holm/shorewall_code
1
0
Fork 0
forked from extern/shorewall_code
Code Pull Requests Activity

Set IPTABLES_SAVE from IPTABLES

Browse Source 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@6670 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
This commit is contained in:
teastep 2007-06-25 17:20:08 +00:00
parent d6458bd997
commit 7adb433454
3 changed files with 25 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
Shorewall-common/lib.cli
View File

@ -273,15 +273,22 @@ logwatch() # $1 = timeout -- if negative, prompt each time that
# Save currently running configuration # Save currently running configuration
# #
save_config() { save_config() {
local result=1
iptables_save=${IPTABLES}-save
[ -x $iptables_save ] || echo "$iptables-save does not exist or is not executable" >&2
if shorewall_is_started ; then if shorewall_is_started ; then
[ -d ${VARDIR} ] || mkdir -p ${VARDIR} [ -d ${VARDIR} ] || mkdir -p ${VARDIR}
if [ -f $RESTOREPATH -a ! -x $RESTOREPATH ]; then if [ -f $RESTOREPATH -a ! -x $RESTOREPATH ]; then
echo " ERROR: $RESTOREPATH exists and is not a saved $PRODUCT configuration" echo " ERROR: $RESTOREPATH exists and is not a saved $PRODUCT configuration" >&2
else else
case $RESTOREFILE in case $RESTOREFILE in
capabilities|chains|default_route|firewall|firewall.conf|nat|proxyarp|restarted|rt_tables|save|state|undo_routing|zones) capabilities|chains|default_route|firewall|firewall.conf|nat|proxyarp|restarted|rt_tables|save|state|undo_routing|zones)
echo " ERROR: Reserved file name: $RESTOREFILE" echo " ERROR: Reserved file name: $RESTOREFILE" >&2
;; ;;
*) *)
validate_restorefile RESTOREFILE validate_restorefile RESTOREFILE
@ -323,30 +330,33 @@ save_config() {
mv -f $f $RESTOREPATH mv -f $f $RESTOREPATH
chmod +x $RESTOREPATH chmod +x $RESTOREPATH
echo " Current Ipset Contents Saved to $RESTOREPATH" echo " Current Ipset Contents Saved to $RESTOREPATH"
result=0
;; ;;
[Nn][Oo]) [Nn][Oo])
;; ;;
*) *)
echo " WARNING: Invalid value ($SAVE_IPSETS) for SAVE_IPSETS. Ipset contents not saved" echo " WARNING: Invalid value ($SAVE_IPSETS) for SAVE_IPSETS. Ipset contents not saved" >&2
;; ;;
esac esac
else else
rm -f ${VARDIR}/restore-$$ rm -f ${VARDIR}/restore-$$
echo " ERROR: Currently-running Configuration Not Saved" echo " ERROR: Currently-running Configuration Not Saved" >&2
fi fi
else else
echo " ERROR: ${VARDIR}/.restore does not exist" echo " ERROR: ${VARDIR}/.restore does not exist" >&2
fi fi
else else
echo "Error Saving the Dynamic Rules" echo "Error Saving the Dynamic Rules" >&2
fi fi
;; ;;
esac esac
fi fi
else else
echo "Shorewall isn't started" echo "Shorewall isn't started" >&2
fi fi
return 0
} }
# #

8
Shorewall-common/releasenotes.txt
View File

@ -34,12 +34,12 @@ Other changes in Shorewall 4.0.0 Beta 7
people supporting Shorewall to diagnose the cause of the message. people supporting Shorewall to diagnose the cause of the message.
2) The script generated by Shorewall-perl now assumes that 2) The script generated by Shorewall-perl now assumes that
iptables-restore is in the same directory as the program specified iptables-restore and iptables-save are in the same directory as the
in the IPTABLES setting in Shorewall-conf. program specified in the IPTABLES setting in Shorewall-conf.
If IPTABLES is not specified, then the iptables utility is located If IPTABLES is not specified, then the iptables utility is located
using the PATH setting and the iptables-restore program from the using the PATH setting and the iptables-restore and iptables-save
same directory is used. programs from the same directory are used.
Migration Considerations: Migration Considerations:

4
Shorewall-common/shorewall
View File

@ -1706,7 +1706,11 @@ case "$COMMAND" in
save_config save_config
result=$?
[ -n "$nolock" ] || mutex_off [ -n "$nolock" ] || mutex_off
exit $result
;; ;;
forget) forget)
get_config get_config