holm/shorewall_code
1
0
Fork 0
forked from extern/shorewall_code
Code Pull Requests Activity

Centralize exporting

Browse Source 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
This commit is contained in:
Tom Eastep 2010-03-02 16:03:44 -08:00
parent cce4bf277a
commit 78a39ccad5
4 changed files with 194 additions and 202 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

119
Shorewall-lite/shorewall-lite
View File

@ -117,8 +117,6 @@ get_config() {
[ -n "$LOGFORMAT" ] || LOGFORMAT="Shorewall:"
export LOGFORMAT
if [ -n "$IPTABLES" ]; then
if [ ! -x "$IPTABLES" ]; then
echo " ERROR: The program specified in IPTABLES does not exist or is not executable" >&2
@ -132,8 +130,6 @@ get_config() {
fi
fi
export IPTABLES
if [ -n "$SHOREWALL_SHELL" ]; then
if [ ! -x "$SHOREWALL_SHELL" ]; then
echo " WARNING: The program specified in SHOREWALL_SHELL does not exist or is not executable; falling back to /bin/sh" >&2
@ -145,14 +141,10 @@ get_config() {
validate_restorefile RESTOREFILE
export RESTOREFILE
[ -n "${VERBOSITY:=2}" ]
[ -n "$g_use_verbosity" ] && VERBOSITY=$g_use_verbosity || VERBOSITY=$(($g_verbose_offset + $VERBOSITY))
export VERBOSITY
g_hostname=$(hostname 2> /dev/null)
}
@ -174,6 +166,35 @@ verify_firewall_script() {
fi
}
#
# Do required exports and run $SHOREWALL_SHELL
#
do_exports() {
export RESTOREFILE
export VERBOSITY
export NOROUTES
export PURGE
export TIMESTAMP
export PATH
export RECOVERING
export LOGFORMAT
export IPTABLES
}
#
# Do required exports and run or exec $SHOREWALL_SHELL
#
run_it() {
do_exports
$SHOREWALL_SHELL $@
}
exec_it() {
do_exports
exec $SHOREWALL_SHELL $@
}
#
# Start Command Executor
#
@ -187,7 +208,7 @@ start_command() {
[ -n "$nolock" ] || mutex_on
if [ -x ${LITEDIR}/firewall ]; then
${LITEDIR}/firewall $debugging start
run_it ${LITEDIR}/firewall $debugging start
rc=$?
else
error_message "${LITEDIR}/firewall is missing or is not executable"
@ -219,7 +240,7 @@ start_command() {
option=
;;
f*)
FAST=Yes
g_fast=Yes
option=${option#f}
;;
p*)
@ -248,37 +269,21 @@ start_command() {
;;
esac
export NOROUTES
export PURGE
if [ -n "$FAST" ]; then
if [ -n "$g_fast" ]; then
if qt mywhich make; then
#
# RESTOREFILE is exported by get_config()
#
make -qf ${CONFDIR}/Makefile || FAST=
export RESTOREFILE
make -qf ${CONFDIR}/Makefile || g_fast=
fi
if [ -n "$FAST" ]; then
if [ -n "$g_fast" ]; then
RESTOREPATH=${VARDIR}/$RESTOREFILE
if [ -x $RESTOREPATH ]; then
if [ -x ${RESTOREPATH}-ipsets ]; then
echo Restoring Ipsets...
#
# We must purge iptables to be sure that there are no
# references to ipsets
#
iptables -F
iptables -X
$SHOREWALL_SHELL ${RESTOREPATH}-ipsets
fi
g_restorepath=${VARDIR}/$RESTOREFILE
if [ -x $g_restorepath ]; then
echo Restoring Shorewall Lite...
