holm/shorewall_code
1
0
Fork 0
forked from extern/shorewall_code
Code Pull Requests Activity

Reduce export usage; Allow PURGE and RESTOREFILE to be specified on the run-line

Browse Source 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
This commit is contained in:
Tom Eastep 2010-03-02 14:49:31 -08:00
parent 2656a9b0c7
commit cce4bf277a
6 changed files with 79 additions and 47 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
Shorewall-lite/shorewall-lite
View File

@ -161,13 +161,13 @@ get_config() {
# Verify that we have a compiled firewall script # Verify that we have a compiled firewall script
# #
verify_firewall_script() { verify_firewall_script() {
if [ ! -f $FIREWALL ]; then if [ ! -f $g_firewall ]; then
echo " ERROR: Shorewall Lite is not properly installed" >&2 echo " ERROR: Shorewall Lite is not properly installed" >&2
if [ -L $FIREWALL ]; then if [ -L $g_firewall ]; then
echo " $FIREWALL is a symbolic link to a" >&2 echo " $g_firewall is a symbolic link to a" >&2
echo " non-existant file" >&2 echo " non-existant file" >&2
else else
echo " The file $FIREWALL does not exist" >&2 echo " The file $g_firewall does not exist" >&2
fi fi
exit 2 exit 2
@ -249,6 +249,7 @@ start_command() {
esac esac
export NOROUTES export NOROUTES
export PURGE
if [ -n "$FAST" ]; then if [ -n "$FAST" ]; then
if qt mywhich make; then if qt mywhich make; then
@ -343,6 +344,7 @@ restart_command() {
esac esac
export NOROUTES export NOROUTES
export PURGE
[ -n "$nolock" ] || mutex_on [ -n "$nolock" ] || mutex_on
@ -559,7 +561,6 @@ else
fi fi
ensure_config_path ensure_config_path
export CONFIG_PATH
LITEDIR=${VARDIR} LITEDIR=${VARDIR}
@ -567,7 +568,7 @@ LITEDIR=${VARDIR}
get_config get_config
FIREWALL=$LITEDIR/firewall g_firewall=$LITEDIR/firewall
if [ -f $version_file ]; then if [ -f $version_file ]; then
SHOREWALL_VERSION=$(cat $SHOREWALL_VERSION_FILE) SHOREWALL_VERSION=$(cat $SHOREWALL_VERSION_FILE)
@ -610,11 +611,11 @@ case "$COMMAND" in
[ $# -ne 1 ] && usage 1 [ $# -ne 1 ] && usage 1
verify_firewall_script verify_firewall_script
export NOROUTES export NOROUTES
exec $SHOREWALL_SHELL $FIREWALL $debugging $nolock $COMMAND exec $SHOREWALL_SHELL $g_firewall $debugging $nolock $COMMAND
;; ;;
reset) reset)
verify_firewall_script verify_firewall_script
exec $SHOREWALL_SHELL $FIREWALL $debugging $nolock $@ exec $SHOREWALL_SHELL $g_firewall $debugging $nolock $@
;; ;;
restart) restart)
shift shift

31
Shorewall/Perl/prog.footer
View File

@ -70,6 +70,10 @@ while [ $finished -eq 0 -a $# -gt 0 ]; do
TIMESTAMP=Yes TIMESTAMP=Yes
option=${option#t} option=${option#t}
;; ;;
p*)
PURGE=Yes
option=${option#p}
;;
r*) r*)
RECOVERING=Yes RECOVERING=Yes
option=${option#r} option=${option#r}
@ -96,6 +100,33 @@ while [ $finished -eq 0 -a $# -gt 0 ]; do
startup_error "Missing -V option value" startup_error "Missing -V option value"
fi fi
;; ;;
R*)
option=${option#R}
if [ -z "$option" -a $# -gt 0 ]; then
shift
option=$1
fi
if [ -n "$option" ]; then
case $option in
*/*)
startup_error "-R must specify a simple file name: $option"
;;
.safe|.try|NONE)
;;
.*)
error_message "ERROR: Reserved File Name: $RESTOREFILE"
exit 2
;;
esac
else
startup_error "Missing -R option value"
fi
RESTOREFILE=$option
option=
;;
*) *)
usage 1 usage 1
;; ;;

31
Shorewall/Perl/prog.footer6
View File

@ -70,6 +70,10 @@ while [ $finished -eq 0 -a $# -gt 0 ]; do
TIMESTAMP=Yes TIMESTAMP=Yes
option=${option#t} option=${option#t}
;; ;;
p*)
PURGE=Yes
option=${option#p}
;;
r*) r*)
RECOVERING=Yes RECOVERING=Yes
option=${option#r} option=${option#r}
@ -96,6 +100,33 @@ while [ $finished -eq 0 -a $# -gt 0 ]; do
startup_error "Missing -V option value" startup_error "Missing -V option value"
fi fi
;; ;;
R*)
option=${option#R}
if [ -z "$option" -a $# -gt 0 ]; then
shift
option=$1
fi
if [ -n "$option" ]; then
case $option in
*/*)
startup_error "-R must specify a simple file name: $option"
;;
.safe|.try|NONE)
;;
.*)
error_message "ERROR: Reserved File Name: $RESTOREFILE"
exit 2
;;
esac
else
startup_error "Missing -R option value"
fi
RESTOREFILE=$option
option=
;;
esac esac
done done
shift shift

