Move firewall, functions and version to /var/lib/shorewall

git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@73 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb

Shorewall/fallback.sh

@@ -49,15 +49,15 @@ restore_file() # $1 = file to restore
     fi	
 }
 
-if [ ! -f /etc/shorewall/version-${VERSION}.bkout ]; then
+if [ ! -f /var/lib/shorewall/version-${VERSION}.bkout ]; then
-    echo "Seattle Firewall Version $VERSION is not installed"
+    echo "Shorewall Version $VERSION is not installed"
     exit 1
 fi
 
 echo "Backing Out Installation of Shorewall $VERSION"
 
-if [ -L /etc/shorewall/firewall ]; then
+if [ -L /var/lib/shorewall/firewall ]; then
-    FIREWALL=`ls -l /etc/shorewall/firewall | sed 's/^.*> //'`
+    FIREWALL=`ls -l /var/lib/shorewall/firewall | sed 's/^.*> //'`
     restore_file $FIREWALL
 fi
 
@@ -68,6 +68,7 @@ restore_file /sbin/shorewall
 restore_file /etc/shorewall/shorewall.conf
     
 restore_file /etc/shorewall/functions
+restore_file /var/lib/shorewall/functions
 
 restore_file /etc/shorewall/common.def
 
@@ -106,8 +107,9 @@ restore_file /etc/shorewall/whitelist
 restore_file /etc/shorewall/rfc1918
 
 restore_file /etc/shorewall/version
+restore_file /var/lib/shorewall/version
 
-oldversion="`cat /etc/shorewall/version`"
+oldversion="`cat /var/lib/shorewall/version`"
 
 echo "Shorewall Restored to Version $oldversion"
 

Shorewall/firewall

@@ -73,9 +73,9 @@ list_search() # $1 = element to search for , $2-$n = list
 
 ###############################################################################
 # Mutual exclusion -- These functions are jackets for the mutual exclusion    #
-#                     routines in /etc/shorewall/functions. They invoke the   #
+#                     routines in /var/lib/shorewall/functions. They invoke   #
-#                     corresponding function in that file if the user did not #
+#                     the corresponding function in that file if the user did #
-#                     specify "nolock" on the runeline.                       #
+#                     not specify "nolock" on the runline.                    #
 ###############################################################################
 my_mutex_on() {
     [ -n "$nolock" ] || { mutex_on; have_mutex=Yes; }
@@ -3138,18 +3138,15 @@ do_initialize() {
 
     trap "rm -rf $TMP_DIR; my_mutex_off; exit 2" 1 2 3 4 5 6 9
 
-    functions=/etc/shorewall/functions
+    functions=/var/lib/shorewall/functions
-
-    [ -n "$SHOREWALL_DIR" -a -f $SHOREWALL_DIR/functions ] && \
-        functions=$SHOREWALL_DIR/functions
 
     if [ -f $functions ]; then
         . $functions
     else
-        startup_error "/etc/shorewall/functions does not exist!"
+        startup_error "$functions does not exist!"
     fi
 
-    version_file=`find_file version`
+    version_file=/var/lib/shorewall/version
 
     [ -f $version_file ] && version=`cat $version_file`
     #

Shorewall/functions

@@ -1,5 +1,5 @@
 #
-# Shorewall 1.3 -- /etc/shorewall/functions
+# Shorewall 1.3 -- /var/lib/shorewall/functions
 
 #
 # Suppress all output for a command

Shorewall/install.sh

@@ -152,7 +152,7 @@ while [ $# -gt 0 ] ; do
 		usage 1
             fi
 
-	    echo "Seattle Firewall Installer Version $VERSION"
+	    echo "Shorewall Firewall Installer Version $VERSION"
 	    exit 0
 	    ;;
 	*)
@@ -254,11 +254,10 @@ fi
 echo -e "\nShorewall script installed in ${PREFIX}${DEST}/$FIREWALL"
 
 #
-# Create /etc/shorewall if needed
+# Create /etc/shorewall and /var/shorewall if needed
 #
-if [ ! -d ${PREFIX}/etc/shorewall ]; then
+mkdir -p ${PREFIX}/etc/shorewall
-    mkdir ${PREFIX}/etc/shorewall
+mkdir -p ${PREFIX}/var/lib/shorewall
-fi
 #
 # Install the config file
 #
@@ -281,9 +280,9 @@ fi
 #
 # Install the functions file
 #
-install_file_with_backup functions ${PREFIX}/etc/shorewall/functions 0444
+install_file_with_backup functions ${PREFIX}/var/lib/shorewall/functions 0444
 
