes # Physdev Match
LENGTH_MATCH=Yes # Packet Length Match LENGTH_MATCH=Yes # Packet Length Match
@ -266,12 +254,17 @@ RECENT_MATCH=Yes # Recent Match
OWNER_MATCH=Yes # Owner match OWNER_MATCH=Yes # Owner match
IPSET_MATCH= # Ipset Match IPSET_MATCH= # Ipset Match
CONNMARK=Yes # CONNMARK Target CONNMARK=Yes # CONNMARK Target
XCONNMARK=Yes # Extended CONNMARK Target
CONNMARK_MATCH=Yes # Connmark Match CONNMARK_MATCH=Yes # Connmark Match
XCONNMARK_MATCH=Yes # Extended Connmark Match
RAW_TABLE=Yes # Raw Table RAW_TABLE=Yes # Raw Table
IPP2P_MATCH= # IPP2P Match IPP2P_MATCH= # IPP2P Match
CLASSIFY_TARGET=Yes # CLASSIFY Target CLASSIFY_TARGET=Yes # CLASSIFY Target
ENHANCED_REJECT=Yes # Extended REJECT ENHANCED_REJECT=Yes # Extended REJECT
KLUDGEFREE= # iptables accepts multiple "-m iprange" or "-m physdev" in a single command</programlisting> KLUDGEFREE= # iptables accepts multiple "-m iprange" or "-m physdev" in a single command
MARK=Yes # MARK Target Support
XMARK=YES # Extended MARK Target Support
MANGLE_FORWARD # Mangle table has FORWARD chain</programlisting>
</blockquote> </blockquote>
<para>As you can see, the file contains a simple list of shell variable <para>As you can see, the file contains a simple list of shell variable
@ -279,15 +272,15 @@ KLUDGEFREE= # iptables accepts multiple "-m iprange" or "-m
<command>shorewall show capabilities</command> command appear in the same <command>shorewall show capabilities</command> command appear in the same
order as the output of that command.</para> order as the output of that command.</para>
<para>To aid in creating this file, Shorewall 3.1 and later include a <para>To aid in creating this file, Shorewall Lite includes a
shorecap program. The program is installed in the <command>shorecap</command> program. The program is installed in the
<filename>/usr/share/shorewall/</filename> directory and may be copied to <filename>/usr/share/shorewall/</filename> directory and may be run as
/usr/bin on a remote system then run as follows:</para> follows:</para>
<blockquote> <blockquote>
<para><command>[ IPTABLES=&lt;iptables binary&gt; ] [ <para><command>[ IPTABLES=&lt;iptables binary&gt; ] [
MODULESDIR=&lt;kernel modules directory&gt; ] shorecap &gt; MODULESDIR=&lt;kernel modules directory&gt; ]
capabilities</command></para> /usr/share/shorewall/shorecap &gt; capabilities</command></para>
</blockquote> </blockquote>
<para>The IPTABLES and MODULESDIR options have their <ulink <para>The IPTABLES and MODULESDIR options have their <ulink
@ -300,7 +293,7 @@ KLUDGEFREE= # iptables accepts multiple "-m iprange" or "-m
</section> </section>
<section> <section>
<title>Running compiled programs</title> <title>Running compiled programs directly</title>
<para>Compiled firewall programs are complete programs that support the <para>Compiled firewall programs are complete programs that support the
following run-line commands:</para> following run-line commands:</para>

47
docs/starting_and_stopping_shorewall.xml
View File

@ -15,7 +15,7 @@
</author> </author>
</authorgroup> </authorgroup>
<pubdate>2006-05-31</pubdate> <pubdate>2006-06-03</pubdate>
<copyright> <copyright>
<year>2004</year> <year>2004</year>
@ -647,8 +647,8 @@
<term>compile (Shorewall 3.1 and later)</term> <term>compile (Shorewall 3.1 and later)</term>
<listitem> <listitem>
<para><command>shorewall compile [ -e ] [ -d &lt;distro&gt; ] [ <para><command>shorewall compile [ -e ] [ &lt;directory name&gt; ]
&lt;directory name&gt; ] &lt;path name&gt;</command></para> &lt;path name&gt;</command></para>
<para>Compiles the current configuration into the executable file <para>Compiles the current configuration into the executable file
&lt;path name&gt;. If &lt;path name&gt; names a file in &lt;path name&gt;. If &lt;path name&gt; names a file in
@ -656,36 +656,13 @@
command.</para> command.</para>
<para>When -e is specified, the compilation is being performed on a <para>When -e is specified, the compilation is being performed on a
system other than where the compiled script will run. This option system other than where the compiled script will run under Shorewall
disables certain configuration options that require the script to be Lite. This option disables certain configuration options that
compiled where it is to be run and allows the script to be run on a require the script to be compiled where it is to be run and allows
system that does not have Shorewall installed at all. The file the script to be run on a system where Shorewall Lite is installed.