20
Shorewall/shorewall
View File

@ -66,8 +66,6 @@ get_config() {
# #
# This block is avoided for compile for export and when the user isn't root # This block is avoided for compile for export and when the user isn't root
# #
export CONFIG_PATH
if [ "$3" = Yes ]; then if [ "$3" = Yes ]; then
[ -z "$LOGFILE" ] && LOGFILE=/var/log/messages [ -z "$LOGFILE" ] && LOGFILE=/var/log/messages
@ -94,8 +92,6 @@ get_config() {
fi fi
fi fi
export IPTABLES
if [ -n "$IP" ]; then if [ -n "$IP" ]; then
case "$IP" in case "$IP" in
*/*) */*)
@ -117,8 +113,6 @@ get_config() {
IP='ip' IP='ip'
fi fi
export IP
if [ -n "$IPSET" ]; then if [ -n "$IPSET" ]; then
case "$IPSET" in case "$IPSET" in
*/*) */*)
@ -140,8 +134,6 @@ get_config() {
IPSET='ipset' IPSET='ipset'
fi fi
export IPSET
if [ -n "$TC" ]; then if [ -n "$TC" ]; then
case "$TC" in case "$TC" in
*/*) */*)
@ -162,9 +154,6 @@ get_config() {
else else
TC='tc' TC='tc'
fi fi
export TC
# #
# Compile by non-root needs no restore file # Compile by non-root needs no restore file
# #
@ -213,8 +202,6 @@ get_config() {
[ -n "$LOGFORMAT" ] && LOGFORMAT="${LOGFORMAT%%%*}" [ -n "$LOGFORMAT" ] && LOGFORMAT="${LOGFORMAT%%%*}"
export LOGFORMAT
if [ -n "$STARTUP_LOG" ]; then if [ -n "$STARTUP_LOG" ]; then
if [ -n "$LOG_VERBOSITY" ]; then if [ -n "$LOG_VERBOSITY" ]; then
case $LOG_VERBOSITY in case $LOG_VERBOSITY in
@ -469,7 +456,6 @@ start_command() {
fi fi
SHOREWALL_DIR=$(resolve_file $1) SHOREWALL_DIR=$(resolve_file $1)
export SHOREWALL_DIR
AUTOMAKE= AUTOMAKE=
;; ;;
*) *)
@ -597,7 +583,6 @@ compile_command() {
fi fi
SHOREWALL_DIR=$(resolve_file $1) SHOREWALL_DIR=$(resolve_file $1)
export SHOREWALL_DIR
file=$2 file=$2
;; ;;
*) *)
@ -673,7 +658,6 @@ check_command() {
fi fi
SHOREWALL_DIR=$(resolve_file $1) SHOREWALL_DIR=$(resolve_file $1)
export SHOREWALL_DIR
;; ;;
*) *)
usage 1 usage 1
@ -753,7 +737,6 @@ restart_command() {
SHOREWALL_DIR=$(resolve_file $1) SHOREWALL_DIR=$(resolve_file $1)
[ -n "$g_fast" ] && fatal_error "Directory may not be specified with the -f option" [ -n "$g_fast" ] && fatal_error "Directory may not be specified with the -f option"
export SHOREWALL_DIR
AUTOMAKE= AUTOMAKE=
;; ;;
*) *)
@ -921,7 +904,6 @@ safe_commands() {
fi fi
SHOREWALL_DIR=$(resolve_file $1) SHOREWALL_DIR=$(resolve_file $1)
export SHOREWALL_DIR
;; ;;
*) *)
usage 1 usage 1
@ -1017,7 +999,6 @@ try_command() {
fi fi
SHOREWALL_DIR=$(resolve_file $1) SHOREWALL_DIR=$(resolve_file $1)
export SHOREWALL_DIR
} }
while [ $finished -eq 0 -a $# -gt 0 ]; do while [ $finished -eq 0 -a $# -gt 0 ]; do
@ -1576,7 +1557,6 @@ if [ $# -eq 0 ]; then
usage 1 usage 1
fi fi
[ -n "$SHOREWALL_DIR" ] && export SHOREWALL_DIR
PATH=/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/bin:/usr/local/sbin PATH=/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/bin:/usr/local/sbin
export PATH export PATH
MUTEX_TIMEOUT= MUTEX_TIMEOUT=