-echo -e "\nCommon functions installed in ${PREFIX}/etc/shorewall/functions"
+echo -e "\nCommon functions installed in ${PREFIX}/var/lib/shorewall/functions"
 #
 # Install the common.def file
 #
@@ -435,31 +434,32 @@ fi
 # Backup the version file
 #
 if [ -z "$PREFIX" ]; then
-    if [ -f /etc/shorewall/version ]; then
+    if [ -f /var/lib/shorewall/version ]; then
-	backup_file /etc/shorewall/version
+	backup_file /var/lib/shorewall/version
     elif [ -n "$oldversion" ]; then
-	echo $oldversion > /etc/shorewall/version-${VERSION}.bkout
+	echo $oldversion > /var/lib/shorewall/version-${VERSION}.bkout
     else
-	echo "Unknown" > /etc/shorewall/version-${VERSION}.bkout
+	echo "Unknown" > /var/lib/shorewall/version-${VERSION}.bkout
     fi
 fi
 #
 # Create the version file
 #
-echo "$VERSION" > ${PREFIX}/etc/shorewall/version
+echo "$VERSION" > ${PREFIX}/var/lib/shorewall/version
-chmod 644 ${PREFIX}/etc/shorewall/version
+chmod 644 ${PREFIX}/var/lib/shorewall/version
 #
 # Remove and create the symbolic link to the firewall script
 #
 
 if [ -z "$PREFIX" ]; then
     rm -f /etc/shorewall/firewall
-    ln -s ${DEST}/${FIREWALL} /etc/shorewall/firewall
+    rm -f /var/lib/shorewall/firewall
+    ln -s ${DEST}/${FIREWALL} /var/lib/shorewall/firewall
 else
-    pushd ${PREFIX}/etc/shorewall/ >> /dev/null && ln -s ../..${DEST}/${FIREWALL} firewall && popd >> /dev/null
+    pushd ${PREFIX}/var/lib/shorewall/ >> /dev/null && ln -s ../../..${DEST}/${FIREWALL} firewall && popd >> /dev/null
 fi
 
-echo -e "\n${PREFIX}/etc/shorewall/firewall linked to ${PREFIX}$DEST/$FIREWALL"
+echo -e "\n${PREFIX}/var/lib/shorewall/firewall linked to ${PREFIX}$DEST/$FIREWALL"
 
 if [ -z "$PREFIX" -a -n "$first_install" ]; then
     if [ -x /sbin/insserv -o -x /usr/sbin/insserv ]; then

Shorewall/shorewall

@@ -480,21 +480,18 @@ if [ $# -eq 0 ]; then
     usage 1
 fi
 
-functions=/etc/shorewall/functions
+[ -n "$SHOREWALL_DIR" ] && export SHOREWALL_DIR
 
-if [ -n "$SHOREWALL_DIR" ]; then
+functions=/var/lib/shorewall/functions
-   export SHOREWALL_DIR
-   [ -f $SHOREWALL_DIR/functions ] && functions=$SHOREWALL_DIR/functions
-fi
 
 if [ -f $functions ]; then
     . $functions
 else
-    echo "/etc/shorewall/functions does not exist!" >&2
+    echo "$functions does not exist!" >&2
     exit 2
 fi
 
-firewall=`find_file firewall`
+firewall=/var/lib/shorewall/firewall
 
 if [ ! -f $firewall ]; then
     echo "ERROR: Shorewall is not properly installed"
@@ -502,7 +499,7 @@ if [ ! -f $firewall ]; then
 	echo "       $firewall is a symbolic link to a"
 	echo "       non-existant file"
     else
-	echo "       The file /etc/shorewall/firewall does not exist"
+	echo "       The file /var/lib/shorewall/firewall does not exist"
     fi
 
     exit 2
@@ -510,13 +507,13 @@ fi
 
 PATH=/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/bin:/usr/local/sbin
 
-version_file=`find_file version`
+version_file=/var/lib/shorewall/version
 
 if [ -f $version_file ]; then
     version=`cat $version_file`
 else
-    echo "ERROR: Shoreline Firewall is not properly installed"
+    echo "ERROR: Shorewall is not properly installed"
-    echo "       The file /etc/shorewall/version does not exist"
+    echo "       The file /var/lib/shorewall/version does not exist"
     exit 1
 fi
 

Shorewall/shorewall.spec

@@ -52,7 +52,8 @@ if [ $1 = 0 ]; then if [ -x /sbin/insserv ]; then /sbin/insserv -r /etc/init.d/s
 %files 
 /etc/init.d/shorewall
 %attr(0700,root,root) %dir /etc/shorewall
-%attr(0600,root,root) /etc/shorewall/version
+%attr(0700,root,root) %dir /var/lib/shorewall
+%attr(0600,root,root) /var/lib/shorewall/version
 %attr(0600,root,root) /etc/shorewall/common.def
 %attr(0600,root,root) /etc/shorewall/icmp.def
 %attr(0600,root,root) %config(noreplace) /etc/shorewall/shorewall.conf
@@ -72,8 +73,8 @@ if [ $1 = 0 ]; then if [ -x /sbin/insserv ]; then /sbin/insserv -r /etc/init.d/s
 %attr(0600,root,root) %config(noreplace) /etc/shorewall/blacklist
 %attr(0600,root,root) %config(noreplace) /etc/shorewall/rfc1918
 %attr(0544,root,root) /sbin/shorewall
-%attr(0444,root,root) /etc/shorewall/functions
+%attr(0444,root,root) /var/lib/shorewall/functions
-/etc/shorewall/firewall
+/var/lib/shorewall/firewall
 %doc documentation
 %doc COPYING INSTALL changelog.txt releasenotes.txt tunnel
 