/etc/shorewall/capabilities must be present when -e is used; that The file /etc/shorewall/capabilities must be present when -e is
file specifies the iptables/kernel capabilities on the target used; that file specifies the iptables/kernel capabilities on the
system.</para> target system.</para>
<para>When -d &lt;distribution&gt; is given, the script is built for
installation in <filename class="directory">/etc/init.d</filename>
on the distribution specified by &lt;distro&gt;. Currently supported
values for &lt;distro&gt;are:</para>
<simplelist>
<member>redhat (also good for Fedora Core and CentOS)</member>
<member>debian (Requires the soon to be released Shorewall-minimal
package to be run on Debian)</member>
<member>suse</member>
</simplelist>
<para>Usually specified together with -e. If not specified, the
output file is not suitable for installation into <filename
class="directory">/etc/init.d/</filename></para>
<para>Example:<blockquote>
<para><command>shorewall compile -ed redhat foo</command></para>
</blockquote>Additional distributions are expected to be supported
shortly.</para>
<para>The compiled script is a complete program that supports the <para>The compiled script is a complete program that supports the
following commands:</para> following commands:</para>
@ -715,10 +692,6 @@
<para>The options have their same meaning is when they are passed to <para>The options have their same meaning is when they are passed to
<filename>/sbin/shorewall</filename> itself.</para> <filename>/sbin/shorewall</filename> itself.</para>
<para>When the '-e' option is specified during compilation, the
program may be installed in /etc/init.d/ and serve as the firewall
on a system without Shorewall installed.</para>
<para>For additional information about the <para>For additional information about the
<command>compile</command> command, see <ulink <command>compile</command> command, see <ulink
url="CompiledPrograms.html">this article</ulink>.</para> url="CompiledPrograms.html">this article</ulink>.</para>

79
tools/build/makeshorewall
View File

@ -56,17 +56,22 @@ RPMDIR=~/rpm/
# Directory where you want the release to be built # Directory where you want the release to be built
# #
DIR=$PWD DIR=$PWD
################################################################################ ################################################################################
# V A R I A B L E S # V A R I A B L E S
################################################################################ ################################################################################
VERSION= VERSION=
OLDVERSION= OLDVERSION=
SHOREWALLDIR= SHOREWALLDIR=
SHOREWALLLITEDIR=
SOURCEDIR= SOURCEDIR=
SVNBRANCH= SVNBRANCH=
LITESVNBRANCH=
XMLPROJ= XMLPROJ=
RPMNAME= RPMNAME=
LITERPMNAME=
TARBALL= TARBALL=
LITETARBALL=
LOGFILE= LOGFILE=
HTMLDIR= HTMLDIR=
BUILDTARBALL= BUILDTARBALL=
@ -74,6 +79,7 @@ BUILDRPM=
BUILDXML= BUILDXML=
BUILDHTML= BUILDHTML=