$SHOREWALL_SHELL $RESTOREPATH restore
run_it $g_restorepath restore
date > ${VARDIR}/restarted
progress_message3 Shorewall Lite restored from $RESTOREPATH
progress_message3 Shorewall Lite restored from $g_restorepath
else
do_it
fi
@ -343,13 +348,10 @@ restart_command() {
;;
esac
export NOROUTES
export PURGE
[ -n "$nolock" ] || mutex_on
if [ -x ${LITEDIR}/firewall ]; then
$SHOREWALL_SHELL ${LITEDIR}/firewall $debugging restart
run_it ${LITEDIR}/firewall $debugging restart
rc=$?
else
error_message "${LITEDIR}/firewall is missing or is not executable"
@ -425,16 +427,13 @@ if [ $# -gt 0 ] && [ "$1" = "nolock" ]; then
shift
fi
IPT_OPTIONS="-nv"
FAST=
g_ipt_options="-nv"
g_fast=
g_verbose_offset=0
g_use_verbosity=
NOROUTES=
EXPORT=
export TIMESTAMP=
noroutes=
TIMESTAMP=
RECOVERING=
export RECOVERING
finished=0
@ -453,7 +452,7 @@ while [ $finished -eq 0 ]; do
while [ -n "$option" ]; do
case $option in
x*)
IPT_OPTIONS="-xnv"
g_ipt_options="-xnv"
option=${option#x}
;;
q*)
@ -461,7 +460,7 @@ while [ $finished -eq 0 ]; do
option=${option#q}
;;
f*)
FAST=Yes
g_fast=Yes
option=${option#f}
;;
v*)
@ -519,7 +518,6 @@ if [ $# -eq 0 ]; then
fi
PATH=/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/bin:/usr/local/sbin
export PATH
MUTEX_TIMEOUT=
SHAREDIR=/usr/share/shorewall-lite
@ -610,12 +608,11 @@ case "$COMMAND" in
stop|clear)
[ $# -ne 1 ] && usage 1
verify_firewall_script
export NOROUTES
exec $SHOREWALL_SHELL $g_firewall $debugging $nolock $COMMAND
exec_it $g_firewall $debugging $nolock $COMMAND
;;
reset)
verify_firewall_script
exec $SHOREWALL_SHELL $g_firewall $debugging $nolock $@
exec_it $SHOREWALL_SHELL $g_firewall $debugging $nolock $@
;;
restart)
shift
@ -731,7 +728,7 @@ case "$COMMAND" in
;;
esac
RESTOREPATH=${VARDIR}/$RESTOREFILE
g_restorepath=${VARDIR}/$RESTOREFILE
[ "$nolock" ] || mutex_on
@ -753,20 +750,20 @@ case "$COMMAND" in
esac
RESTOREPATH=${VARDIR}/$RESTOREFILE
g_restorepath=${VARDIR}/$RESTOREFILE
if [ -x $RESTOREPATH ]; then
if [ -x $g_restorepath ]; then
if [ -x ${RESTOREPATH}-ipsets ]; then
rm -f ${RESTOREPATH}-ipsets
echo " ${RESTOREPATH}-ipsets removed"
if [ -x ${g_restorepath}-ipsets ]; then
rm -f ${g_restorepath}-ipsets
echo " ${g_restorepath}-ipsets removed"
fi
rm -f $RESTOREPATH
rm -f ${RESTOREPATH}-iptables
echo " $RESTOREPATH removed"
elif [ -f $RESTOREPATH ]; then
echo " $RESTOREPATH exists and is not a saved Shorewall configuration"
rm -f $g_restorepath
rm -f ${g_restorepath}-iptables
echo " $g_restorepath removed"
elif [ -f $g_restorepath ]; then
echo " $g_restorepath exists and is not a saved Shorewall configuration"
fi
rm -f ${VARDIR}/save
;;

71
Shorewall/shorewall
View File

@ -161,8 +161,6 @@ get_config() {
validate_restorefile RESTOREFILE
export RESTOREFILE
if [ "$2" = Yes ]; then
case $STARTUP_ENABLED in
No|no|NO)
@ -254,8 +252,6 @@ get_config() {
VERBOSITY=2
fi
export VERBOSITY
g_hostname=$(hostname 2> /dev/null)
[ -n "$RSH_COMMAND" ] || RSH_COMMAND='ssh ${root}@${system} ${command}'
@ -360,7 +356,22 @@ compiler() {
set +a
perl $debugflags /usr/share/shorewall/compiler.pl $options $@
}
}
#
# Do required exports and run $SHOREWALL_SHELL
#
run_it() {
export RESTOREFILE
export VERBOSITY
export NOROUTES
export PURGE
export TIMESTAMP
export PATH
export RECOVERING
$SHOREWALL_SHELL $@
}
#
# Start Command Executor
@ -376,7 +387,7 @@ start_command() {
if [ -n "$AUTOMAKE" ]; then
[ -n "$nolock" ] || mutex_on
${VARDIR}/firewall $g_debugging start
run_it ${VARDIR}/firewall $g_debugging start
rc=$?
