holm/shorewall_code
1
0
Fork 0
forked from extern/shorewall_code
Code Pull Requests Activity

Fix error handling

Browse Source 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2648 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
This commit is contained in:
teastep 2005-09-08 20:57:29 +00:00
parent e65f2f94a7
commit 6d310db4e5
3 changed files with 17 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
Shorewall/changelog.txt
View File

@ -4,6 +4,8 @@ Changes in 2.5.5
2) Fix install.sh re: Makefile 2) Fix install.sh re: Makefile
3) Fix error handling.
Changes in 2.5.4 Changes in 2.5.4
1) Allow TAG to be used as a general parameter mechanism [hack]. 1) Allow TAG to be used as a general parameter mechanism [hack].

16
Shorewall/firewall
View File

@ -133,7 +133,7 @@ ensure_and_save_command()
if eval $* ; then if eval $* ; then
echo "$@" >> $RESTOREBASE echo "$@" >> $RESTOREBASE
else else
[ -z "STOPPING" ] && { stop_firewall; exit 2; } [ -z "$STOPPING" ] && { stop_firewall; exit 2; }
fi fi
} }
@ -156,7 +156,7 @@ run_iptables() {
[ -n "$IPRANGE_MATCH" ] && [ -f $TMP_DIR/iprange ] && rm -f $TMP_DIR/iprange [ -n "$IPRANGE_MATCH" ] && [ -f $TMP_DIR/iprange ] && rm -f $TMP_DIR/iprange
if ! $IPTABLES $@ ; then if ! $IPTABLES $@ ; then
if [ -z "STOPPING" ]; then if [ -z "$STOPPING" ]; then
error_message "ERROR: Command \"$IPTABLES $@\" Failed" error_message "ERROR: Command \"$IPTABLES $@\" Failed"
stop_firewall stop_firewall
exit 2 exit 2
@ -196,7 +196,7 @@ qt_iptables() {
# #
run_ip() { run_ip() {
if ! ip $@ ; then if ! ip $@ ; then
if [ -z "STOPPING" ]; then if [ -z "$STOPPING" ]; then
error_message "ERROR: Command \"ip $@\" Failed" error_message "ERROR: Command \"ip $@\" Failed"
stop_firewall stop_firewall
exit 2 exit 2
@ -209,7 +209,7 @@ run_ip() {
# #
run_tc() { run_tc() {
if ! tc $@ ; then if ! tc $@ ; then
if [ -z "STOPPING" ]; then if [ -z "$STOPPING" ]; then
error_message "ERROR: Command \"tc $@\" Failed" error_message "ERROR: Command \"tc $@\" Failed"
stop_firewall stop_firewall
exit 2 exit 2
@ -222,7 +222,7 @@ run_tc() {
# #
run_ipset() { run_ipset() {
if ! ipset $@ ; then if ! ipset $@ ; then
if [ -z "STOPPING" ]; then if [ -z "$STOPPING" ]; then
error_message "ERROR: Command \"ipset $@\" Failed" error_message "ERROR: Command \"ipset $@\" Failed"
stop_firewall stop_firewall
exit 2 exit 2
@ -1813,7 +1813,7 @@ log_rule_limit() # $1 = log level, $2 = chain, $3 = display Chain $4 = dispositi
case $level in case $level in
ULOG) ULOG)
if ! $IPTABLES $command $chain $@ $limit -j ULOG $LOGPARMS --ulog-prefix "$prefix" ; then if ! $IPTABLES $command $chain $@ $limit -j ULOG $LOGPARMS --ulog-prefix "$prefix" ; then
if [ -z "STOPPING" ]; then if [ -z "$STOPPING" ]; then
error_message "ERROR: Command \"$IPTABLES $command $chain $@ $limit -j ULOG $LOGPARMS --ulog-prefix \"$prefix\"\" Failed" error_message "ERROR: Command \"$IPTABLES $command $chain $@ $limit -j ULOG $LOGPARMS --ulog-prefix \"$prefix\"\" Failed"
stop_firewall stop_firewall
exit 2 exit 2
@ -1822,7 +1822,7 @@ log_rule_limit() # $1 = log level, $2 = chain, $3 = display Chain $4 = dispositi
;; ;;
*) *)
if ! $IPTABLES $command $chain $@ $limit -j LOG $LOGPARMS --log-level $level --log-prefix "$prefix"; then if ! $IPTABLES $command $chain $@ $limit -j LOG $LOGPARMS --log-level $level --log-prefix "$prefix"; then
if [ -z "STOPPING" ]; then if [ -z "$STOPPING" ]; then
error_message "ERROR: Command \"$IPTABLES $command $chain $@ $limit -j LOG $LOGPARMS --log-level $level --log-prefix \"$prefix\"\" Failed" error_message "ERROR: Command \"$IPTABLES $command $chain $@ $limit -j LOG $LOGPARMS --log-level $level --log-prefix \"$prefix\"\" Failed"
stop_firewall stop_firewall
exit 2 exit 2
@ -1832,7 +1832,7 @@ log_rule_limit() # $1 = log level, $2 = chain, $3 = display Chain $4 = dispositi
esac esac
if [ $? -ne 0 ] ; then if [ $? -ne 0 ] ; then
[ -z "STOPPING" ] && { stop_firewall; exit 2; } [ -z "$STOPPING" ] && { stop_firewall; exit 2; }
fi fi
} }

8
Shorewall/releasenotes.txt
View File

@ -5,7 +5,13 @@ Problems Corrected in 2.5.5:
1) The install script now installs the correct Makefile. Previously, 1) The install script now installs the correct Makefile. Previously,
the /etc/shorewall/actions file was identical to the Makefile. the /etc/shorewall/actions file was identical to the Makefile.
2) The IPSEC column in /etc/shorewall/zones has been renamed TYPE and 2) Error Handling was completely broken; operations such as
"shorewall start" would continue after what should have been fatal
errors.
New Features in 2.5.5:
1) The IPSEC column in /etc/shorewall/zones has been renamed TYPE and
can have one of the following values: can have one of the following values:
plain, -, or <empty> A normal zone plain, -, or <empty> A normal zone