SAMPLESTAG= SAMPLESTAG=
HASLITE=
################################################################################ ################################################################################
# F U N C T I O N S # F U N C T I O N S
################################################################################ ################################################################################
@ -214,15 +220,19 @@ case $VERSION in
;; ;;
3.2.*) 3.2.*)
SVNBRANCH="trunk/Shorewall" SVNBRANCH="trunk/Shorewall"
LITESVNBRANCH="trunk/Shorewall-lite"
DOCTAG="trunk/docs" DOCTAG="trunk/docs"
XMLPROJ="docs-3.2" XMLPROJ="docs-3.2"
SAMPLESTAG="trunk/Samples" SAMPLESTAG="trunk/Samples"
HASLITE=Yes
;; ;;
3.3.*) 3.3.*)
SVNBRANCH="trunk/Shorewall" SVNBRANCH="trunk/Shorewall"
LITESVNBRANCH="trunk/Shorewall-lite"
DOCTAG="trunk/docs" DOCTAG="trunk/docs"
XMLPROJ="docs-3.3" XMLPROJ="docs-3.3"
SAMPLESTAG="trunk/Samples" SAMPLESTAG="trunk/Samples"
HASLITE=Yes
;; ;;
*) *)
echo "Unsupported Version: $VERSION" echo "Unsupported Version: $VERSION"
@ -242,16 +252,22 @@ case $VERSION in
# Beta or Release Candidate # Beta or Release Candidate
# #
SHOREWALLDIR=shorewall-${VERSION%-*} SHOREWALLDIR=shorewall-${VERSION%-*}
SHOREWALLLITEDIR=shorewall-lite-${VERSION%-*}
TARBALL=shorewall-${VERSION%-*}.tgz TARBALL=shorewall-${VERSION%-*}.tgz
LITETARBALL=shorewall-lite-${VERSION%-*}.tgz
RPMNAME=shorewall-${VERSION%-*}-0${VERSION#*-}.noarch.rpm RPMNAME=shorewall-${VERSION%-*}-0${VERSION#*-}.noarch.rpm
LITERPMNAME=shorewall-lite-${VERSION%-*}-0${VERSION#*-}.noarch.rpm
;; ;;
*) *)
# #
# Normal Release # Normal Release
# #
SHOREWALLDIR=shorewall-$VERSION SHOREWALLDIR=shorewall-$VERSION
SHOREWALLLITEDIR=shorewall-lite-$VERSION
TARBALL=shorewall-$VERSION.tgz TARBALL=shorewall-$VERSION.tgz
LITETARBALL=shorewall-lite-$VERSION.tgz
RPMNAME=shorewall-${VERSION}-1.noarch.rpm RPMNAME=shorewall-${VERSION}-1.noarch.rpm
LITERPMNAME=shorewall-lite-${VERSION}-1.noarch.rpm
;; ;;
esac esac
@ -259,9 +275,11 @@ HTMLDIR=shorewall-docs-html-$VERSION
if [ -n "${BUILDTARBALL}${BUILDRPM}" ]; then if [ -n "${BUILDTARBALL}${BUILDRPM}" ]; then
report "Shorewall directory is $DIR/$SHOREWALLDIR" report "Shorewall directory is $DIR/$SHOREWALLDIR"
report "Shorewall Lite directory is $DIR/$SHOREWALLLITEDIR"
report "SVN tag is $SVNBRANCH" report "SVN tag is $SVNBRANCH"
[ -n "$BUILDTARBALL" ] && report "TARBALL is $TARBALL" report "Lite SVN tag is $LITESVNBRANCH"
[ -n "$BUILDRPM" ] && report "RPM is $RPMNAME" [ -n "$BUILDTARBALL" ] && report "TARBALL is $TARBALL" && report "LITETARBALL is $LITETARBALL"
[ -n "$BUILDRPM" ] && report "RPM is $RPMNAME" && report "LITERPM is $LITERPMNAME"
fi fi
[ -n "$BUILDHTML" ] && report "HTML Directory is $HTMLDIR" [ -n "$BUILDHTML" ] && report "HTML Directory is $HTMLDIR"
@ -270,14 +288,25 @@ if [ -n "${BUILDTARBALL}${BUILDRPM}" ]; then
progress_message "Exporting $SVNBRANCH from SVN..." progress_message "Exporting $SVNBRANCH from SVN..."