[ -n "$nolock" ] || mutex_off
else
@ -384,7 +395,7 @@ start_command() {
if compiler $g_debugging $nolock compile ${VARDIR}/.start; then
[ -n "$nolock" ] || mutex_on
${VARDIR}/.start $g_debugging start
run_it ${VARDIR}/.start $g_debugging start
rc=$?
[ -n "$nolock" ] || mutex_off
else
@ -463,14 +474,8 @@ start_command() {
;;
esac
export NOROUTES
export PURGE
if [ -n "${g_fast}${AUTOMAKE}" ]; then
if qt mywhich make; then
#
# RESTOREFILE is exported by get_config()
#
restorefile=$RESTOREFILE
if [ -z "$g_fast" ]; then
@ -480,8 +485,10 @@ start_command() {
RESTOREFILE=firewall
fi
if ! make -qf ${CONFDIR}/Makefile; then
g_fast=
export RESTOREFILE
if make -qf ${CONFDIR}/Makefile; then
g_fast=
AUTOMAKE=
fi
@ -496,7 +503,7 @@ start_command() {
if [ -x $g_restorepath ]; then
echo Restoring Shorewall...
$SHOREWALL_SHELL $g_restorepath restore
run_it $g_restorepath restore
date > ${VARDIR}/restarted
progress_message3 Shorewall restored from $g_restorepath
else
@ -746,9 +753,6 @@ restart_command() {
[ -n "$STARTUP_ENABLED" ] || fatal_error "Startup is disabled"
export NOROUTES
export PURGE
if [ -z "$g_fast" -a -n "$AUTOMAKE" ]; then
if qt mywhich make; then
#
@ -766,7 +770,7 @@ restart_command() {
if compiler $g_debugging $nolock compile ${VARDIR}/.restart; then
[ -n "$nolock" ] || mutex_on
$SHOREWALL_SHELL ${VARDIR}/.restart $g_debugging restart
run_it ${VARDIR}/.restart $g_debugging restart
rc=$?
[ -n "$nolock" ] || mutex_off
else
@ -776,7 +780,8 @@ restart_command() {
else
[ -x ${VARDIR}/firewall ] || fatal_error "No ${VARDIR}/firewall file found"
[ -n "$nolock" ] || mutex_on
$SHOREWALL_SHELL ${VARDIR}/firewall $g_debugging restart
do_export
run_it ${VARDIR}/firewall $g_debugging restart
rc=$?
[ -n "$nolock" ] || mutex_off
fi
@ -830,13 +835,11 @@ refresh_command() {
[ -n "$STARTUP_ENABLED" ] || fatal_error "Startup is disabled"
export NOROUTES
progress_message3 "Compiling..."
if compiler $g_debugging $nolock compile ${VARDIR}/.refresh; then
[ -n "$nolock" ] || mutex_on
$SHOREWALL_SHELL ${VARDIR}/.refresh $g_debugging refresh
run_it ${VARDIR}/.refresh $g_debugging refresh
rc=$?
[ -n "$nolock" ] || mutex_off
else
@ -941,11 +944,11 @@ safe_commands() {
case $command in
start)
export RESTOREFILE=NONE
RESTOREFILE=NONE
progress_message3 "Starting..."
;;
restart)
export RESTOREFILE=.safe
RESTOREFILE=.safe
g_restorepath=${VARDIR}/.safe
save_config
progress_message3 "Restarting..."
@ -1077,11 +1080,11 @@ try_command() {
case $command in
start)
export RESTOREFILE=NONE
RESTOREFILE=NONE
progress_message3 "Starting..."
;;
restart)
export RESTOREFILE=.try
RESTOREFILE=.try
g_restorepath=${VARDIR}/.try
save_config
progress_message3 "Restarting..."
