Move recent changes to trunk

git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@9358 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2009-01-31 00:19:43 +00:00 · 2009-01-31 00:19:43 +00:00 · ca96c9795f
commit ca96c9795f
parent 1550469b32
3 changed files with 297 additions and 0 deletions
--- a/Shorewall-common/isusable
+++ b/Shorewall-common/isusable
@ -0,0 +1,9 @@
+local status=0
+
+case $1 in
+    $EXT_IF|$COM_IF)
+	[ -f /etc/shorewall/${1}.status ] && status=$(cat /etc/shorewall/${1}.status)
+	;;
+esac
+
+return $status
--- a/Shorewall-common/swping
+++ b/Shorewall-common/swping
@ -0,0 +1,190 @@
+#!/bin/sh
+#
+#     Shorewall WAN Interface monitor - V4.2
+#
+#     Inspired by Angsuman Chakraborty's gwping script.
+#
+#     This program is under GPL [http://www.gnu.org/licenses/old-licenses/gpl-2.0.txt]
+#
+#     (c) 2009 - Tom Eastep (teastep@shorewall.net)
+#
+#	This program is free software; you can redistribute it and/or modify
+#	it under the terms of Version 2 of the GNU General Public License
+#	as published by the Free Software Foundation.
+#
+#	This program is distributed in the hope that it will be useful,
+#	but WITHOUT ANY WARRANTY; without even the implied warranty of
+#	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+#	GNU General Public License for more details.
+#
+#	You should have received a copy of the GNU General Public License
+#	along with this program; if not, write to the Free Software
+#	Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+###########################################################################################
+#
+# IP Family == 4 or 6
+#
+FAMILY=4
+#
+# The commands to run when the status of a line changes. Both commands will be executed.
+#
+COMMANDA=
+COMMANDB="ip -$FAMILY route ls"
+
+if [ $FAMILY -eq 4 ]; then
+    if [ -f /usr/share/shorewall-lite/lib.base ]; then
+	. /usr/share/shorewall-lite/lib.base
+	[ -f /etc/shorewall-lite/params ] && . /etc/shorewall-lite/params
+	[ -n "${COMMANDA:="/sbin/shorewall-lite restart"}" ]
+    elif [ -f /usr/share/shorewall/lib.base ]; then
+	. /usr/share/shorewall/lib.base
+	[ -f /etc/shorewall/params ] && . /etc/shorewall/params
+	[ -n "${COMMANDA:="/sbin/shorewall restart -f"}" ]
+    fi
+else
+    if [ -f /usr/share/shorewall6-lite/lib.base ]; then
+	. /usr/share/shorewall6-lite/lib.base
+	[ -f /etc/shorewall6-lite/params ] && . /etc/shorewall6-lite/params
+	[ -n "${COMMANDA:="/sbin/shorewall6-lite restart"}" ]
+    elif [ -f /usr/share/shorewall6/lib.base ]; then
+	. /usr/share/shorewal6l/lib.base
+	[ -f /etc/shorewall6/params ] && . /etc/shorewall6/params
+	[ -n "${COMMANDA:="/sbin/shorewall6 restart -f"}" ]
+    fi
+fi
+#
+# Interfaces to monitor -- you may use shell variables from your params file
+#
+IF1=eth0
+IF2=eth1
+#
+# Sites to Ping. Must depend only on routes in the 'main' routing table.
+#
+TARGET1=xxx.xxx.xxx.xxx
+TARGET2=yyy.yyy.yyy.yyy
+#
+# How often to ping
+#
+PING_INTERVAL=5
+#
+# Value for ping's -W option
+#
+PING_TIMEOUT=2
+#
+# This many successive pings must succeed for the interface to be marked up when it is down
+#
+UP_COUNT=5
+#
+# This many successive pings must fail for the interface to be marked down when it is up
+#
+DOWN_COUNT=2
+#################################################################################################
+# Variables private to the script
+#################################################################################################
+up=0
+down=1
+
+if1_state=$up
+if2_state=$up
+
+last_if1_ping=$up
+last_if2_ping=$up
+
+state_changed=
+
+current_if1_ping=
+current_if2_ping=
+
+count1=0
+count2=0
+
+[ $FAMILY -eq 4 ] && ping=ping || ping=ping6
+#
+# Script starts here
+#
+rm -f $STATEDIR/${IF1}.status
+rm -f $STATEDIR/${IF2}.status
+
+while : ; do
+    $ping -n -W $PING_TIMEOUT -I $IF1 -c 1 $TARGET1 > /dev/null 2>&1 && current_if1_ping=0 || current_if1_ping=1
+
+    if [ $current_if1_ping -ne $last_if1_ping ]; then
+	last_if1_ping=$current_if1_ping
+	count1=1
+    elif [ $current_if1_ping -ne $if1_state ]; then
+	count1=$(($count1 + 1 ))
+    fi
+
+    case $if1_state in
+	0)
+	    #
+	    # Interface is currently up
+	    #
+	    if [ $count1 -ge $DOWN_COUNT ]; then
+		state_changed=Yes
+		count1=0
+		echo "$IF1 is Down!"
