forked from extern/shorewall_code
Fix PKTTYPE (port from 2.2.5); correct ipset restore boot problem
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2106 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
This commit is contained in:
parent
713617cf4e
commit
c95bbe4d72
@ -7682,6 +7682,8 @@ do_initialize() {
|
||||
[ -e "$IPTABLES" ] || startup_error "\$IPTABLES=$IPTABLES does not exist or is not executable"
|
||||
fi
|
||||
|
||||
PKTTYPE=$(added_param_value_no PKTTYPE $PKTTYPE) # Used in determine_capabilities
|
||||
|
||||
determine_capabilities
|
||||
|
||||
[ -z "${STATEDIR}" ] && STATEDIR=/var/state/shorewall
|
||||
@ -7801,7 +7803,6 @@ do_initialize() {
|
||||
DISABLE_IPV6=$(added_param_value_no DISABLE_IPV6 $DISABLE_IPV6)
|
||||
BRIDGING=$(added_param_value_no BRIDGING $BRIDGING)
|
||||
DYNAMIC_ZONES=$(added_param_value_no DYNAMIC_ZONES $DYNAMIC_ZONES)
|
||||
PKTTYPE=$(added_param_value_no PKTTYPE $PKTTYPE)
|
||||
STARTUP_ENABLED=$(added_param_value_yes STARTUP_ENABLED $STARTUP_ENABLED)
|
||||
RETAIN_ALIASES=$(added_param_value_no RETAIN_ALIASES $RETAIN_ALIASES)
|
||||
DELAYBLACKLISTLOAD=$(added_param_value_no DELAYBLACKLISTLOAD $DELAYBLACKLISTLOAD)
|
||||
@ -7993,10 +7994,13 @@ case "$COMMAND" in
|
||||
EMPTY=
|
||||
$@
|
||||
;;
|
||||
|
||||
capabilities)
|
||||
[ $# -ne 1 ] && usage
|
||||
do_initialize
|
||||
report_capabilities
|
||||
;;
|
||||
|
||||
*)
|
||||
usage
|
||||
;;
|
||||
|
@ -1228,19 +1228,27 @@ case "$1" in
|
||||
case ${SAVE_IPSETS:-No} in
|
||||
[Yy][Ee][Ss])
|
||||
RESTOREPATH=${RESTOREPATH}-ipsets
|
||||
echo "#!/bin/sh" >> /var/lib/shorewall/restore-$$
|
||||
echo "ipset -U :all: :all:" >> /var/lib/shorewall/restore-$$
|
||||
echo "ipset -F" >> /var/lib/shorewall/restore-$$
|
||||
echo "ipset -X" >> /var/lib/shorewall/restore-$$
|
||||
echo "ipset -R << __EOF__" >> /var/lib/shorewall/restore-$$
|
||||
ipset -S >> /var/lib/shorewall/restore-$$
|
||||
echo "__EOF__" >> /var/lib/shorewall/restore-$$
|
||||
mv -f /var/lib/shorewall/restore-$$ $RESTOREPATH
|
||||
|
||||
f=/var/lib/shorewall/restore-$$
|
||||
|
||||
echo "#!/bin/sh" > $f
|
||||
echo >> $f
|
||||
echo ". /usr/share/shorewall/functions" >> $f
|
||||
echo >> $f
|
||||
grep -E '^MODULE|loadmodule ip_set' /var/lib/shorewall/restore-base >> $f
|
||||
echo >> $f
|
||||
echo "ipset -U :all: :all:" >> $f
|
||||
echo "ipset -F" >> $f
|
||||
echo "ipset -X" >> $f
|
||||
echo "ipset -R << __EOF__" >> $f
|
||||
ipset -S >> $f
|
||||
echo "__EOF__" >> $f
|
||||
mv -f $f $RESTOREPATH
|
||||
chmod +x $RESTOREPATH
|
||||
echo " Current Ipset Contents Saved to $RESTOREPATH"
|
||||
;;
|
||||
[Nn][Oo])
|
||||
;
|
||||
;;
|
||||
*)
|
||||
echo " WARNING: Invalid value ($SAVE_IPSETS) for SAVE_IPSETS. Ipset contents not saved"
|
||||
;;
|
||||
|
Loading…
Reference in New Issue
Block a user