@ -1407,7 +1410,6 @@ fi
SHOREWALL_DIR=
NOROUTES=
PURGE=
export TIMESTAMP=
g_ipt_options="-nv"
g_fast=
@ -1558,13 +1560,13 @@ if [ $# -eq 0 ]; then
fi
PATH=/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/bin:/usr/local/sbin
export PATH
MUTEX_TIMEOUT=
SHAREDIR=/usr/share/shorewall
CONFDIR=/etc/shorewall
g_product="Shorewall"
export RECOVERING=
RECOVERING=
TIMESTAMP=
[ -f ${CONFDIR}/vardir ] && . ${CONFDIR}/vardir
@ -1629,18 +1631,17 @@ case "$COMMAND" in
get_config
[ $# -ne 1 ] && usage 1
[ -x $g_firewall ] || fatal_error "Shorewall has never been started"
export NOROUTES
mutex_on
$SHOREWALL_SHELL $g_firewall $g_debugging $nolock $COMMAND
run_it $g_firewall $g_debugging $nolock $COMMAND
mutex_off
;;
reset)
get_config
export NOROUTES
shift
mutex_on
[ -x $g_firewall ] || fatal_error "Shorewall has never been started"
$SHOREWALL_SHELL $g_firewall $g_debugging $nolock reset $@
do_exports
run_it $g_firewall $g_debugging $nolock reset $@
mutex_off
;;
compile)

127
Shorewall6-lite/shorewall6-lite
View File

@ -117,8 +117,6 @@ get_config() {
[ -n "$LOGFORMAT" ] || LOGFORMAT="Shorewall:"
export LOGFORMAT
if [ -n "$IP6TABLES" ]; then
if [ ! -x "$IP6TABLES" ]; then
echo " ERROR: The program specified in IP6TABLES does not exist or is not executable" >&2
@ -132,8 +130,6 @@ get_config() {
fi
fi
export IP6TABLES
if [ -n "$SHOREWALL_SHELL" ]; then
if [ ! -x "$SHOREWALL_SHELL" ]; then
echo " WARNING: The program specified in SHOREWALL_SHELL does not exist or is not executable; falling back to /bin/sh" >&2
@ -145,14 +141,10 @@ get_config() {
validate_restorefile RESTOREFILE
export RESTOREFILE
[ -n "${VERBOSITY:=2}" ]
[ -n "$g_use_verbosity" ] && VERBOSITY=$g_use_verbosity || VERBOSITY=$(($g_verbose_offset + $VERBOSITY))
export VERBOSITY
g_hostname=$(hostname 2> /dev/null)
}
@ -174,6 +166,35 @@ verify_firewall_script() {
fi
}
#
# Do required exports and run $SHOREWALL_SHELL
#
do_exports() {
export RESTOREFILE
export VERBOSITY
export NOROUTES
export PURGE
export TIMESTAMP
export PATH
export RECOVERING
export LOGFORMAT
export IP6TABLES
}
#
# Do required exports and run or exec $SHOREWALL_SHELL
#
run_it() {
do_exports
$SHOREWALL_SHELL $@
}
exec_it() {
do_exports
exec $SHOREWALL_SHELL $@
}
#
# Start Command Executor
#
@ -187,7 +208,7 @@ start_command() {
[ -n "$nolock" ] || mutex_on
if [ -x ${LITEDIR}/firewall ]; then
${LITEDIR}/firewall $debugging start
run_it ${LITEDIR}/firewall $debugging start
rc=$?
else
error_message "${LITEDIR}/firewall is missing or is not executable"
@ -219,7 +240,7 @@ start_command() {
option=
;;
f*)
FAST=Yes
g_fast=Yes
option=${option#f}
;;
p*)
@ -244,41 +265,24 @@ start_command() {
0)
;;
*)
usage 1
;;
usage 1 ;;
esac
export NOROUTES
export PURGE
if [ -n "$FAST" ]; then
if [ -n "$g_fast" ]; then
if qt mywhich make; then
#
# RESTOREFILE is exported by get_config()
#
make -qf ${CONFDIR}/Makefile || FAST=
export RESTOREFILE
make -qf ${CONFDIR}/Makefile || g_fast=
fi
if [ -n "$FAST" ]; then
if [ -n "$g_fast" ]; then
RESTOREPATH=${VARDIR}/$RESTOREFILE
if [ -x $RESTOREPATH ]; then
if [ -x ${RESTOREPATH}-ipsets ]; then
echo Restoring Ipsets...