+		if1_state=1
+	    fi
+	    ;;
+	1)
+	    #
+	    # Interface is currently down
+	    #
+	    if [ $count1 -ge $UP_COUNT ]; then
+		state_changed=Yes
+		count1=0
+		echo "$IF1 is Up!"
+		if1_state=0
+	    fi
+	    ;;
+    esac
+
+    $ping -n -W $PING_TIMEOUT -I $IF2 -c 1 $TARGET2 > /dev/null 2>&1 && current_if2_ping=0 || current_if2_ping=1
+
+    if [ $current_if2_ping -ne $last_if2_ping ]; then
+	last_if2_ping=$current_if2_ping
+	count2=1
+    elif [ $current_if2_ping -ne $if2_state ]; then
+	count2=$(($count2 + 1 ))
+    fi
+
+    case $if2_state in
+	0)
+	    #
+	    # Interface is currently up
+	    #
+	    if [ $count2 -ge $DOWN_COUNT ]; then
+		state_changed=Yes
+		count2=0
+		echo "$IF2 is Down!"
+		if2_state=1
+	    fi
+	    ;;
+	1)
+	    #
+	    # Interface is currently down
+	    #
+	    if [ $count2 -ge $UP_COUNT ]; then
+		state_changed=Yes
+		count2=0
+		echo "$IF2 is Up!"
+		if2_state=0
+	    fi
+	    ;;
+    esac
+
+    if [ -n "$state_changed" ]; then
+	#
+	# One of the interfaces changed state -- restart Shorewall
+	#
+	echo $if1_state > /etc/shorewall/${IF1}.status
+	echo $if2_state > /etc/shorewall/${IF2}.status 
+	$COMMANDA
+	$COMMANDB
+	state_changed=
+    fi
+
+    sleep $PING_INTERVAL
+done
--- a/Shorewall-common/swping.init
+++ b/Shorewall-common/swping.init
@ -0,0 +1,98 @@
+#!/bin/sh
+#     Shorewall WAN Interface monitor - V4.2
+#
+#     This program is under GPL [http://www.gnu.org/licenses/old-licenses/gpl-2.0.txt]
+#
+#     (c) 1999,2000,2001,2002,2003,2004,2005 - Tom Eastep (teastep@shorewall.net)
+#
+#	On most distributions, this file should be called /etc/init.d/shorewall.
+#
+#	Complete documentation is available at http://shorewall.net
+#
+#	This program is free software; you can redistribute it and/or modify
+#	it under the terms of Version 2 of the GNU General Public License
+#	as published by the Free Software Foundation.
+#
+#	This program is distributed in the hope that it will be useful,
+#	but WITHOUT ANY WARRANTY; without even the implied warranty of
+#	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+#	GNU General Public License for more details.
+#
+#	You should have received a copy of the GNU General Public License
+#	along with this program; if not, write to the Free Software
+#	Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+#	Commands are:
+#
+#	   swping start			  Starts the monitor
+#	   swping restart		  Restarts the monitor
+#	   swping stop			  Stops the monitor
+#	   swping status		  Displays monitor status
+#
+### BEGIN INIT INFO
+# Provides:	  swping
+# Required-Start: shorewall
+# Should-Start: 
+# Required-Stop:
+# Default-Start:  2 3 5
+# Default-Stop:	  0 1 6
+# Description: Monitor External links and restart Shorewall when a link goes up or down.
+### END INIT INFO
+
+PROG=/usr/local/sbin/swping    # The 'swping' script.
+STATEDIR=/var/lib/shorewall/   # Where to maintain the '.pid' file.
+
+start() {
+    echo "Starting swping."
+
+    if [ -f $STATEDIR/swping.pid ] && ps -p $(cat $STATEDIR/swping.pid) > /dev/null 2>&1; then
+	echo "swping is already running" >&2
+	exit 0
+    fi
+
+    /usr/local/sbin/swping >> /var/log/swping &
+    if [ $? -eq 0 ]; then
+	echo $! > $STATEDIR/swping.pid
+	echo "Done."
+    else
+	rm -f $STATEDIR/swping.pid
+    fi
+}
+
+stop() {
+    echo "Stoping swping."
+    if [ -f $STATEDIR/swping.pid ]; then
+	kill -9 $(cat $STATEDIR/swping.pid)
+	rm -f $STATEDIR/swping.pid
+    fi
+
+    echo "Done."
+}
+
+command="$1"
+
+case "$command" in
+    start)
+	start
+	;;
+    stop)
+	stop
+	;;
+    restart)
+	stop
+	start
+	;;
+    status)
+	if [ -f $STATEDIR/swping.pid ]; then
+	    echo "swping is running"
+	    exit 0
+	else
+	    echo "swping is stopped" 
+	    exit 3
+	fi
+	;;
+    *)
+	echo "Usage /etc/init.d/swping start|stop|restart|status"
+	;;
+esac
+