rm -rf $SHOREWALLDIR rm -rf $SHOREWALLDIR
rm -rf $SHOREWALLLITEDIR
do_or_die "svn export --non-interactive --force https://svn.sourceforge.net/svnroot/shorewall/$SVNBRANCH $SHOREWALLDIR >> $LOGFILE 2>&1" do_or_die "svn export --non-interactive --force https://svn.sourceforge.net/svnroot/shorewall/$SVNBRANCH $SHOREWALLDIR >> $LOGFILE 2>&1"
if [ -n "$HASLITE" ]; then
progress_message "Exporting $LITESVNBRANCH from SVN..."
do_or_die "svn export --non-interactive --force https://svn.sourceforge.net/svnroot/shorewall/$LITESVNBRANCH $SHOREWALLLITEDIR >> $LOGFILE 2>&1"
fi
fgrep VERSION=$VERSION $SHOREWALLDIR/install.sh > /dev/null 2>&1 || fatal_error "install.sh has wrong version" fgrep VERSION=$VERSION $SHOREWALLDIR/install.sh > /dev/null 2>&1 || fatal_error "install.sh has wrong version"
fgrep VERSION=$VERSION $SHOREWALLDIR/uninstall.sh > /dev/null 2>&1 || fatal_error "uninstall.sh has wrong version" fgrep VERSION=$VERSION $SHOREWALLDIR/uninstall.sh > /dev/null 2>&1 || fatal_error "uninstall.sh has wrong version"
fgrep VERSION=$VERSION $SHOREWALLDIR/fallback.sh > /dev/null 2>&1 || fatal_error "fallback.sh has wrong version" fgrep VERSION=$VERSION $SHOREWALLDIR/fallback.sh > /dev/null 2>&1 || fatal_error "fallback.sh has wrong version"
[ -f $SHOREWALLDIR/shorecap ] && \ [ -f $SHOREWALLDIR/shorecap ] && \
{ fgrep VERSION=$VERSION $SHOREWALLDIR/shorecap > /dev/null 2>&1 || fatal_error "shorecap has wrong version"; } { fgrep VERSION=$VERSION $SHOREWALLDIR/shorecap > /dev/null 2>&1 || fatal_error "shorecap has wrong version"; }
if [ -n "$HASLITE" ]; then
fgrep VERSION=$VERSION $SHOREWALLLITEDIR/install.sh > /dev/null 2>&1 || fatal_error "Lite install.sh has wrong version"
fgrep VERSION=$VERSION $SHOREWALLLITEDIR/uninstall.sh > /dev/null 2>&1 || fatal_error "Lite uninstall.sh has wrong version"
fgrep VERSION=$VERSION $SHOREWALLLITEDIR/fallback.sh > /dev/null 2>&1 || fatal_error "Lite fallback.sh has wrong version"
fgrep VERSION=$VERSION $SHOREWALLLITEDIR/shorecap > /dev/null 2>&1 || fatal_error "Lite shorecap has wrong version"
fi
if [ -n "$SAMPLESTAG" ]; then if [ -n "$SAMPLESTAG" ]; then
cd $SHOREWALLDIR cd $SHOREWALLDIR
@ -297,6 +326,17 @@ if [ -n "${BUILDTARBALL}${BUILDRPM}" ]; then
rm -f ${shoreball}.asc rm -f ${shoreball}.asc
do_or_die "$GPG $shoreball" do_or_die "$GPG $shoreball"
done done
if [ -n "$HASLITE" ]; then
progress_message "Creating $DIR/$LITETARBALL..."
do_or_die "tar -zcvf $LITETARBALL $SHOREWALLLITEDIR >> $LOGFILE 2>&1"
do_or_die "tar -jcvf shorewall-lite-${VERSION%-*}.tar.bz2 $SHOREWALLLITEDIR >> $LOGFILE 2>&1"
for shoresuffix in tgz tar.bz2; do
shoreball=shorewall-lite-${VERSION%-*}.${shoresuffix}
report "GPG signing $DIR/$shoreball"
rm -f ${shoreball}.asc
do_or_die "$GPG $shoreball"
done
fi
fi fi
if [ -n "$BUILDRPM" ]; then if [ -n "$BUILDRPM" ]; then
@ -304,6 +344,13 @@ if [ -n "${BUILDTARBALL}${BUILDRPM}" ]; then
do_or_die "rpmbuild -tb --sign $TARBALL >> $LOGFILE 2>&1" do_or_die "rpmbuild -tb --sign $TARBALL >> $LOGFILE 2>&1"
do_or_die cp -a $RPMDIR/RPMS/noarch/$RPMNAME . do_or_die cp -a $RPMDIR/RPMS/noarch/$RPMNAME .