#
# We must purge iptables to be sure that there are no
# references to ipsets
#
iptables -F
iptables -X
$SHOREWALL_SHELL ${RESTOREPATH}-ipsets
fi
g_restorepath=${VARDIR}/$RESTOREFILE
if [ -x $g_restorepath ]; then
echo Restoring Shorewall6 Lite...
$SHOREWALL_SHELL $RESTOREPATH restore
run_it $g_restorepath restore
date > ${VARDIR}/restarted
progress_message3 Shorewall6 Lite restored from $RESTOREPATH
progress_message3 Shorewall6 Lite restored from $g_restorepath
else
do_it
fi
@ -343,13 +347,10 @@ restart_command() {
;;
esac
export NOROUTES
export PURGE
[ -n "$nolock" ] || mutex_on
if [ -x ${LITEDIR}/firewall ]; then
$SHOREWALL_SHELL ${LITEDIR}/firewall $debugging restart
run_it ${LITEDIR}/firewall $debugging restart
rc=$?
else
error_message "${LITEDIR}/firewall is missing or is not executable"
@ -410,16 +411,14 @@ if [ $# -gt 0 ] && [ "$1" = "nolock" ]; then
shift
fi
IPT_OPTIONS="-nv"
FAST=
g_ipt_options="-nv"
g_fast=
g_verbose_offset=0
g_use_verbosity=
NOROUTES=
EXPORT=
export TIMESTAMP=
TIMESTAMP=
RECOVERING=
export RECOVERING
noroutes=
PURGE=
finished=0
@ -438,7 +437,7 @@ while [ $finished -eq 0 ]; do
while [ -n "$option" ]; do
case $option in
x*)
IPT_OPTIONS="-xnv"
g_ipt_options="-xnv"
option=${option#x}
;;
q*)
@ -446,7 +445,7 @@ while [ $finished -eq 0 ]; do
option=${option#q}
;;
f*)
FAST=Yes
g_fast=Yes
option=${option#f}
;;
v*)
@ -504,7 +503,6 @@ if [ $# -eq 0 ]; then
fi
PATH=/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/bin:/usr/local/sbin
export PATH
MUTEX_TIMEOUT=
SHAREDIR=/usr/share/shorewall6-lite
@ -517,11 +515,10 @@ g_product="Shorewall6 Lite"
[ -d $VARDIR ] || mkdir -p $VARDIR || fatal_error "Unable to create $VARDIR"
LIBRARIES="$SHAREDIR/lib.base $SHAREDIR/lib.cli"
libraries="$SHAREDIR/lib.base $SHAREDIR/lib.cli"
version_file=$SHAREDIR/version
HELP=$SHAREDIR/help
for library in $LIBRARIES; do
for library in $libraries; do
if [ -f $library ]; then
. $library
else
@ -547,7 +544,6 @@ else
fi
ensure_config_path
export CONFIG_PATH
LITEDIR=${VARDIR}
@ -597,8 +593,7 @@ case "$COMMAND" in
stop|reset|clear)
[ $# -ne 1 ] && usage 1
verify_firewall_script
export NOROUTES
exec $SHOREWALL_SHELL $g_firewall $debugging $nolock $COMMAND
exec_it $g_firewall $debugging $nolock $COMMAND
;;
restart)
shift
@ -704,7 +699,7 @@ case "$COMMAND" in
;;
esac
RESTOREPATH=${VARDIR}/$RESTOREFILE
g_restorepath=${VARDIR}/$RESTOREFILE
[ "$nolock" ] || mutex_on
@ -726,20 +721,20 @@ case "$COMMAND" in
esac
RESTOREPATH=${VARDIR}/$RESTOREFILE
g_restorepath=${VARDIR}/$RESTOREFILE
if [ -x $RESTOREPATH ]; then
if [ -x $g_restorepath ]; then
if [ -x ${RESTOREPATH}-ipsets ]; then
rm -f ${RESTOREPATH}-ipsets
echo " ${RESTOREPATH}-ipsets removed"
if [ -x ${g_restorepath}-ipsets ]; then
rm -f ${g_restorepath}-ipsets