Shorewall/uninstall.sh

@@ -35,6 +35,11 @@ usage() # $1 = exit status
     exit $1
 }
 
+qt()  
+{ 
+    "$@" >/dev/null 2>&1
+}
+
 restore_file() # $1 = file to restore
 {
     if [ -f ${1}-shorewall.bkout ]; then
@@ -55,22 +60,26 @@ remove_file() # $1 = file to restore
     fi
 }
 
-if [ -f /etc/shorewall/version ]; then
+if [ -f /var/lib/shorewall/version ]; then
-    INSTALLED_VERSION="`cat /etc/shorewall/version`"
+    INSTALLED_VERSION="`cat /var/lib/shorewall/version`"
     if [ "$INSTALLED_VERSION" != "$VERSION" ]; then
-	echo "WARNING: Shoreline Firewall Version $INSTALLED_VERSION is installed"
+	echo "WARNING: Shorewall Version $INSTALLED_VERSION is installed"
 	echo "         and this is the $VERSION uninstaller."
 	VERSION="$INSTALLED_VERSION"
     fi
 else
-    echo "WARNING: Shoreline Firewall Version $VERSION is not installed"
+    echo "WARNING: Shorewall Version $VERSION is not installed"
     VERSION=""
 fi
 
-echo "Uninstalling Shoreline Firewall $VERSION"
+echo "Uninstalling Shorewall $VERSION"
 
-if [ -L /etc/shorewall/firewall ]; then
+if qt iptables -L shorewall -n; then
-    FIREWALL=`ls -l /etc/shorewall/firewall | sed 's/^.*> //'`
+   /sbin/shorewall clear
+fi
+
+if [ -L /var/lib/shorewall/firewall ]; then
+    FIREWALL=`ls -l /var/lib/shorewall/firewall | sed 's/^.*> //'`
 
     if [ -x /sbin/insserv -o -x /usr/sbin/insserv ]; then
         insserv -r $FIREWALL
@@ -85,74 +94,11 @@ remove_file /sbin/shorewall
 
 if [ -n "$VERSION" ]; then
     restore_file /etc/rc.d/rc.local
-    remove_file /etc/shorewall/shorewall.conf-${VERSION}.bkout
-    remove_file /etc/shorewall/zones-${VERSION}.bkout
-    remove_file /etc/shorewall/policy-${VERSION}.bkout
-    remove_file /etc/shorewall/interfaces-${VERSION}.bkout
-    remove_file /etc/shorewall/rules-${VERSION}.bkout
-    remove_file /etc/shorewall/nat-${VERSION}.bkout
-    remove_file /etc/shorewall/params-${VERSION}.bkout
-    remove_file /etc/shorewall/proxyarp-${VERSION}.bkout
-    remove_file /etc/shorewall/masq-${VERSION}.bkout
-    remove_file /etc/shorewall/version-${VERSION}.bkout
-    remove_file /etc/shorewall/functions-${VERSION}.bkout
-    remove_file /etc/shorewall/common.def-${VERSION}.bkout
-    remove_file /etc/shorewall/icmp.def-${VERSION}.bkout
-    remove_file /etc/shorewall/tunnels-${VERSION}.bkout
-    remove_file /etc/shorewall/tcrules-${VERSION}.bkout
-    remove_file /etc/shorewall/tos-${VERSION}.bkout
-    remove_file /etc/shorewall/modules-${VERSION}.bkout
-    remove_file /etc/shorewall/blacklist-${VERSION}.bkout
-    remove_file /etc/shorewall/whitelist-${VERSION}.bkout
-    remove_file /etc/shorewall/rfc1918-${VERSION}.bkout
 fi
 
-remove_file /etc/shorewall/firewall
+rm -rf /etc/shorewall
+rm -rf /var/lib/shorewall
 
-remove_file /etc/shorewall/functions
+echo "Shorewall Uninstalled"
-
-remove_file /etc/shorewall/common.def
-
-remove_file /etc/shorewall/icmp.def
-
-remove_file /etc/shorewall/zones
-
-remove_file /etc/shorewall/policy
-
-remove_file /etc/shorewall/interfaces
-    
-remove_file /etc/shorewall/hosts
-
-remove_file /etc/shorewall/rules
-
-remove_file /etc/shorewall/nat
-
-remove_file /etc/shorewall/params
-
-remove_file /etc/shorewall/proxyarp
-
-remove_file /etc/shorewall/masq
-    
-remove_file /etc/shorewall/modules
-    
-remove_file /etc/shorewall/tcrules
-
-remove_file /etc/shorewall/tos
-
-remove_file /etc/shorewall/tunnels
-
-remove_file /etc/shorewall/blacklist
-
-remove_file /etc/shorewall/whitelist
-
-remove_file /etc/shorewall/rfc1918
-
-remove_file /etc/shorewall/shorewall.conf
-
-remove_file /etc/shorewall/version
-
-rmdir /etc/shorewall
-
-echo "Shoreline Firewall Uninstalled"