if [ -n "$HASLITE" ]; then
progress_message "Building $LITERPMNAME..."
do_or_die "rpmbuild -tb --sign $LITETARBALL >> $LOGFILE 2>&1"
do_or_die cp -a $RPMDIR/RPMS/noarch/$LITERPMNAME .
fi
fi fi
fi fi
@ -442,6 +489,28 @@ fi
rm -f ${betaball}.asc rm -f ${betaball}.asc
do_or_die "$GPG $betaball" do_or_die "$GPG $betaball"
done done
if [ -n "$HASLITE" ]; then
progress_message "Creating $DIR/shorewall-lite-$VERSION..."
rm -rf shorewall-lite-$VERSION
do_or_die mv $SHOREWALLLITEDIR shorewall-lite-$VERSION
progress_message "Creating $DIR/shorewall-lite-${VERSION}.tgz ..."
do_or_die "tar -zcvf shorewall-lite-${VERSION}.tgz shorewall-lite-$VERSION >> $LOGFILE 2>&1"
do_or_die "tar -jcvf shorewall-lite-$VERSION.tar.bz2 shorewall-lite-$VERSION >> $LOGFILE 2>&1"
for shoresuffix in tgz tar.bz2; do
betaball=shorewall-lite-$VERSION.${shoresuffix}
report "GPG signing $DIR/$betaball tarball"
rm -f ${betaball}.asc
do_or_die "$GPG $betaball"
done
fi
;; ;;
esac esac
@ -457,6 +526,10 @@ case $VERSION in
*Beta*|*RC*) *Beta*|*RC*)
do_or_die "md5sum shorewall-${VERSION%-*}-0${VERSION#*-}.noarch.rpm >> $VERSION.md5sums" do_or_die "md5sum shorewall-${VERSION%-*}-0${VERSION#*-}.noarch.rpm >> $VERSION.md5sums"
do_or_die "sha1sum shorewall-${VERSION%-*}-0${VERSION#*-}.noarch.rpm >> $VERSION.sha1sums" do_or_die "sha1sum shorewall-${VERSION%-*}-0${VERSION#*-}.noarch.rpm >> $VERSION.sha1sums"
if [ -n "$HASLITE" ]; then
do_or_die "md5sum shorewall-lite-${VERSION%-*}-0${VERSION#*-}.noarch.rpm >> $VERSION.md5sums"
do_or_die "sha1sum shorewall-lite-${VERSION%-*}-0${VERSION#*-}.noarch.rpm >> $VERSION.sha1sums"
fi
;; ;;
esac esac

2
tools/build/upload
View File

@ -1,6 +1,7 @@
#/bin/sh #/bin/sh
rpm= rpm=
literpm=
case $1 in case $1 in
*.*[13569].*) *.*[13569].*)
@ -9,6 +10,7 @@ case $1 in
*Beta*|*RC*) *Beta*|*RC*)
DEST="root@mail.shorewall.net:/srv/ftp/pub/shorewall/development/${1%.*}/shorewall-$1" DEST="root@mail.shorewall.net:/srv/ftp/pub/shorewall/development/${1%.*}/shorewall-$1"
rpm=shorewall-${1%-*}-0${1#*-}.noarch.rpm rpm=shorewall-${1%-*}-0${1#*-}.noarch.rpm
literpm=shorewall-lite-${1%-*}-0${1#*-}.noarch.rpm
;; ;;
*) *)
DEST="root@mail.shorewall.net:/srv/ftp/pub/shorewall/${1%.*}/shorewall-$1" DEST="root@mail.shorewall.net:/srv/ftp/pub/shorewall/${1%.*}/shorewall-$1"