Pass $CONFIG_PATH to compiler.pl

Signed-off-by: Tom Eastep <teastep@shorewall.net>

Shorewall/Perl/Shorewall/Compiler.pm

@@ -529,8 +529,8 @@ EOF
 #
 sub compiler {
 
-    my ( $scriptfilename, $directory, $verbosity, $timestamp , $debug, $chains , $log , $log_verbosity, $preview, $confess , $update , $annotate , $convert ) =
+    my ( $scriptfilename, $directory, $verbosity, $timestamp , $debug, $chains , $log , $log_verbosity, $preview, $confess , $update , $annotate , $convert, $config_path ) =
-       ( '',              '',         -1,          '',          0,      '',       '',   -1,             0,        0,         0,        0,        , 0 );
+       ( '',              '',         -1,          '',          0,      '',       '',   -1,             0,        0,         0,        0,        , 0       , '');
 
     $export = 0;
     $test   = 0;
@@ -567,6 +567,7 @@ sub compiler {
 		  update        => { store => \$update,        validate=> \&validate_boolean    } ,
 		  convert       => { store => \$convert,       validate=> \&validate_boolean    } ,
 		  annotate      => { store => \$annotate,      validate=> \&validate_boolean    } ,
+		  config_path   => { store => \$config_path } ,
 		);
     #
     #                               P A R A M E T E R    P R O C E S S I N G
@@ -586,6 +587,8 @@ sub compiler {
     #
     initialize_package_globals( $update );
 
+    set_config_path( $config_path ) if $config_path;
+
     if ( $directory ne '' ) {
 	fatal_error "$directory is not an existing directory" unless -d $directory;
 	set_shorewall_dir( $directory );

Shorewall/Perl/Shorewall/Config.pm

@@ -63,7 +63,7 @@ our @EXPORT = qw(
 		 require_capability
                 );
 
-our @EXPORT_OK = qw( $shorewall_dir initialize set_config_path shorewall);
+our @EXPORT_OK = qw( $shorewall_dir initialize shorewall);
 
 our %EXPORT_TAGS = ( internal => [ qw( create_temp_script
 				       finalize_script
@@ -87,6 +87,7 @@ our %EXPORT_TAGS = ( internal => [ qw( create_temp_script
 				       set_timestamp
 				       set_verbosity
 				       set_log
+				       set_config_path
 				       close_log
 				       set_command
 				       push_indent
@@ -484,16 +485,10 @@ sub initialize( $ ) {
 	  TC => undef,
 	  IPSET => undef,
 	  PERL => undef,
-	  #
-	  #PATH is inherited
-	  #
 	  PATH => undef,
 	  SHOREWALL_SHELL => undef,
 	  SUBSYSLOCK => undef,
 	  MODULESDIR => undef,
-	  #
-	  #CONFIG_PATH is inherited
-	  #
 	  CONFIG_PATH => undef,
 	  RESTOREFILE => undef,
 	  IPSECFILE => undef,

Shorewall/Perl/compiler.pl

@@ -37,6 +37,7 @@
 #         --log_verbosity=<number>    # Log Verbosity range -1 to 2
 #         --family=<number>           # IP family; 4 = IPv4 (default), 6 = IPv6
 #         --preview                   # Preview the ruleset.
+#         --config_path=<path-list>   # Search path for config files
 #
 use strict;
 use FindBin;
@@ -64,6 +65,7 @@ sub usage( $ ) {
     [ --annotate ]
     [ --update ]
     [ --convert ]
+    [ --config_path=<path-list> ]
 ';
 
     exit shift @_;
@@ -88,6 +90,7 @@ my $preview       = 0;
 my $annotate      = 0;
 my $update        = 0;
 my $convert       = 0;
+my $config_path   = '';
 
 Getopt::Long::Configure ('bundling');
 
@@ -118,6 +121,7 @@ my $result = GetOptions('h'               => \$help,
 			'u'               => \$update,
 			'update'          => \$update,
 			'convert'         => \$convert,
+			'config_path=s'   => \$config_path,
 		       );
 
 usage(1) unless $result && @ARGV < 2;
@@ -139,4 +143,5 @@ compiler( script          => $ARGV[0] || '',
 	  update          => $update,
 	  convert         => $convert,
 	  annotate        => $annotate,
+	  config_path     => $config_path,
 	);

Shorewall/shorewall

@@ -386,7 +386,7 @@ compiler() {
     [ "$1" = nolock ] && shift;
     shift
 
-    options="--verbose=$VERBOSITY"
+    options="--verbose=$VERBOSITY --config_path=$CONFIG_PATH"
     [ -n "$STARTUP_LOG" ] && options="$options --log=$STARTUP_LOG"
     [ -n "$LOG_VERBOSITY" ] && options="$options --log_verbosity=$LOG_VERBOSITY";
     [ -n "$g_export" ] && options="$options --export"

Shorewall6/shorewall6

@@ -386,7 +386,7 @@ compiler() {
     [ "$1" = nolock ] && shift;
     shift
 
-    options="--verbose=$VERBOSITY --family=6"
+    options="--verbose=$VERBOSITY --family=6 --config_path=$CONFIG_PATH"
     [ -n "$STARTUP_LOG" ] && options="$options --log=$STARTUP_LOG"
     [ -n "$LOG_VERBOSITY" ] && options="$options --log_verbosity=$LOG_VERBOSITY";
     [ -n "$g_export" ] && options="$options --export"

docs/Shorewall-perl.xml

@@ -801,6 +801,24 @@ DNAT-              net                192.168.1.3      tcp          21</programl
       annotated with documentation. Ignored unless <emphasis
       role="bold">--update</emphasis> is also specified.</para>
 
+      <simplelist>
+        <member><emphasis role="bold">--convert</emphasis></member>
+      </simplelist>
+
+      <para>Added in Shorewall 4.4.26. Causes the compiler to convert an
+      existing <ulink
+      url="manpages/shorewall-blacklist.html">blacklist</ulink> file into an
+      equivalent <ulink url="manpages/shorewall-blrules.html">blrules</ulink>
+      file.</para>
+
+      <simplelist>
+        <member><emphasis
+        role="bold">--config_path=<replaceable>path</replaceable>[:<replaceable>path</replaceable>]...</emphasis></member>
+      </simplelist>
+
+      <para>Added in Shorewall 4.4.26. Search path for configuration
+      files.</para>
+
       <para>Example (compiles the configuration in the current directory
       generating a script named 'firewall' and using VERBOSITY
       2).<programlisting><emphasis role="bold">/usr/share/shorewall/compiler.pl -v 2 -d . firewall</emphasis></programlisting><note>