Slight cleanup of the ADD_IP_ALIASES change.

Apply the same change to ADD_SNAT_ALIASES.
Add a new 'report' function that prints and logs in a single call.


git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@14 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb

Shorewall/firewall

@@ -100,6 +100,14 @@ startup_error() # $* = Error Message
     exit 2
 }
 
+###############################################################################
+# Send a message to STDOUT and the System Log                                 #
+###############################################################################
+report () { # $* = message
+    echo "$@"
+    logger "$@"
+}
+
 ###############################################################################
 # Perform variable substitution on the passed argument and echo the result    #
 ###############################################################################
@@ -1069,25 +1077,27 @@ setup_nat() {
 
 	if [ -n "$ADD_IP_ALIASES" ]; then
 	    #
-	    # Folks begin to panic if they don't see all of the same
+	    # Folks feel uneasy if they don't see all of the same
 	    # decoration on these IP addresses that they see when their
-	    # distro's net config tool adds them. In an attempt to cut
+	    # distro's net config tool adds them. In an attempt to reduce
-	    # down on their anxiety, we'll introduce the following (no doubt
+	    # the anxiety level, we'll introduce the following code to set
-	    # buggy) code to set the VLSM and BRD just like the primary
+	    # the VLSM and BRD just like the primary address
-	    # address
 	    #
 	    # Get all of the lines that contain inet addresses with broadcast
 	    #
 	    val=`ip addr show $interface | grep 'inet.*brd '` 2> /dev/null
-	    #
+
-	    # Hack off the leading 'inet <ip addr>' (actually cut off the
+	    if [ -n "$val" ] ; then
-	    # "/" as well but add it back in.
+		#
-	    #
+		# Hack off the leading 'inet <ip addr>' (actually cut off the
-	    val="/${val#*/}"
+		# "/" as well but add it back in).
-	    #
+		#
-	    # Now get the VLSM, "brd" and the broadcast address
+		val="/${val#*/}"
-	    #
+		#
-	    val=`echo $val | cut -d' ' -f1,2,3`
+		# Now get the VLSM, "brd" and the broadcast address
+		#
+		val=`echo $val | cut -d' ' -f1,2,3`
+	    fi
 
 	    run_ip addr add ${external}${val} dev $interface
 	    echo "$external $interface" >> ${STATEDIR}/nat
@@ -1992,7 +2002,14 @@ setup_masq()
 
 	if [ -n "$address" -a -n "$ADD_SNAT_ALIASES" ]; then
 	    qt ip addr del $address dev $interface
-	    run_ip addr add $address dev $interface
+
+	    val=`ip addr show $interface | grep 'inet.*brd '` 2> /dev/null
+	    if [ -n "$val" ] ; then
+		val="/${val#*/}"
+		val=`echo $val | cut -d' ' -f1,2,3`
+	    fi
+	    run_ip addr add ${address}${val} dev $interface
+
 	    echo "$address $interface" >> ${STATEDIR}/nat
 	fi
 
@@ -2735,9 +2752,7 @@ define_firewall() # $1 = Command (Start or Restart)
 
     createchain shorewall no
 
-    echo "Shorewall ${1}ed"
+    report "Shorewall ${1}ed"
-
-    logger "Shorewall ${1}ed"
 
     rm -rf $TMP_DIR
 }
@@ -2833,9 +2848,7 @@ refresh_firewall()
     #
     refresh_blacklist
 
-    echo "Shorewall Refreshed"
+    report "Shorewall Refreshed"
-
-    logger "Shorewall Refreshed"
 
     rm -rf $TMP_DIR
 }
@@ -3061,8 +3074,7 @@ case "$command" in
 	;;
     reset)
 	iptables -L -n -Z -v
-	echo "Shorewall Counters Reset"
+	report "Shorewall Counters Reset"
-	logger "Shorewall Counters Reset"
 	;;
     refresh)
 	do_initialize