diff --git a/Shorewall-lite/shorewall-lite b/Shorewall-lite/shorewall-lite index acd44a02b..714159c23 100755 --- a/Shorewall-lite/shorewall-lite +++ b/Shorewall-lite/shorewall-lite @@ -117,8 +117,6 @@ get_config() { [ -n "$LOGFORMAT" ] || LOGFORMAT="Shorewall:" - export LOGFORMAT - if [ -n "$IPTABLES" ]; then if [ ! -x "$IPTABLES" ]; then echo " ERROR: The program specified in IPTABLES does not exist or is not executable" >&2 @@ -132,8 +130,6 @@ get_config() { fi fi - export IPTABLES - if [ -n "$SHOREWALL_SHELL" ]; then if [ ! -x "$SHOREWALL_SHELL" ]; then echo " WARNING: The program specified in SHOREWALL_SHELL does not exist or is not executable; falling back to /bin/sh" >&2 @@ -145,14 +141,10 @@ get_config() { validate_restorefile RESTOREFILE - export RESTOREFILE - [ -n "${VERBOSITY:=2}" ] [ -n "$g_use_verbosity" ] && VERBOSITY=$g_use_verbosity || VERBOSITY=$(($g_verbose_offset + $VERBOSITY)) - export VERBOSITY - g_hostname=$(hostname 2> /dev/null) } @@ -174,6 +166,35 @@ verify_firewall_script() { fi } +# +# Do required exports and run $SHOREWALL_SHELL +# +do_exports() { + export RESTOREFILE + export VERBOSITY + export NOROUTES + export PURGE + export TIMESTAMP + export PATH + export RECOVERING + + export LOGFORMAT + export IPTABLES +} + +# +# Do required exports and run or exec $SHOREWALL_SHELL +# +run_it() { + do_exports + $SHOREWALL_SHELL $@ +} + +exec_it() { + do_exports + exec $SHOREWALL_SHELL $@ +} + # # Start Command Executor # @@ -187,7 +208,7 @@ start_command() { [ -n "$nolock" ] || mutex_on if [ -x ${LITEDIR}/firewall ]; then - ${LITEDIR}/firewall $debugging start + run_it ${LITEDIR}/firewall $debugging start rc=$? else error_message "${LITEDIR}/firewall is missing or is not executable" @@ -219,7 +240,7 @@ start_command() { option= ;; f*) - FAST=Yes + g_fast=Yes option=${option#f} ;; p*) @@ -248,37 +269,21 @@ start_command() { ;; esac - export NOROUTES - export PURGE - - if [ -n "$FAST" ]; then + if [ -n "$g_fast" ]; then if qt mywhich make; then - # - # RESTOREFILE is exported by get_config() - # - make -qf ${CONFDIR}/Makefile || FAST= + export RESTOREFILE + make -qf ${CONFDIR}/Makefile || g_fast= fi - if [ -n "$FAST" ]; then + if [ -n "$g_fast" ]; then - RESTOREPATH=${VARDIR}/$RESTOREFILE - - if [ -x $RESTOREPATH ]; then - if [ -x ${RESTOREPATH}-ipsets ]; then - echo Restoring Ipsets... - # - # We must purge iptables to be sure that there are no - # references to ipsets - # - iptables -F - iptables -X - $SHOREWALL_SHELL ${RESTOREPATH}-ipsets - fi + g_restorepath=${VARDIR}/$RESTOREFILE + if [ -x $g_restorepath ]; then echo Restoring Shorewall Lite... - $SHOREWALL_SHELL $RESTOREPATH restore + run_it $g_restorepath restore date > ${VARDIR}/restarted - progress_message3 Shorewall Lite restored from $RESTOREPATH + progress_message3 Shorewall Lite restored from $g_restorepath else do_it fi @@ -343,13 +348,10 @@ restart_command() { ;; esac - export NOROUTES - export PURGE - [ -n "$nolock" ] || mutex_on if [ -x ${LITEDIR}/firewall ]; then - $SHOREWALL_SHELL ${LITEDIR}/firewall $debugging restart + run_it ${LITEDIR}/firewall $debugging restart rc=$? else error_message "${LITEDIR}/firewall is missing or is not executable" @@ -425,16 +427,13 @@ if [ $# -gt 0 ] && [ "$1" = "nolock" ]; then shift fi -IPT_OPTIONS="-nv" -FAST= +g_ipt_options="-nv" +g_fast= g_verbose_offset=0 g_use_verbosity= NOROUTES= -EXPORT= -export TIMESTAMP= -noroutes= +TIMESTAMP= RECOVERING= -export RECOVERING finished=0 @@ -453,7 +452,7 @@ while [ $finished -eq 0 ]; do while [ -n "$option" ]; do case $option in x*) - IPT_OPTIONS="-xnv" + g_ipt_options="-xnv" option=${option#x} ;; q*) @@ -461,7 +460,7 @@ while [ $finished -eq 0 ]; do option=${option#q} ;; f*) - FAST=Yes + g_fast=Yes option=${option#f} ;; v*) @@ -519,7 +518,6 @@ if [ $# -eq 0 ]; then fi PATH=/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/bin:/usr/local/sbin -export PATH MUTEX_TIMEOUT= SHAREDIR=/usr/share/shorewall-lite @@ -610,12 +608,11 @@ case "$COMMAND" in stop|clear) [ $# -ne 1 ] && usage 1 verify_firewall_script - export NOROUTES - exec $SHOREWALL_SHELL $g_firewall $debugging $nolock $COMMAND + exec_it $g_firewall $debugging $nolock $COMMAND ;; reset) verify_firewall_script - exec $SHOREWALL_SHELL $g_firewall $debugging $nolock $@ + exec_it $SHOREWALL_SHELL $g_firewall $debugging $nolock $@ ;; restart) shift @@ -731,7 +728,7 @@ case "$COMMAND" in ;; esac - RESTOREPATH=${VARDIR}/$RESTOREFILE + g_restorepath=${VARDIR}/$RESTOREFILE [ "$nolock" ] || mutex_on @@ -753,20 +750,20 @@ case "$COMMAND" in esac - RESTOREPATH=${VARDIR}/$RESTOREFILE + g_restorepath=${VARDIR}/$RESTOREFILE - if [ -x $RESTOREPATH ]; then + if [ -x $g_restorepath ]; then - if [ -x ${RESTOREPATH}-ipsets ]; then - rm -f ${RESTOREPATH}-ipsets - echo " ${RESTOREPATH}-ipsets removed" + if [ -x ${g_restorepath}-ipsets ]; then + rm -f ${g_restorepath}-ipsets + echo " ${g_restorepath}-ipsets removed" fi - rm -f $RESTOREPATH - rm -f ${RESTOREPATH}-iptables - echo " $RESTOREPATH removed" - elif [ -f $RESTOREPATH ]; then - echo " $RESTOREPATH exists and is not a saved Shorewall configuration" + rm -f $g_restorepath + rm -f ${g_restorepath}-iptables + echo " $g_restorepath removed" + elif [ -f $g_restorepath ]; then + echo " $g_restorepath exists and is not a saved Shorewall configuration" fi rm -f ${VARDIR}/save ;; diff --git a/Shorewall/shorewall b/Shorewall/shorewall index ef065c9a1..b50fb330c 100755 --- a/Shorewall/shorewall +++ b/Shorewall/shorewall @@ -161,8 +161,6 @@ get_config() { validate_restorefile RESTOREFILE - export RESTOREFILE - if [ "$2" = Yes ]; then case $STARTUP_ENABLED in No|no|NO) @@ -254,8 +252,6 @@ get_config() { VERBOSITY=2 fi - export VERBOSITY - g_hostname=$(hostname 2> /dev/null) [ -n "$RSH_COMMAND" ] || RSH_COMMAND='ssh ${root}@${system} ${command}' @@ -360,7 +356,22 @@ compiler() { set +a perl $debugflags /usr/share/shorewall/compiler.pl $options $@ -} +} + +# +# Do required exports and run $SHOREWALL_SHELL +# +run_it() { + export RESTOREFILE + export VERBOSITY + export NOROUTES + export PURGE + export TIMESTAMP + export PATH + export RECOVERING + + $SHOREWALL_SHELL $@ +} # # Start Command Executor @@ -376,7 +387,7 @@ start_command() { if [ -n "$AUTOMAKE" ]; then [ -n "$nolock" ] || mutex_on - ${VARDIR}/firewall $g_debugging start + run_it ${VARDIR}/firewall $g_debugging start rc=$? [ -n "$nolock" ] || mutex_off else @@ -384,7 +395,7 @@ start_command() { if compiler $g_debugging $nolock compile ${VARDIR}/.start; then [ -n "$nolock" ] || mutex_on - ${VARDIR}/.start $g_debugging start + run_it ${VARDIR}/.start $g_debugging start rc=$? [ -n "$nolock" ] || mutex_off else @@ -463,14 +474,8 @@ start_command() { ;; esac - export NOROUTES - export PURGE - if [ -n "${g_fast}${AUTOMAKE}" ]; then if qt mywhich make; then - # - # RESTOREFILE is exported by get_config() - # restorefile=$RESTOREFILE if [ -z "$g_fast" ]; then @@ -480,8 +485,10 @@ start_command() { RESTOREFILE=firewall fi - if ! make -qf ${CONFDIR}/Makefile; then - g_fast= + export RESTOREFILE + + if make -qf ${CONFDIR}/Makefile; then + g_fast= AUTOMAKE= fi @@ -496,7 +503,7 @@ start_command() { if [ -x $g_restorepath ]; then echo Restoring Shorewall... - $SHOREWALL_SHELL $g_restorepath restore + run_it $g_restorepath restore date > ${VARDIR}/restarted progress_message3 Shorewall restored from $g_restorepath else @@ -746,9 +753,6 @@ restart_command() { [ -n "$STARTUP_ENABLED" ] || fatal_error "Startup is disabled" - export NOROUTES - export PURGE - if [ -z "$g_fast" -a -n "$AUTOMAKE" ]; then if qt mywhich make; then # @@ -766,7 +770,7 @@ restart_command() { if compiler $g_debugging $nolock compile ${VARDIR}/.restart; then [ -n "$nolock" ] || mutex_on - $SHOREWALL_SHELL ${VARDIR}/.restart $g_debugging restart + run_it ${VARDIR}/.restart $g_debugging restart rc=$? [ -n "$nolock" ] || mutex_off else @@ -776,7 +780,8 @@ restart_command() { else [ -x ${VARDIR}/firewall ] || fatal_error "No ${VARDIR}/firewall file found" [ -n "$nolock" ] || mutex_on - $SHOREWALL_SHELL ${VARDIR}/firewall $g_debugging restart + do_export + run_it ${VARDIR}/firewall $g_debugging restart rc=$? [ -n "$nolock" ] || mutex_off fi @@ -830,13 +835,11 @@ refresh_command() { [ -n "$STARTUP_ENABLED" ] || fatal_error "Startup is disabled" - export NOROUTES - progress_message3 "Compiling..." if compiler $g_debugging $nolock compile ${VARDIR}/.refresh; then [ -n "$nolock" ] || mutex_on - $SHOREWALL_SHELL ${VARDIR}/.refresh $g_debugging refresh + run_it ${VARDIR}/.refresh $g_debugging refresh rc=$? [ -n "$nolock" ] || mutex_off else @@ -941,11 +944,11 @@ safe_commands() { case $command in start) - export RESTOREFILE=NONE + RESTOREFILE=NONE progress_message3 "Starting..." ;; restart) - export RESTOREFILE=.safe + RESTOREFILE=.safe g_restorepath=${VARDIR}/.safe save_config progress_message3 "Restarting..." @@ -1077,11 +1080,11 @@ try_command() { case $command in start) - export RESTOREFILE=NONE + RESTOREFILE=NONE progress_message3 "Starting..." ;; restart) - export RESTOREFILE=.try + RESTOREFILE=.try g_restorepath=${VARDIR}/.try save_config progress_message3 "Restarting..." @@ -1407,7 +1410,6 @@ fi SHOREWALL_DIR= NOROUTES= PURGE= -export TIMESTAMP= g_ipt_options="-nv" g_fast= @@ -1558,13 +1560,13 @@ if [ $# -eq 0 ]; then fi PATH=/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/bin:/usr/local/sbin -export PATH MUTEX_TIMEOUT= SHAREDIR=/usr/share/shorewall CONFDIR=/etc/shorewall g_product="Shorewall" -export RECOVERING= +RECOVERING= +TIMESTAMP= [ -f ${CONFDIR}/vardir ] && . ${CONFDIR}/vardir @@ -1629,18 +1631,17 @@ case "$COMMAND" in get_config [ $# -ne 1 ] && usage 1 [ -x $g_firewall ] || fatal_error "Shorewall has never been started" - export NOROUTES mutex_on - $SHOREWALL_SHELL $g_firewall $g_debugging $nolock $COMMAND + run_it $g_firewall $g_debugging $nolock $COMMAND mutex_off ;; reset) get_config - export NOROUTES shift mutex_on [ -x $g_firewall ] || fatal_error "Shorewall has never been started" - $SHOREWALL_SHELL $g_firewall $g_debugging $nolock reset $@ + do_exports + run_it $g_firewall $g_debugging $nolock reset $@ mutex_off ;; compile) diff --git a/Shorewall6-lite/shorewall6-lite b/Shorewall6-lite/shorewall6-lite index 28361fe64..c64369e1b 100755 --- a/Shorewall6-lite/shorewall6-lite +++ b/Shorewall6-lite/shorewall6-lite @@ -117,8 +117,6 @@ get_config() { [ -n "$LOGFORMAT" ] || LOGFORMAT="Shorewall:" - export LOGFORMAT - if [ -n "$IP6TABLES" ]; then if [ ! -x "$IP6TABLES" ]; then echo " ERROR: The program specified in IP6TABLES does not exist or is not executable" >&2 @@ -132,8 +130,6 @@ get_config() { fi fi - export IP6TABLES - if [ -n "$SHOREWALL_SHELL" ]; then if [ ! -x "$SHOREWALL_SHELL" ]; then echo " WARNING: The program specified in SHOREWALL_SHELL does not exist or is not executable; falling back to /bin/sh" >&2 @@ -145,14 +141,10 @@ get_config() { validate_restorefile RESTOREFILE - export RESTOREFILE - [ -n "${VERBOSITY:=2}" ] [ -n "$g_use_verbosity" ] && VERBOSITY=$g_use_verbosity || VERBOSITY=$(($g_verbose_offset + $VERBOSITY)) - export VERBOSITY - g_hostname=$(hostname 2> /dev/null) } @@ -174,6 +166,35 @@ verify_firewall_script() { fi } +# +# Do required exports and run $SHOREWALL_SHELL +# +do_exports() { + export RESTOREFILE + export VERBOSITY + export NOROUTES + export PURGE + export TIMESTAMP + export PATH + export RECOVERING + + export LOGFORMAT + export IP6TABLES +} + +# +# Do required exports and run or exec $SHOREWALL_SHELL +# +run_it() { + do_exports + $SHOREWALL_SHELL $@ +} + +exec_it() { + do_exports + exec $SHOREWALL_SHELL $@ +} + # # Start Command Executor # @@ -187,7 +208,7 @@ start_command() { [ -n "$nolock" ] || mutex_on if [ -x ${LITEDIR}/firewall ]; then - ${LITEDIR}/firewall $debugging start + run_it ${LITEDIR}/firewall $debugging start rc=$? else error_message "${LITEDIR}/firewall is missing or is not executable" @@ -219,7 +240,7 @@ start_command() { option= ;; f*) - FAST=Yes + g_fast=Yes option=${option#f} ;; p*) @@ -244,41 +265,24 @@ start_command() { 0) ;; *) - usage 1 - ;; + usage 1 ;; esac - export NOROUTES - export PURGE - - if [ -n "$FAST" ]; then + if [ -n "$g_fast" ]; then if qt mywhich make; then - # - # RESTOREFILE is exported by get_config() - # - make -qf ${CONFDIR}/Makefile || FAST= + export RESTOREFILE + make -qf ${CONFDIR}/Makefile || g_fast= fi - if [ -n "$FAST" ]; then + if [ -n "$g_fast" ]; then - RESTOREPATH=${VARDIR}/$RESTOREFILE - - if [ -x $RESTOREPATH ]; then - if [ -x ${RESTOREPATH}-ipsets ]; then - echo Restoring Ipsets... - # - # We must purge iptables to be sure that there are no - # references to ipsets - # - iptables -F - iptables -X - $SHOREWALL_SHELL ${RESTOREPATH}-ipsets - fi + g_restorepath=${VARDIR}/$RESTOREFILE + if [ -x $g_restorepath ]; then echo Restoring Shorewall6 Lite... - $SHOREWALL_SHELL $RESTOREPATH restore + run_it $g_restorepath restore date > ${VARDIR}/restarted - progress_message3 Shorewall6 Lite restored from $RESTOREPATH + progress_message3 Shorewall6 Lite restored from $g_restorepath else do_it fi @@ -343,13 +347,10 @@ restart_command() { ;; esac - export NOROUTES - export PURGE - [ -n "$nolock" ] || mutex_on if [ -x ${LITEDIR}/firewall ]; then - $SHOREWALL_SHELL ${LITEDIR}/firewall $debugging restart + run_it ${LITEDIR}/firewall $debugging restart rc=$? else error_message "${LITEDIR}/firewall is missing or is not executable" @@ -410,16 +411,14 @@ if [ $# -gt 0 ] && [ "$1" = "nolock" ]; then shift fi -IPT_OPTIONS="-nv" -FAST= +g_ipt_options="-nv" +g_fast= g_verbose_offset=0 g_use_verbosity= NOROUTES= -EXPORT= -export TIMESTAMP= +TIMESTAMP= RECOVERING= -export RECOVERING -noroutes= +PURGE= finished=0 @@ -438,7 +437,7 @@ while [ $finished -eq 0 ]; do while [ -n "$option" ]; do case $option in x*) - IPT_OPTIONS="-xnv" + g_ipt_options="-xnv" option=${option#x} ;; q*) @@ -446,7 +445,7 @@ while [ $finished -eq 0 ]; do option=${option#q} ;; f*) - FAST=Yes + g_fast=Yes option=${option#f} ;; v*) @@ -504,7 +503,6 @@ if [ $# -eq 0 ]; then fi PATH=/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/bin:/usr/local/sbin -export PATH MUTEX_TIMEOUT= SHAREDIR=/usr/share/shorewall6-lite @@ -517,11 +515,10 @@ g_product="Shorewall6 Lite" [ -d $VARDIR ] || mkdir -p $VARDIR || fatal_error "Unable to create $VARDIR" -LIBRARIES="$SHAREDIR/lib.base $SHAREDIR/lib.cli" +libraries="$SHAREDIR/lib.base $SHAREDIR/lib.cli" version_file=$SHAREDIR/version -HELP=$SHAREDIR/help -for library in $LIBRARIES; do +for library in $libraries; do if [ -f $library ]; then . $library else @@ -547,7 +544,6 @@ else fi ensure_config_path -export CONFIG_PATH LITEDIR=${VARDIR} @@ -597,8 +593,7 @@ case "$COMMAND" in stop|reset|clear) [ $# -ne 1 ] && usage 1 verify_firewall_script - export NOROUTES - exec $SHOREWALL_SHELL $g_firewall $debugging $nolock $COMMAND + exec_it $g_firewall $debugging $nolock $COMMAND ;; restart) shift @@ -704,7 +699,7 @@ case "$COMMAND" in ;; esac - RESTOREPATH=${VARDIR}/$RESTOREFILE + g_restorepath=${VARDIR}/$RESTOREFILE [ "$nolock" ] || mutex_on @@ -726,20 +721,20 @@ case "$COMMAND" in esac - RESTOREPATH=${VARDIR}/$RESTOREFILE + g_restorepath=${VARDIR}/$RESTOREFILE - if [ -x $RESTOREPATH ]; then + if [ -x $g_restorepath ]; then - if [ -x ${RESTOREPATH}-ipsets ]; then - rm -f ${RESTOREPATH}-ipsets - echo " ${RESTOREPATH}-ipsets removed" + if [ -x ${g_restorepath}-ipsets ]; then + rm -f ${g_restorepath}-ipsets + echo " ${g_restorepath}-ipsets removed" fi - rm -f $RESTOREPATH - rm -f ${RESTOREPATH}-iptables - echo " $RESTOREPATH removed" - elif [ -f $RESTOREPATH ]; then - echo " $RESTOREPATH exists and is not a saved Shorewall6 configuration" + rm -f $g_restorepath + rm -f ${g_restorepath}-iptables + echo " $g_restorepath removed" + elif [ -f $g_restorepath ]; then + echo " $g_restorepath exists and is not a saved Shorewall6 configuration" fi rm -f ${VARDIR}/save ;; diff --git a/Shorewall6/shorewall6 b/Shorewall6/shorewall6 index 838c451d7..973024eea 100755 --- a/Shorewall6/shorewall6 +++ b/Shorewall6/shorewall6 @@ -99,8 +99,6 @@ get_config() { validate_restorefile RESTOREFILE - export RESTOREFILE - if [ "$2" = Yes ]; then case $STARTUP_ENABLED in No|no|NO) @@ -180,8 +178,6 @@ get_config() { VERBOSITY=2 fi - export VERBOSITY - g_hostname=$(hostname 2> /dev/null) [ -n "$RSH_COMMAND" ] || RSH_COMMAND='ssh ${root}@${system} ${command}' @@ -302,6 +298,21 @@ compiler() { $command perl $debugflags $pc $options $@ } +# +# Do required exports and run $SHOREWALL_SHELL +# +run_it() { + export RESTOREFILE + export VERBOSITY + export NOROUTES + export PURGE + export TIMESTAMP + export PATH + export RECOVERING + + $SHOREWALL_SHELL $@ +} + # # Start Command Executor # @@ -316,7 +327,7 @@ start_command() { if [ -n "$AUTOMAKE" ]; then [ -n "$nolock" ] || mutex_on - ${VARDIR}/firewall $g_debugging start + run_it ${VARDIR}/firewall $g_debugging start rc=$? [ -n "$nolock" ] || mutex_off else @@ -324,7 +335,7 @@ start_command() { if compiler run $g_debugging $nolock compile ${VARDIR}/.start; then [ -n "$nolock" ] || mutex_on - ${VARDIR}/.start $g_debugging start + run_it ${VARDIR}/.start $g_debugging start rc=$? [ -n "$nolock" ] || mutex_off else @@ -398,15 +409,9 @@ start_command() { ;; esac - export NOROUTES - export PURGE - if [ -n "${g_fast}${AUTOMAKE}" ]; then if qt mywhich make; then restorefile=$RESTOREFILE - # - # RESTOREFILE is exported by get_config() - # if [ -z "$g_fast" ]; then # # Autofast -- use the last compiled script @@ -414,8 +419,10 @@ start_command() { RESTOREFILE=firewall fi - if ! make -qf ${CONFDIR}/Makefile; then - g_fast= + export RESTOREFILE + + if make -qf ${CONFDIR}/Makefile; then + g_fast= AUTOMAKE= fi @@ -430,7 +437,7 @@ start_command() { if [ -x $g_restorepath ]; then echo Restoring Shorewall6... - $SHOREWALL_SHELL $g_restorepath restore + run_it $g_restorepath restore date > ${VARDIR}/restarted progress_message3 Shorewall6 restored from $g_restorepath else @@ -680,9 +687,6 @@ restart_command() { [ -n "$STARTUP_ENABLED" ] || fatal_error "Startup is disabled" - export NOROUTES - export PURGE - if [ -z "$g_fast" -a -n "$AUTOMAKE" ]; then if qt mywhich make; then # @@ -700,7 +704,7 @@ restart_command() { if compiler run $g_debugging $nolock compile ${VARDIR}/.restart; then [ -n "$nolock" ] || mutex_on - $SHOREWALL_SHELL ${VARDIR}/.restart $g_debugging restart + run_it ${VARDIR}/.restart $g_debugging restart rc=$? [ -n "$nolock" ] || mutex_off else @@ -710,7 +714,7 @@ restart_command() { else [ -x ${VARDIR}/firewall ] || fatal_error "No ${VARDIR}/firewall file found" [ -n "$nolock" ] || mutex_on - $SHOREWALL_SHELL ${VARDIR}/firewall $g_debugging restart + run_it ${VARDIR}/firewall $g_debugging restart rc=$? [ -n "$nolock" ] || mutex_off fi @@ -764,13 +768,11 @@ refresh_command() { [ -n "$STARTUP_ENABLED" ] || fatal_error "Startup is disabled" - export NOROUTES - progress_message3 "Compiling..." if compiler run $g_debugging $nolock compile ${VARDIR}/.refresh; then [ -n "$nolock" ] || mutex_on - $SHOREWALL_SHELL ${VARDIR}/.refresh $g_debugging refresh + run_it ${VARDIR}/.refresh $g_debugging refresh rc=$? [ -n "$nolock" ] || mutex_off else @@ -875,11 +877,11 @@ safe_commands() { case $command in start) - export RESTOREFILE=NONE + RESTOREFILE=NONE progress_message3 "Starting..." ;; restart) - export RESTOREFILE=.safe + RESTOREFILE=.safe g_restorepath=${VARDIR}/.safe save_config progress_message3 "Restarting..." @@ -888,7 +890,7 @@ safe_commands() { [ -n "$nolock" ] || mutex_on - if ${VARDIR}/.$command $command; then + if run_it ${VARDIR}/.$command $command; then echo -n "Do you want to accept the new firewall configuration? [y/n] " @@ -896,9 +898,9 @@ safe_commands() { echo "New configuration has been accepted" else if [ "$command" = "restart" ]; then - ${VARDIR}/.safe restore + run_it ${VARDIR}/.safe restore else - ${VARDIR}/.$command clear + run_it ${VARDIR}/.$command clear fi [ -n "$nolock" ] || mutex_off @@ -1011,11 +1013,11 @@ try_command() { case $command in start) - export RESTOREFILE=NONE + RESTOREFILE=NONE progress_message3 "Starting..." ;; restart) - export RESTOREFILE=.try + RESTOREFILE=.try g_restorepath=${VARDIR}/.try save_config progress_message3 "Restarting..." @@ -1024,13 +1026,13 @@ try_command() { [ -n "$nolock" ] || mutex_on - if ${VARDIR}/.$command $command && [ -n "$timeout" ]; then + if run_it ${VARDIR}/.$command $command && [ -n "$timeout" ]; then sleep $timeout if [ "$command" = "restart" ]; then - ${VARDIR}/.try restore + run_it ${VARDIR}/.try restore else - ${VARDIR}/.$command clear + run_it ${VARDIR}/.$command clear fi fi @@ -1330,7 +1332,7 @@ g_export= NOROUTES= PURGE= -export TIMESTAMP= +TIMESTAMP= finished=0 @@ -1478,13 +1480,12 @@ if [ $# -eq 0 ]; then fi PATH=/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/bin:/usr/local/sbin -export PATH MUTEX_TIMEOUT= SHAREDIR=/usr/share/shorewall6 CONFDIR=/etc/shorewall6 g_product="Shorewall6" -export RECOVERING= +RECOVERING= [ -f ${CONFDIR}/vardir ] && . ${CONFDIR}/vardir @@ -1549,18 +1550,16 @@ case "$COMMAND" in [ $# -ne 1 ] && usage 1 get_config [ -x $g_firewall ] || fatal_error "Shorewall6 has never been started" - export NOROUTES mutex_on - $SHOREWALL_SHELL $g_firewall $g_debugging $nolock $COMMAND + run_it $g_firewall $g_debugging $nolock $COMMAND mutex_off ;; reset) get_config - export NOROUTES shift mutex_on [ -x $g_firewall ] || fatal_error "Shorewall6 has never been started" - $SHOREWALL_SHELL $g_firewall $g_debugging $nolock reset $@ + run_it $g_firewall $g_debugging $nolock reset $@ mutex_off ;; compile)