diff --git a/Shorewall-init/ifupdown.fedora.sh b/Shorewall-init/ifupdown.fedora.sh index 2af199203..f255c66eb 100644 --- a/Shorewall-init/ifupdown.fedora.sh +++ b/Shorewall-init/ifupdown.fedora.sh @@ -22,6 +22,9 @@ # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. # +# Get startup options (override default) +OPTIONS= + setstatedir() { local statedir if [ -f ${CONFDIR}/${PRODUCT}/vardir ]; then @@ -30,9 +33,9 @@ setstatedir() { [ -n "$statedir" ] && STATEDIR=${statedir} || STATEDIR=${VARDIR}/${PRODUCT} - if [ ! -x $STATEDIR/firewall ]; then - if [ $PRODUCT = shorewall -o $PRODUCT = shorewall6 ]; then - ${SBINDIR}/$PRODUCT compile + if [ ! -x "$STATEDIR/firewall" ]; then + if [ $PRODUCT == shorewall -o $PRODUCT == shorewall6 ]; then + ${SBINDIR}/$PRODUCT $OPTIONS compile fi fi } @@ -99,8 +102,9 @@ esac for PRODUCT in $PRODUCTS; do setstatedir - if [ -x $VARLIB/$PRODUCT/firewall ]; then - ( ${VARLIB}/$PRODUCT/firewall -V0 $COMMAND $INTERFACE >> $LOGFILE 2>&1 ) || true + if [ -x "$STATEDIR/firewall" ]; then + echo "`date --rfc-3339=seconds` $0: Executing $STATEDIR/firewall $OPTIONS $COMMAND $INTERFACE" >> $LOGFILE 2>&1 + ( $STATEDIR/firewall $OPTIONS $COMMAND $INTERFACE >> $LOGFILE 2>&1 ) || true fi done diff --git a/Shorewall-init/init.fedora.sh b/Shorewall-init/init.fedora.sh index d09b7c5fe..c716a4d00 100755 --- a/Shorewall-init/init.fedora.sh +++ b/Shorewall-init/init.fedora.sh @@ -45,10 +45,9 @@ setstatedir() { fi [ -n "$statedir" ] && STATEDIR=${statedir} || STATEDIR=${VARDIR}/${PRODUCT} - - if [ ! -x $STATEDIR/firewall ]; then - if [ $PRODUCT = shorewall -o $PRODUCT = shorewall6 ]; then - ${SBINDIR}/$PRODUCT compile + if [ ! -x "${STATEDIR}/firewall" ]; then + if [ $PRODUCT == shorewall -o $PRODUCT == shorewall6 ]; then + ${SBINDIR}/$PRODUCT $OPTIONS compile fi fi } @@ -65,23 +64,24 @@ start () { fi echo -n "Initializing \"Shorewall-based firewalls\": " + retval=0 for PRODUCT in $PRODUCTS; do setstatedir - if [ ! -x ${VARDIR}/firewall ]; then - if [ $PRODUCT = shorewall -o $PRODUCT = shorewall6 ]; then - ${SBINDIR}/$PRODUCT compile + if [ ! -x "${STATEDIR}/firewall" ]; then + if [ $PRODUCT == shorewall -o $PRODUCT == shorewall6 ]; then + ${SBINDIR}/$PRODUCT $OPTIONS compile fi fi - if [ -x ${VARDIR}/$PRODUCT/firewall ]; then - ${VARDIR}/$PRODUCT/firewall stop 2>&1 | $logger + if [ -x "${STATEDIR}/firewall" ]; then + ${STATEDIR}/firewall stop 2>&1 | $logger retval=${PIPESTATUS[0]} [ $retval -ne 0 ] && break fi done - if [ retval -eq 0 ]; then + if [ $retval -eq 0 ]; then touch $lockfile success else @@ -97,23 +97,24 @@ stop () { local vardir echo -n "Clearing \"Shorewall-based firewalls\": " + retval=0 for PRODUCT in $PRODUCTS; do setstatedir - if [ ! -x ${VARDIR}/firewall ]; then - if [ $PRODUCT = shorewall -o $PRODUCT = shorewall6 ]; then - ${SBINDIR}/$PRODUCT compile + if [ ! -x "${STATEDIR}/firewall" ]; then + if [ $PRODUCT == shorewall -o $PRODUCT == shorewall6 ]; then + ${SBINDIR}/$PRODUCT $OPTIONS compile fi fi - if [ -x ${VARDIR}/$PRODUCT/firewall ]; then - ${VARDIR}/$PRODUCT/firewall clear 2>&1 | $logger + if [ -x "${STATEDIR}/firewall" ]; then + ${STATEDIR}/firewall clear 2>&1 | $logger retval=${PIPESTATUS[0]} [ $retval -ne 0 ] && break fi done - if [ retval -eq 0 ]; then + if [ $retval -eq 0 ]; then rm -f $lockfile success else diff --git a/Shorewall-init/sysconfig b/Shorewall-init/sysconfig index a308822e2..09fbe8ad4 100644 --- a/Shorewall-init/sysconfig +++ b/Shorewall-init/sysconfig @@ -21,3 +21,6 @@ SAVE_IPSETS="" # LOGFILE=/var/log/shorewall-ifupdown.log +# Startup options - set verbosity to 0 (minimal reporting) +OPTIONS="-V0" +