holm/shorewall_code
1
0
Fork 0
forked from extern/shorewall_code
Code Pull Requests Activity

Continue with refresh restoration

Browse Source 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@6769 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
This commit is contained in:
teastep 2007-07-03 20:03:25 +00:00
parent 1d19c1b8eb
commit be5f004ce8
2 changed files with 25 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
Shorewall-perl/Shorewall/Compiler.pm
View File

@ -90,7 +90,7 @@ sub generate_script_1() {
copy $globals{SHAREDIRPL} . 'prog.header'; copy $globals{SHAREDIRPL} . 'prog.header';
for my $exit qw/init start tcclear started stop stopped clear refresh/ { for my $exit qw/init start tcclear started stop stopped clear refresh refreshed/ {
emit "run_${exit}_exit() {"; emit "run_${exit}_exit() {";
push_indent; push_indent;
append_file $exit or emit 'true'; append_file $exit or emit 'true';
@ -533,7 +533,7 @@ sub generate_script_2 () {
"fi\n" ); "fi\n" );
} }
emitj ( 'run_init_exit', emitj ( '[ "$COMMAND" = refresh ] && run_refresh_exit || run_init_exit',
'', '',
'qt $IPTABLES -L shorewall -n && qt $IPTABLES -F shorewall && qt $IPTABLES -X shorewall', 'qt $IPTABLES -L shorewall -n && qt $IPTABLES -F shorewall && qt $IPTABLES -X shorewall',
'', '',
@ -630,7 +630,7 @@ if [ $COMMAND = restore ]; then
else else
if [ $COMMAND = refresh ]; then if [ $COMMAND = refresh ]; then
blacklist_reload blacklist_reload
run_refresh_exit run_refreshed_exit
$IPTABLES -N shorewall $IPTABLES -N shorewall
set_state "Started" set_state "Started"
else else

38
docs/shorewall_extension_scripts.xml
View File

@ -101,8 +101,11 @@
<listitem> <listitem>
<para>refresh -- invoked while the firewall is being refreshed but <para>refresh -- invoked while the firewall is being refreshed but
before the blacklst chains have been rebuilt (Note: Shorewall-perl does before the blacklst chains have been rebuilt.</para>
not rebuild the blacklist during <command>refresh</command>).</para> </listitem>
<listitem>
<para>refreshed -- invoked after the firewall has been refreshed.</para>
</listitem> </listitem>
<listitem> <listitem>
@ -407,6 +410,18 @@
<entry>tcclear</entry> <entry>tcclear</entry>
</row> </row>
<row>
<entry></entry>
<entry>refresh</entry>
</row>
<row>
<entry></entry>
<entry>refreshed</entry>
</row>
</tbody> </tbody>
</tgroup> </tgroup>
</informaltable></para> </informaltable></para>
@ -465,20 +480,11 @@
<member>maclog</member> <member>maclog</member>
</simplelist>Note that in the 'initdone' script, there is no default </simplelist>Note that in the 'initdone' script, there is no default
chain ($chainref). You can objtain a reference to a standard chain chain ($chainref). You can objtain a reference to a standard chain
by:<programlisting>my $chainref = $chain_table{&lt;table&gt;}{&lt;chain name&gt;};</programlisting>Example:<programlisting>my $chainref = $chain_table{filter}{INPUT};</programlisting>Some by:<programlisting>my $chainref = $chain_table{&lt;table&gt;}{&lt;chain name&gt;};</programlisting>Example:<programlisting>my $chainref = $chain_table{filter}{INPUT};</programlisting>The
run-time scripts are simply eliminated because they no longer make any continue script has been eliminated because it no longer make any sense
sense under Shorewall-perl:<itemizedlist> under Shorewall-perl. This script was designed to allow you to add
<listitem> special temporary rules during [re]start. Shorewall-perl doesn't need
<para>continue - This script was designed to allow you to add such rules.</para>
special temporary rules during [re]start. Shorewall-perl doesn't
need such rules.</para>
</listitem>
<listitem>
<para>refresh - The <command>refresh</command> command is the same
as <command>restart</command></para>
</listitem>
</itemizedlist></para>
</listitem> </listitem>
</itemizedlist> </itemizedlist>
</article> </article>