Set IPTABLES_SAVE from IPTABLES

git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@6670 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2007-06-25 17:20:08 +00:00 · 2007-06-25 17:20:08 +00:00 · 7adb433454
commit 7adb433454
parent d6458bd997
3 changed files with 25 additions and 11 deletions
--- a/Shorewall-common/lib.cli
+++ b/Shorewall-common/lib.cli
@ -273,15 +273,22 @@ logwatch() # $1 = timeout -- if negative, prompt each time that
 # Save currently running configuration
 #
 save_config() {
+
+    local result=1
+    
+    iptables_save=${IPTABLES}-save
+
+    [ -x $iptables_save ] || echo "$iptables-save does not exist or is not executable" >&2
+
    if shorewall_is_started ; then
 	[ -d ${VARDIR} ] || mkdir -p ${VARDIR}

 	if [ -f $RESTOREPATH -a ! -x $RESTOREPATH ]; then
-	    echo "   ERROR: $RESTOREPATH exists and is not a saved $PRODUCT configuration"
+	    echo "   ERROR: $RESTOREPATH exists and is not a saved $PRODUCT configuration" >&2
 	else
 	    case $RESTOREFILE in
 		capabilities|chains|default_route|firewall|firewall.conf|nat|proxyarp|restarted|rt_tables|save|state|undo_routing|zones)
-		    echo "   ERROR: Reserved file name: $RESTOREFILE"
+		    echo "   ERROR: Reserved file name: $RESTOREFILE" >&2
 		    ;;
 		*)
 		    validate_restorefile RESTOREFILE
@ -323,30 +330,33 @@ save_config() {
 					mv -f $f $RESTOREPATH
 					chmod +x $RESTOREPATH
 					echo "   Current Ipset Contents Saved to $RESTOREPATH"
+					result=0
 					;;
 				    [Nn][Oo])
 					;;
 				    *)
-					echo "   WARNING: Invalid value ($SAVE_IPSETS) for SAVE_IPSETS. Ipset contents not saved"
+					echo "   WARNING: Invalid value ($SAVE_IPSETS) for SAVE_IPSETS. Ipset contents not saved" >&2
 					;;
 				esac
 			    else
 			        rm -f ${VARDIR}/restore-$$
-				echo "   ERROR: Currently-running Configuration Not Saved"
+				echo "   ERROR: Currently-running Configuration Not Saved" >&2
 			    fi
 			else
-			    echo "   ERROR: ${VARDIR}/.restore does not exist"
+			    echo "   ERROR: ${VARDIR}/.restore does not exist" >&2
 			fi
 		    else
-		        echo "Error Saving the Dynamic Rules"
+		        echo "Error Saving the Dynamic Rules" >&2
 		    fi
 		    ;;
 	    esac
 	fi
    else
-	echo "Shorewall isn't started"
+	echo "Shorewall isn't started" >&2
    fi

+    return 0
+
 }

 #
--- a/Shorewall-common/releasenotes.txt
+++ b/Shorewall-common/releasenotes.txt
@ -34,12 +34,12 @@ Other changes in Shorewall 4.0.0 Beta 7
    people supporting Shorewall to diagnose the cause of the message.

 2)  The script generated by Shorewall-perl now assumes that
-    iptables-restore is in the same directory as the program specified
-    in the IPTABLES setting in Shorewall-conf.
+    iptables-restore and iptables-save are in the same directory as the
+    program specified in the IPTABLES setting in Shorewall-conf.

    If IPTABLES is not specified, then the iptables utility is located
-    using the PATH setting and the iptables-restore program from the
-    same directory is used.
+    using the PATH setting and the iptables-restore and iptables-save
+    programs from the same directory are used.

 Migration Considerations:

--- a/Shorewall-common/shorewall
+++ b/Shorewall-common/shorewall
@ -1706,7 +1706,11 @@ case "$COMMAND" in

 	save_config

+	result=$?
+
 	[ -n "$nolock" ] || mutex_off
+
+	exit $result
 	;;
    forget)
 	get_config