From 611e987cfca68d3e8597bd2e81ab857d5d541db9 Mon Sep 17 00:00:00 2001
From: teastep <teastep@fbd18981-670d-0410-9b5c-8dc0c1a9a2bb>
Date: Thu, 1 Sep 2005 23:00:30 +0000
Subject: [PATCH] Finish integrating tc4shorewall with save/restore/refresh

git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2620 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
---
 Shorewall/firewall         |  6 ++++++
 Shorewall/releasenotes.txt |  8 +++++---
 Shorewall/tcstart          | 35 ++++++++++++++++++++++++++++++++---
 3 files changed, 43 insertions(+), 6 deletions(-)

diff --git a/Shorewall/firewall b/Shorewall/firewall
index e4c37f3e0..493f503a8 100755
--- a/Shorewall/firewall
+++ b/Shorewall/firewall
@@ -3758,6 +3758,12 @@ refresh_tc() {
         done < $TMP_DIR/tcrules
     else
 	setup_tc1
+
+	f=$(find_file tcstart)
+
+	if [ -x &f ]; then
+	    eval $f
+	fi
     fi
 
 }
diff --git a/Shorewall/releasenotes.txt b/Shorewall/releasenotes.txt
index 5edb4c716..64937ebd6 100755
--- a/Shorewall/releasenotes.txt
+++ b/Shorewall/releasenotes.txt
@@ -226,9 +226,11 @@ Migration Considerations:
    ACCEPT them. See http://www.shorewall.net/VPNBasics.html for
    information on the rules generated by entries in the tunnels file.
 
-10) In previous releases, the "refresh" command would run your tcstart
-    script. Beginning with this release, "refresh" will not run the
-    tcstart script.
+10) In previous releases, the "refresh" command would source your tcstart
+    script. Beginning with this release, "refresh" will run that script
+    if it is executable but will not source it. Users of third-party TC
+    scripts like WonderShaper should see no change provided that
+    execute permission is placed on /etc/shorewall/tcstart.
 
 New Features in Shorewall 2.5.*
 
diff --git a/Shorewall/tcstart b/Shorewall/tcstart
index d98b5eb21..338db4217 100755
--- a/Shorewall/tcstart
+++ b/Shorewall/tcstart
@@ -4,6 +4,35 @@
 # (c) 2005 Arne Bernin <arne@ucbering.de>
 # published under GPL Version 2
 
+if [ -z "$COMMAND" ]; then
+	SHOREWALL_DIR=.
+	SHARED_DIR=/usr/share/shorewall
+	FUNCTIONS=$SHARED_DIR/functions
+
+	. $FUNCTIONS
+
+	ensure_and_save_command()
+	{ 
+	    if ! eval $* ; then
+		[ -n "$TMP_DIR" ] && rm -rf $TMP_DIR
+		exit 2
+	    fi
+	}
+
+	run_and_save_command() { eval $*; }
+
+	save_progress_message() { echo $@; }
+
+	fatal_error() 
+	{ 
+	    echo "   ERROR: $@" >&2
+	    [ -n "$TMP_DIR" ] && rm -rf $TMP_DIR
+	    exit 2
+	}
+
+	TMP_DIR=
+	TMP_DIR=$(mktempdir)
+fi
 
 setup_traffic_shaping()
 {
@@ -141,8 +170,8 @@ setup_traffic_shaping()
 	add_root_tc() {
 		local defmark
 		defmark=$(get_defmark_for_dev $device)
-		run_and_save_command "tc qdisc del dev $device root 2>/dev/null  > /dev/null"
-		run_and_save_command "tc qdisc del dev $device ingress 2>/dev/null > /dev/null"
+		run_and_save_command qt tc qdisc del dev $device root
+		run_and_save_command qt tc qdisc del dev $device ingress
 		ensure_and_save_command tc qdisc add dev $device root handle 1: htb default 1$defmark
 		ensure_and_save_command tc class add dev $device parent 1: classid 1:1 htb rate $outband 
 		ensure_and_save_command tc qdisc add dev $device handle ffff: ingress
@@ -223,4 +252,4 @@ setup_traffic_shaping()
 
 setup_traffic_shaping
 
-[ -n "$COMMAND" -a "$COMMAND" != restore ] || rm -rf $TMP_DIR
+[ -n "$COMMAND" ] || rm -rf $TMP_DIR