holm/shorewall_code
1
0
Fork 0
forked from extern/shorewall_code
Code Pull Requests Activity

Add 'shorewall show zones' command

Browse Source 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1781 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
This commit is contained in:
teastep 2004-11-27 19:44:32 +00:00
parent 193edff66a
commit a6f07b8bc5
4 changed files with 48 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
Shorewall2/changelog.txt
View File

@ -154,3 +154,5 @@ Changes since 2.0.3
74) Correct bug in "shorewall add" 74) Correct bug in "shorewall add"
75) Correct bridge handling in "shorewall add" and "shorewall delete" 75) Correct bridge handling in "shorewall add" and "shorewall delete"
76) Add "shorewall show zones"

5
Shorewall2/help
View File

@ -219,7 +219,7 @@ save)
;; ;;
show) show)
echo "show: show [ <chain> [ <chain> ...] |classifiers|connections|log|nat|tc|tos] echo "show: show [ <chain> [ <chain> ...] |classifiers|connections|log|nat|tc|tos|zones]
shorewall [-x] show <chain> [ <chain> ... ] - produce a verbose report about the IPtable chain(s). shorewall [-x] show <chain> [ <chain> ... ] - produce a verbose report about the IPtable chain(s).
(iptables -L chain -n -v) (iptables -L chain -n -v)
@ -238,6 +238,9 @@ show)
shorewall show tc - displays information about the traffic shorewall show tc - displays information about the traffic
control/shaping configuration. control/shaping configuration.
shorewall show zones - displays the contents of all zones. Requires
DYNAMIC_ZONES=Yes in /etc/shorewall/shorewall.conf
When -x is given, that option is also passed to iptables to display actual packet and byte counts." When -x is given, that option is also passed to iptables to display actual packet and byte counts."
;; ;;

23
Shorewall2/releasenotes.txt
View File

@ -712,3 +712,26 @@ New Features:
can be used to designate the iptables executable to be used by can be used to designate the iptables executable to be used by
Shorewall. If not specified, the iptables executable determined by Shorewall. If not specified, the iptables executable determined by
the PATH setting is used. the PATH setting is used.
31) When DYNAMIC_ZONES=Yes in /etc/shorewall/shorewall.conf, you can
now use the "shorewall show zones" command to display the current
contents of the zones.
Example:
ursa:/etc/shorewall # shorewall show zones
Shorewall-2.2.0-Beta7 Zones at ursa - Sat Nov 27 11:18:25 PST 2004
loc
eth0:192.168.1.0/24
eth1:1.2.3.4
net
eth0:0.0.0.0/0
WiFi
eth1:0.0.0.0/0
sec
eth1:0.0.0.0/0
ursa:/etc/shorewall #

20
Shorewall2/shorewall
View File

@ -609,7 +609,7 @@ usage() # $1 = exit status
echo " restart [ <directory> ]" echo " restart [ <directory> ]"
echo " restore [ <file name> ]" echo " restore [ <file name> ]"
echo " save [ <file name> ]" echo " save [ <file name> ]"
echo " show [<chain> [ <chain> ... ]|classifiers|connections|log|nat|tc|tos]" echo " show [<chain> [ <chain> ... ]|classifiers|connections|log|nat|tc|tos|zones]"
echo " start [ <directory> ]" echo " start [ <directory> ]"
echo " stop" echo " stop"
echo " status" echo " status"
@ -913,6 +913,24 @@ case "$1" in
echo echo
show_classifiers show_classifiers
;; ;;
zones)
[ $# -gt 2 ] && usage 1
[ -z "${STATEDIR}" ] && STATEDIR=/var/state/shorewall
if [ -f $STATEDIR/zones ]; then
echo "Shorewall-$version Zones at $HOSTNAME - $(date)"
echo
while read zone hosts; do
echo $zone
for host in $hosts; do
echo " $host"
done
done < $STATEDIR/zones
echo
else
echo " ERROR: Dynamic zones are not enabled" >&2
exit 1
fi
;;
*) *)
shift shift