Continue with refresh restoration

git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@6769 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb

Shorewall-perl/Shorewall/Compiler.pm

@@ -90,7 +90,7 @@ sub generate_script_1() {
 
     copy $globals{SHAREDIRPL} . 'prog.header';
 
-    for my $exit qw/init start tcclear started stop stopped clear refresh/ {
+    for my $exit qw/init start tcclear started stop stopped clear refresh refreshed/ {
 	emit "run_${exit}_exit() {";
 	push_indent;
 	append_file $exit or emit 'true';
@@ -533,7 +533,7 @@ sub generate_script_2 () {
 		"fi\n" );
     }
 
-    emitj ( 'run_init_exit',
+    emitj ( '[ "$COMMAND" = refresh ] && run_refresh_exit || run_init_exit',
 	    '',
 	    'qt $IPTABLES -L shorewall -n && qt $IPTABLES -F shorewall && qt $IPTABLES -X shorewall',
 	    '',
@@ -630,7 +630,7 @@ if [ $COMMAND = restore ]; then
 else
     if [ $COMMAND = refresh ]; then
         blacklist_reload
-        run_refresh_exit
+        run_refreshed_exit
         $IPTABLES -N shorewall
         set_state "Started"
     else

docs/shorewall_extension_scripts.xml

@@ -101,8 +101,11 @@
 
     <listitem>
       <para>refresh -- invoked while the firewall is being refreshed but
-      before the blacklst chains have been rebuilt (Note: Shorewall-perl does
-      not rebuild the blacklist during <command>refresh</command>).</para>
+      before the blacklst chains have been rebuilt.</para>
+    </listitem>
+
+    <listitem>
+      <para>refreshed -- invoked after the firewall has been refreshed.</para>
     </listitem>
 
     <listitem>
@@ -407,6 +410,18 @@
 
                 <entry>tcclear</entry>
               </row>
+
+              <row>
+                <entry></entry>
+
+                <entry>refresh</entry>
+              </row>
+
+              <row>
+                <entry></entry>
+
+                <entry>refreshed</entry>
+              </row>
             </tbody>
           </tgroup>
         </informaltable></para>
@@ -465,20 +480,11 @@
           <member>maclog</member>
         </simplelist>Note that in the 'initdone' script, there is no default
       chain ($chainref). You can objtain a reference to a standard chain
-      by:<programlisting>my $chainref = $chain_table{&lt;table&gt;}{&lt;chain name&gt;};</programlisting>Example:<programlisting>my $chainref = $chain_table{filter}{INPUT};</programlisting>Some
-      run-time scripts are simply eliminated because they no longer make any
-      sense under Shorewall-perl:<itemizedlist>
-          <listitem>
-            <para>continue - This script was designed to allow you to add
-            special temporary rules during [re]start. Shorewall-perl doesn't
-            need such rules.</para>
-          </listitem>
-
-          <listitem>
-            <para>refresh - The <command>refresh</command> command is the same
-            as <command>restart</command></para>
-          </listitem>
-        </itemizedlist></para>
+      by:<programlisting>my $chainref = $chain_table{&lt;table&gt;}{&lt;chain name&gt;};</programlisting>Example:<programlisting>my $chainref = $chain_table{filter}{INPUT};</programlisting>The
+      continue script has been eliminated because it no longer make any sense
+      under Shorewall-perl. This script was designed to allow you to add
+      special temporary rules during [re]start. Shorewall-perl doesn't need
+      such rules.</para>
     </listitem>
   </itemizedlist>
 </article>