14
Shorewall6-lite/shorewall6-lite
View File

@ -161,13 +161,13 @@ get_config() {
# Verify that we have a compiled firewall script # Verify that we have a compiled firewall script
# #
verify_firewall_script() { verify_firewall_script() {
if [ ! -f $FIREWALL ]; then if [ ! -f $g_firewall ]; then
echo " ERROR: Shorewall6 Lite is not properly installed" >&2 echo " ERROR: Shorewall6 Lite is not properly installed" >&2
if [ -L $FIREWALL ]; then if [ -L $g_firewall ]; then
echo " $FIREWALL is a symbolic link to a" >&2 echo " $g_firewall is a symbolic link to a" >&2
echo " non-existant file" >&2 echo " non-existant file" >&2
else else
echo " The file $FIREWALL does not exist" >&2 echo " The file $g_firewall does not exist" >&2
fi fi
exit 2 exit 2
@ -249,6 +249,7 @@ start_command() {
esac esac
export NOROUTES export NOROUTES
export PURGE
if [ -n "$FAST" ]; then if [ -n "$FAST" ]; then
if qt mywhich make; then if qt mywhich make; then
@ -343,6 +344,7 @@ restart_command() {
esac esac
export NOROUTES export NOROUTES
export PURGE
[ -n "$nolock" ] || mutex_on [ -n "$nolock" ] || mutex_on
@ -553,7 +555,7 @@ LITEDIR=${VARDIR}
get_config get_config
FIREWALL=$LITEDIR/firewall g_firewall=$LITEDIR/firewall
if [ -f $version_file ]; then if [ -f $version_file ]; then
SHOREWALL_VERSION=$(cat $version_file) SHOREWALL_VERSION=$(cat $version_file)
@ -596,7 +598,7 @@ case "$COMMAND" in
[ $# -ne 1 ] && usage 1 [ $# -ne 1 ] && usage 1
verify_firewall_script verify_firewall_script
export NOROUTES export NOROUTES
exec $SHOREWALL_SHELL $FIREWALL $debugging $nolock $COMMAND exec $SHOREWALL_SHELL $g_firewall $debugging $nolock $COMMAND
;; ;;
restart) restart)
shift shift

13
Shorewall6/shorewall6
View File

@ -66,8 +66,6 @@ get_config() {
# #
# This block is avoided for compile for export and when the user isn't root # This block is avoided for compile for export and when the user isn't root
# #
export CONFIG_PATH
if [ "$3" = Yes ]; then if [ "$3" = Yes ]; then
[ -z "$LOGFILE" ] && LOGFILE=/var/log/messages [ -z "$LOGFILE" ] && LOGFILE=/var/log/messages
@ -94,8 +92,6 @@ get_config() {
fi fi
fi fi
export IP6TABLES
# #
# Compile by non-root needs no restore file # Compile by non-root needs no restore file
# #
@ -132,8 +128,6 @@ get_config() {
[ -n "$LOGFORMAT" ] && LOGFORMAT="${LOGFORMAT%%%*}" [ -n "$LOGFORMAT" ] && LOGFORMAT="${LOGFORMAT%%%*}"
export LOGFORMAT
if [ -n "$STARTUP_LOG" ]; then if [ -n "$STARTUP_LOG" ]; then
if [ -n "$LOG_VERBOSITY" ]; then if [ -n "$LOG_VERBOSITY" ]; then
case $LOG_VERBOSITY in case $LOG_VERBOSITY in
@ -397,7 +391,6 @@ start_command() {
fi fi
SHOREWALL_DIR=$(resolve_file $1) SHOREWALL_DIR=$(resolve_file $1)
export SHOREWALL_DIR
AUTOMAKE= AUTOMAKE=
;; ;;
*) *)
@ -524,7 +517,6 @@ compile_command() {
fi fi
SHOREWALL_DIR=$(resolve_file $1) SHOREWALL_DIR=$(resolve_file $1)
export SHOREWALL_DIR
file=$2 file=$2
;; ;;
*) *)
@ -600,7 +592,6 @@ check_command() {
fi fi
SHOREWALL_DIR=$(resolve_file $1) SHOREWALL_DIR=$(resolve_file $1)
export SHOREWALL_DIR
;; ;;
*) *)
usage 1 usage 1
@ -680,7 +671,6 @@ restart_command() {
SHOREWALL_DIR=$(resolve_file $1) SHOREWALL_DIR=$(resolve_file $1)
[ -n "$g_fast" ] && fatal_error "Directory may not be specified with the -f option" [ -n "$g_fast" ] && fatal_error "Directory may not be specified with the -f option"
export SHOREWALL_DIR
AUTOMAKE= AUTOMAKE=
;; ;;
*) *)
@ -848,7 +838,6 @@ safe_commands() {
fi fi
SHOREWALL_DIR=$(resolve_file $1) SHOREWALL_DIR=$(resolve_file $1)
export SHOREWALL_DIR
;; ;;
*) *)
usage 1 usage 1
@ -944,7 +933,6 @@ try_command() {
fi fi
SHOREWALL_DIR=$(resolve_file $1) SHOREWALL_DIR=$(resolve_file $1)
export SHOREWALL_DIR
} }
while [ $finished -eq 0 -a $# -gt 0 ]; do while [ $finished -eq 0 -a $# -gt 0 ]; do
@ -1489,7 +1477,6 @@ if [ $# -eq 0 ]; then
usage 1 usage 1
fi fi
[ -n "$SHOREWALL_DIR" ] && export SHOREWALL_DIR
PATH=/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/bin:/usr/local/sbin PATH=/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/bin:/usr/local/sbin
export PATH export PATH
MUTEX_TIMEOUT= MUTEX_TIMEOUT=