Drop support for the IPSECFILE option

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-08-03 10:11:52 -07:00 · 2015-08-03 10:11:52 -07:00 · 8bed5c9d65
commit 8bed5c9d65
parent 4bf714aca0
12 changed files with 11 additions and 54 deletions
--- a/Shorewall/Perl/Shorewall/Config.pm
+++ b/Shorewall/Perl/Shorewall/Config.pm
@ -623,6 +623,7 @@ our %eliminated = ( LOGRATE          => 1,
 		    LOGBURST         => 1,
 		    EXPORTPARAMS     => 1,
 		    LEGACY_FASTSTART => 1,
+		    IPSECFILE        => 1,
 		  );
 #
 # Variables involved in ?IF, ?ELSE ?ENDIF processing
@ -763,7 +764,6 @@ sub initialize( $;$$) {
 	  MODULESDIR => undef,
 	  CONFIG_PATH => undef,
 	  RESTOREFILE => undef,
-	  IPSECFILE => undef,
 	  LOCKFILE => undef,
 	  GEOIPDIR => undef,
 	  NFACCT => undef,
@ -6011,7 +6011,6 @@ sub get_configuration( $$$$$ ) {
    }

    default 'RESTOREFILE'           , 'restore';
-    default 'IPSECFILE'             , 'zones';
    default 'DROP_DEFAULT'          , 'Drop';
    default 'REJECT_DEFAULT'        , 'Reject';
    default 'QUEUE_DEFAULT'         , 'none';
@ -6019,9 +6018,6 @@ sub get_configuration( $$$$$ ) {
    default 'ACCEPT_DEFAULT'        , 'none';
    default 'OPTIMIZE'              , 0;

-    fatal_error 'IPSECFILE=ipsec is not supported by Shorewall ' . $globals{VERSION} if $config{IPSECFILE} eq 'ipsec';
-    fatal_error "Invalid IPSECFILE value ($config{IPSECFILE}"                    unless $config{IPSECFILE} eq 'zones';
-
    for my $default ( qw/DROP_DEFAULT REJECT_DEFAULT QUEUE_DEFAULT NFQUEUE_DEFAULT ACCEPT_DEFAULT/ ) {
 	$config{$default} = 'none' if "\L$config{$default}" eq 'none';
    }
--- a/Shorewall/Samples/Universal/shorewall.conf
+++ b/Shorewall/Samples/Universal/shorewall.conf
@ -274,11 +274,4 @@ MASK_BITS=

 ZONE_BITS=0

-################################################################################
-#                            L E G A C Y  O P T I O N
-#                      D O  N O T  D E L E T E  O R  A L T E R
-################################################################################
-
-IPSECFILE=zones
-
 #LAST LINE -- DO NOT REMOVE
--- a/Shorewall/Samples/one-interface/shorewall.conf
+++ b/Shorewall/Samples/one-interface/shorewall.conf
@ -285,11 +285,4 @@ MASK_BITS=

 ZONE_BITS=0

-################################################################################
-#                            L E G A C Y  O P T I O N
-#                      D O  N O T  D E L E T E  O R  A L T E R
-################################################################################
-
-IPSECFILE=zones
-
 #LAST LINE -- DO NOT REMOVE
--- a/Shorewall/Samples/three-interfaces/shorewall.conf
+++ b/Shorewall/Samples/three-interfaces/shorewall.conf
@ -282,11 +282,4 @@ MASK_BITS=

 ZONE_BITS=0

-################################################################################
-#                            L E G A C Y  O P T I O N
-#                      D O  N O T  D E L E T E  O R  A L T E R
-################################################################################
-
-IPSECFILE=zones
-
 #LAST LINE -- DO NOT REMOVE
--- a/Shorewall/Samples/two-interfaces/shorewall.conf
+++ b/Shorewall/Samples/two-interfaces/shorewall.conf
@ -285,11 +285,4 @@ MASK_BITS=

 ZONE_BITS=0

-################################################################################
-#                            L E G A C Y  O P T I O N
-#                      D O  N O T  D E L E T E  O R  A L T E R
-################################################################################
-
-IPSECFILE=zones
-
 #LAST LINE -- DO NOT REMOVE
--- a/Shorewall/configfiles/shorewall.conf
+++ b/Shorewall/configfiles/shorewall.conf
@ -273,10 +273,3 @@ PROVIDER_OFFSET=
 MASK_BITS=

 ZONE_BITS=0
-
-################################################################################
-#			     L E G A C Y  O P T I O N
-#		       D O  N O T  D E L E T E	O R  A L T E R
-################################################################################
-
-IPSECFILE=zones
--- a/Shorewall/manpages/shorewall.conf.xml
+++ b/Shorewall/manpages/shorewall.conf.xml
@ -1168,20 +1168,6 @@ net     all  DROP   info</programlisting>then the chain name is 'net-all'
        </listitem>
      </varlistentry>

-      <varlistentry>
-        <term><emphasis role="bold">IPSECFILE=zones</emphasis></term>
-
-        <listitem>
-          <para>This option indicates that zone-related ipsec information is
-          found in the zones file (<ulink
-          url="/manpages/shorewall-zones.html">shorewall-zones</ulink>(5)).
-          The option indicates to the compiler that this is not a legacy
-          configuration where the ipsec information was contained in a
-          separate file. The value of this option must not be changed and the
-          option must not be deleted.</para>
-        </listitem>
-      </varlistentry>
-
      <varlistentry>
        <term><emphasis
        role="bold">IPSET</emphasis>=[<emphasis>pathname</emphasis>]</term>
--- a/Shorewall6/Samples6/Universal/shorewall6.conf
+++ b/Shorewall6/Samples6/Universal/shorewall6.conf
@ -248,3 +248,5 @@ PROVIDER_OFFSET=
 MASK_BITS=

 ZONE_BITS=0
+
+#LAST LINE -- DO NOT REMOVE
--- a/Shorewall6/Samples6/one-interface/shorewall6.conf
+++ b/Shorewall6/Samples6/one-interface/shorewall6.conf
@ -249,3 +249,5 @@ PROVIDER_OFFSET=
 MASK_BITS=

 ZONE_BITS=0
+
+#LAST LINE -- DO NOT REMOVE
--- a/Shorewall6/Samples6/three-interfaces/shorewall6.conf
+++ b/Shorewall6/Samples6/three-interfaces/shorewall6.conf
@ -248,3 +248,5 @@ PROVIDER_OFFSET=
 MASK_BITS=

 ZONE_BITS=0
+
+#LAST LINE -- DO NOT REMOVE
--- a/Shorewall6/Samples6/two-interfaces/shorewall6.conf
+++ b/Shorewall6/Samples6/two-interfaces/shorewall6.conf
@ -248,3 +248,5 @@ PROVIDER_OFFSET=
 MASK_BITS=

 ZONE_BITS=0
+
+#LAST LINE -- DO NOT REMOVE
--- a/Shorewall6/configfiles/shorewall6.conf
+++ b/Shorewall6/configfiles/shorewall6.conf
@ -248,3 +248,5 @@ PROVIDER_OFFSET=
 MASK_BITS=

 ZONE_BITS=0
+
+#LAST LINE -- DO NOT REMOVE