echo " ${g_restorepath}-ipsets removed"
fi
rm -f $RESTOREPATH
rm -f ${RESTOREPATH}-iptables
echo " $RESTOREPATH removed"
elif [ -f $RESTOREPATH ]; then
echo " $RESTOREPATH exists and is not a saved Shorewall6 configuration"
rm -f $g_restorepath
rm -f ${g_restorepath}-iptables
echo " $g_restorepath removed"
elif [ -f $g_restorepath ]; then
echo " $g_restorepath exists and is not a saved Shorewall6 configuration"
fi
rm -f ${VARDIR}/save
;;

79
Shorewall6/shorewall6
View File

@ -99,8 +99,6 @@ get_config() {
validate_restorefile RESTOREFILE
export RESTOREFILE
if [ "$2" = Yes ]; then
case $STARTUP_ENABLED in
No|no|NO)
@ -180,8 +178,6 @@ get_config() {
VERBOSITY=2
fi
export VERBOSITY
g_hostname=$(hostname 2> /dev/null)
[ -n "$RSH_COMMAND" ] || RSH_COMMAND='ssh ${root}@${system} ${command}'
@ -302,6 +298,21 @@ compiler() {
$command perl $debugflags $pc $options $@
}
#
# Do required exports and run $SHOREWALL_SHELL
#
run_it() {
export RESTOREFILE
export VERBOSITY
export NOROUTES
export PURGE
export TIMESTAMP
export PATH
export RECOVERING
$SHOREWALL_SHELL $@
}
#
# Start Command Executor
#
@ -316,7 +327,7 @@ start_command() {
if [ -n "$AUTOMAKE" ]; then
[ -n "$nolock" ] || mutex_on
${VARDIR}/firewall $g_debugging start
run_it ${VARDIR}/firewall $g_debugging start
rc=$?
[ -n "$nolock" ] || mutex_off
else
@ -324,7 +335,7 @@ start_command() {
if compiler run $g_debugging $nolock compile ${VARDIR}/.start; then
[ -n "$nolock" ] || mutex_on
${VARDIR}/.start $g_debugging start
run_it ${VARDIR}/.start $g_debugging start
rc=$?
[ -n "$nolock" ] || mutex_off
else
@ -398,15 +409,9 @@ start_command() {
;;
esac
export NOROUTES
export PURGE
if [ -n "${g_fast}${AUTOMAKE}" ]; then
if qt mywhich make; then
restorefile=$RESTOREFILE
#
# RESTOREFILE is exported by get_config()
#
if [ -z "$g_fast" ]; then
#
# Autofast -- use the last compiled script
@ -414,8 +419,10 @@ start_command() {
RESTOREFILE=firewall
fi
if ! make -qf ${CONFDIR}/Makefile; then
g_fast=
export RESTOREFILE
if make -qf ${CONFDIR}/Makefile; then
g_fast=
AUTOMAKE=
fi
@ -430,7 +437,7 @@ start_command() {
if [ -x $g_restorepath ]; then
echo Restoring Shorewall6...
$SHOREWALL_SHELL $g_restorepath restore
run_it $g_restorepath restore
date > ${VARDIR}/restarted
progress_message3 Shorewall6 restored from $g_restorepath
else
@ -680,9 +687,6 @@ restart_command() {
[ -n "$STARTUP_ENABLED" ] || fatal_error "Startup is disabled"
export NOROUTES
export PURGE
if [ -z "$g_fast" -a -n "$AUTOMAKE" ]; then
if qt mywhich make; then
#
@ -700,7 +704,7 @@ restart_command() {
if compiler run $g_debugging $nolock compile ${VARDIR}/.restart; then
[ -n "$nolock" ] || mutex_on
$SHOREWALL_SHELL ${VARDIR}/.restart $g_debugging restart
run_it ${VARDIR}/.restart $g_debugging restart
rc=$?
