forked from extern/shorewall_code
Make colon after system name optional in the 'export' command
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@5036 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
This commit is contained in:
parent
0151e1855f
commit
bae18e9a67
@ -148,6 +148,8 @@ get_config() {
|
||||
|
||||
export VERBOSE
|
||||
|
||||
[ -n "${HOSTNAME:=$(hostname)}" ]
|
||||
|
||||
}
|
||||
|
||||
#
|
||||
|
@ -14,6 +14,8 @@ Changes in 3.3.6
|
||||
|
||||
7) Remove 'try' command.
|
||||
|
||||
8) Make colon after system optional in the 'export' command.
|
||||
|
||||
Changes in 3.3.5
|
||||
|
||||
1) Restore default route when there are no 'balance' providers.
|
||||
|
@ -33,11 +33,11 @@ Shorewall 3.3.6
|
||||
|
||||
Problems Corrected in 3.3.6
|
||||
|
||||
1) Handling of saved ipsets in /etc/shorewall/ipsets is broken when
|
||||
used on a system running Shorewall Lite. If there is a file named
|
||||
'ipsets' on the CONFIG_PATH when the firewall script is compiled,
|
||||
then the compiled script attempts to restore the ipsets from that
|
||||
file (which may not exist on the firewall system).
|
||||
1) Handling of saved ipsets in /etc/shorewall/ipsets was broken when
|
||||
used on a system running Shorewall Lite. If there was a file named
|
||||
'ipsets' on the CONFIG_PATH when the firewall script was compiled,
|
||||
then the compiled script attempted to restore the ipsets from that
|
||||
file (which may not have existed on the firewall system).
|
||||
|
||||
2) Previously, "shorewall safe-[re]start" was badly broken. This
|
||||
breakage had been corrected.
|
||||
@ -54,8 +54,9 @@ Other Changes in 3.3.6
|
||||
installed, the local modules file is used to determine which kernel
|
||||
modules to load. Beginning with this release, if there is a
|
||||
'modules' file in the CONFIG_PATH when the firewall script is
|
||||
compiled, then that file will be copied into the compiled script
|
||||
and used on the firewall system.
|
||||
compiled (other than /usr/share/shorewall/modules), then that file
|
||||
will be copied into the compiled script and used on the firewall
|
||||
system.
|
||||
|
||||
3) Shorewall now uses tc fwmark filters to classify packets for
|
||||
traffic shaping when the DEVICE isn't an interface described in
|
||||
@ -70,6 +71,29 @@ Other Changes in 3.3.6
|
||||
Considerations for information about how to accomplish the same
|
||||
thing as 'try' in a better way.
|
||||
|
||||
6) The syntax of the 'export' command has been made slightly
|
||||
friendlier.
|
||||
|
||||
The old syntax:
|
||||
|
||||
export <directory1> [user@]system:[<directory2>]
|
||||
|
||||
It is now:
|
||||
|
||||
export <directory1> [user@]system[:<directory2>]
|
||||
|
||||
In other words, if you don't need to specify <directory2>, you may
|
||||
omit the colon (":") following the system name.
|
||||
|
||||
The old syntax is still accepted -- that is, you can still
|
||||
type:
|
||||
|
||||
export firewall2:
|
||||
|
||||
which is equivalent to
|
||||
|
||||
export firewall2
|
||||
|
||||
Migration Considerations:
|
||||
|
||||
1) Shorewall supports the notion of "default actions". A default
|
||||
@ -117,13 +141,20 @@ Migration Considerations:
|
||||
|
||||
A better way to accomplish the same thing is:
|
||||
|
||||
shorewall save #Do this only once before you start testing
|
||||
shorewall save #Do this only once before you start testing
|
||||
|
||||
shorewall restart <config-dir> [ && sleep <timeout> && \
|
||||
shorewall restore ]
|
||||
shorewall restart <config-dir> [ && sleep <timeout> && shorewall restore ]
|
||||
|
||||
--- fix problems ---
|
||||
|
||||
shorewall restart <config-dir> [ && sleep <timeout> && shorewall restore ]
|
||||
|
||||
--- fix problems ---
|
||||
|
||||
shorewall save #Do this only once after you have installed
|
||||
#the new configuration
|
||||
...
|
||||
|
||||
shorewall save #Do this only once after you have installed
|
||||
#the new configuration
|
||||
|
||||
New Features:
|
||||
|
||||
|
@ -864,7 +864,7 @@ export_command() # $* = original arguments less the command.
|
||||
*:*)
|
||||
;;
|
||||
*)
|
||||
fatal_error "Target must be of the form [user@]<system>:[<directory>]"
|
||||
target=$target:
|
||||
;;
|
||||
esac
|
||||
|
||||
@ -893,7 +893,7 @@ usage() # $1 = exit status
|
||||
echo " delete <interface>[:<host-list>] ... <zone>"
|
||||
echo " drop <address> ..."
|
||||
echo " dump [ -x ]"
|
||||
echo " export [ <directory1> ] [<user>@]<system>:[<directory2>]"
|
||||
echo " export [ <directory1> ] [<user>@]<system>[:<directory2>]"
|
||||
echo " forget [ <file name> ]"
|
||||
echo " help"
|
||||
echo " hits"
|
||||
|
@ -117,7 +117,7 @@
|
||||
|
||||
<arg choice="opt">directory1</arg>
|
||||
|
||||
<arg choice="plain">[user@]system:[directory2]</arg>
|
||||
<arg choice="plain">[user@]system[<option>:</option>directory2]</arg>
|
||||
</cmdsynopsis>
|
||||
|
||||
<cmdsynopsis>
|
||||
@ -503,10 +503,11 @@
|
||||
system other than where the compiled script will run. This option
|
||||
disables certain configuration options that require the script to be
|
||||
compiled where it is to be run. The use of -e requires the presense
|
||||
of a configuration file named capabilities which may be produced
|
||||
using the command <emphasis role="bold">shorewall-lite show -f
|
||||
capabilities > capabities</emphasis> on a system with Shorewall
|
||||
Lite installed</para>
|
||||
of a configuration file named <filename>capabilities</filename>
|
||||
which may be produced using the command <emphasis
|
||||
role="bold">shorewall-lite show -f capabilities >
|
||||
capabities</emphasis> on a system with Shorewall Lite
|
||||
installed</para>
|
||||
</listitem>
|
||||
</varlistentry>
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user