Apply Thomas D's patch for SAVE_IPSET in the debian shorewall-init script

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-08-14 09:49:18 -07:00 · 2014-08-14 09:49:18 -07:00 · 96102623ee
commit 96102623ee
parent aa6bd2819c
1 changed files with 25 additions and 0 deletions
--- a/Shorewall-init/init.debian.sh
+++ b/Shorewall-init/init.debian.sh
@ -123,6 +123,17 @@ shorewall_start () {

  echo "done."

+  if [ -n "$SAVE_IPSETS" -a -f "$SAVE_IPSETS" ]; then
+
+      echo -n "Restoring ipsets: "
+
+      if ! ipset -R < "$SAVE_IPSETS"; then
+	  echo_notdone
+      fi
+
+      echo "done."
+  fi
+
  return 0
 }

@ -142,6 +153,20 @@ shorewall_stop () {

  echo "done."

+  if [ -n "$SAVE_IPSETS" ]; then
+
+      echo "Saving ipsets: "
+
+      mkdir -p $(dirname "$SAVE_IPSETS")
+      if ipset -S > "${SAVE_IPSETS}.tmp"; then
+	  grep -qE -- '^(-N|create )' "${SAVE_IPSETS}.tmp" && mv -f "${SAVE_IPSETS}.tmp" "$SAVE_IPSETS"
+      else
+	  echo_notdone
+      fi
+
+      echo "done."
+  fi
+
  return 0
 }