[ -n "$nolock" ] || mutex_off
else
@ -710,7 +714,7 @@ restart_command() {
else
[ -x ${VARDIR}/firewall ] || fatal_error "No ${VARDIR}/firewall file found"
[ -n "$nolock" ] || mutex_on
$SHOREWALL_SHELL ${VARDIR}/firewall $g_debugging restart
run_it ${VARDIR}/firewall $g_debugging restart
rc=$?
[ -n "$nolock" ] || mutex_off
fi
@ -764,13 +768,11 @@ refresh_command() {
[ -n "$STARTUP_ENABLED" ] || fatal_error "Startup is disabled"
export NOROUTES
progress_message3 "Compiling..."
if compiler run $g_debugging $nolock compile ${VARDIR}/.refresh; then
[ -n "$nolock" ] || mutex_on
$SHOREWALL_SHELL ${VARDIR}/.refresh $g_debugging refresh
run_it ${VARDIR}/.refresh $g_debugging refresh
rc=$?
[ -n "$nolock" ] || mutex_off
else
@ -875,11 +877,11 @@ safe_commands() {
case $command in
start)
export RESTOREFILE=NONE
RESTOREFILE=NONE
progress_message3 "Starting..."
;;
restart)
export RESTOREFILE=.safe
RESTOREFILE=.safe
g_restorepath=${VARDIR}/.safe
save_config
progress_message3 "Restarting..."
@ -888,7 +890,7 @@ safe_commands() {
[ -n "$nolock" ] || mutex_on
if ${VARDIR}/.$command $command; then
if run_it ${VARDIR}/.$command $command; then
echo -n "Do you want to accept the new firewall configuration? [y/n] "
@ -896,9 +898,9 @@ safe_commands() {
echo "New configuration has been accepted"
else
if [ "$command" = "restart" ]; then
${VARDIR}/.safe restore
run_it ${VARDIR}/.safe restore
else
${VARDIR}/.$command clear
run_it ${VARDIR}/.$command clear
fi
[ -n "$nolock" ] || mutex_off
@ -1011,11 +1013,11 @@ try_command() {
case $command in
start)
export RESTOREFILE=NONE
RESTOREFILE=NONE
progress_message3 "Starting..."
;;
restart)
export RESTOREFILE=.try
RESTOREFILE=.try
g_restorepath=${VARDIR}/.try
save_config
progress_message3 "Restarting..."
@ -1024,13 +1026,13 @@ try_command() {
[ -n "$nolock" ] || mutex_on
if ${VARDIR}/.$command $command && [ -n "$timeout" ]; then
if run_it ${VARDIR}/.$command $command && [ -n "$timeout" ]; then
sleep $timeout
if [ "$command" = "restart" ]; then
${VARDIR}/.try restore
run_it ${VARDIR}/.try restore
else
${VARDIR}/.$command clear
run_it ${VARDIR}/.$command clear
fi
fi
@ -1330,7 +1332,7 @@ g_export=
NOROUTES=
PURGE=
export TIMESTAMP=
TIMESTAMP=
finished=0
@ -1478,13 +1480,12 @@ if [ $# -eq 0 ]; then
fi
PATH=/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/bin:/usr/local/sbin
export PATH
MUTEX_TIMEOUT=
SHAREDIR=/usr/share/shorewall6
CONFDIR=/etc/shorewall6
g_product="Shorewall6"
export RECOVERING=
RECOVERING=
[ -f ${CONFDIR}/vardir ] && . ${CONFDIR}/vardir
@ -1549,18 +1550,16 @@ case "$COMMAND" in
[ $# -ne 1 ] && usage 1
get_config
[ -x $g_firewall ] || fatal_error "Shorewall6 has never been started"
export NOROUTES
mutex_on
$SHOREWALL_SHELL $g_firewall $g_debugging $nolock $COMMAND
run_it $g_firewall $g_debugging $nolock $COMMAND
mutex_off
;;
reset)
get_config
export NOROUTES
shift
mutex_on
[ -x $g_firewall ] || fatal_error "Shorewall6 has never been started"
$SHOREWALL_SHELL $g_firewall $g_debugging $nolock reset $@
run_it $g_firewall $g_debugging $nolock reset $@
mutex_off
;;
compile)