From dc65849d6527aa26fc8b3adce72d25a4cbfd8930 Mon Sep 17 00:00:00 2001 From: teastep Date: Wed, 31 Dec 2008 18:08:36 +0000 Subject: [PATCH] Move 4.2.4.1 changes to trunk git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@9214 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb --- Shorewall-perl/Shorewall/Compiler.pm | 9 ++++++++- Shorewall6-lite/init.archlinux.sh | 22 +++++++++++----------- Shorewall6-lite/init.debian.sh | 6 +++--- Shorewall6/init.archlinux.sh | 20 ++++++++++---------- Shorewall6/init.debian.sh | 2 +- Shorewall6/lib.cli | 12 ++++++------ manpages/shorewall-accounting.xml | 2 ++ 7 files changed, 41 insertions(+), 32 deletions(-) diff --git a/Shorewall-perl/Shorewall/Compiler.pm b/Shorewall-perl/Shorewall/Compiler.pm index 9a70e3233..da7d8f051 100644 --- a/Shorewall-perl/Shorewall/Compiler.pm +++ b/Shorewall-perl/Shorewall/Compiler.pm @@ -788,7 +788,14 @@ setup_routing_and_traffic_shaping if [ $COMMAND = restore ]; then iptables_save_file=${VARDIR}/$(basename $0)-iptables if [ -f $iptables_save_file ]; then - cat $iptables_save_file | $IPTABLES_RESTORE # Use this nonsensical form to appease SELinux +EOF + if ( $family == F_IPV4 ) { + emit ' cat $iptables_save_file | $IPTABLES_RESTORE # Use this nonsensical form to appease SELinux' + } else { + emit ' cat $iptables_save_file | $IP6TABLES_RESTORE # Use this nonsensical form to appease SELinux' + } + + emit<<'EOF'; else fatal_error "$iptables_save_file does not exist" fi diff --git a/Shorewall6-lite/init.archlinux.sh b/Shorewall6-lite/init.archlinux.sh index 8fcb9e292..d75f14472 100755 --- a/Shorewall6-lite/init.archlinux.sh +++ b/Shorewall6-lite/init.archlinux.sh @@ -1,26 +1,26 @@ #!/bin/bash -OPTIONS="-f" +OPTIONS="" -if [ -f /etc/sysconfig/shorewall ] ; then - . /etc/sysconfig/shorewall -elif [ -f /etc/default/shorewall ] ; then - . /etc/default/shorewall +if [ -f /etc/sysconfig/shorewall6 ] ; then + . /etc/sysconfig/shorewall6 +elif [ -f /etc/default/shorewall6 ] ; then + . /etc/default/shorewall6 fi -# if you want to override options, do so in /etc/sysconfig/shorewall or -# in /etc/default/shorewall -- +# if you want to override options, do so in /etc/sysconfig/shorewall6 or +# in /etc/default/shorewall6 -- # i strongly encourage you use the latter, since /etc/sysconfig/ does not exist. . /etc/rc.conf . /etc/rc.d/functions -DAEMON_NAME="shorewall" # of course shorewall is NOT a deamon. +DAEMON_NAME="shorewall6" # of course shorewall6 is NOT a deamon. case "$1" in start) stat_busy "Starting $DAEMON_NAME" - /sbin/shorewall-lite $OPTIONS start &>/dev/null + /sbin/shorewall6-lite $OPTIONS start &>/dev/null if [ $? -gt 0 ]; then stat_fail else @@ -32,7 +32,7 @@ case "$1" in stop) stat_busy "Stopping $DAEMON_NAME" - /sbin/shorewall-lite stop &>/dev/null + /sbin/shorewall6-lite stop &>/dev/null if [ $? -gt 0 ]; then stat_fail else @@ -43,7 +43,7 @@ case "$1" in restart|reload) stat_busy "Restarting $DAEMON_NAME" - /sbin/shorewall-lite restart &>/dev/null + /sbin/shorewall6-lite restart &>/dev/null if [ $? -gt 0 ]; then stat_fail else diff --git a/Shorewall6-lite/init.debian.sh b/Shorewall6-lite/init.debian.sh index beb75c075..20a38d126 100755 --- a/Shorewall6-lite/init.debian.sh +++ b/Shorewall6-lite/init.debian.sh @@ -57,15 +57,15 @@ not_configured () { # parse the shorewall params file in order to use params in # /etc/default/shorewall -if [ -f "/etc/shorewall-lite/params" ] +if [ -f "/etc/shorewall6-lite/params" ] then - . /etc/shorewall-lite/params + . /etc/shorewall6-lite/params fi # check if shorewall is configured or not if [ -f "/etc/default/shorewall6-lite" ] then - . /etc/default/shorewall-lite + . /etc/default/shorewall6-lite SRWL_OPTS="$SRWL_OPTS $OPTIONS" if [ "$startup" != "1" ] then diff --git a/Shorewall6/init.archlinux.sh b/Shorewall6/init.archlinux.sh index 91040787c..024715105 100755 --- a/Shorewall6/init.archlinux.sh +++ b/Shorewall6/init.archlinux.sh @@ -2,25 +2,25 @@ OPTIONS="-f" -if [ -f /etc/sysconfig/shorewall ] ; then - . /etc/sysconfig/shorewall -elif [ -f /etc/default/shorewall ] ; then - . /etc/default/shorewall +if [ -f /etc/sysconfig/shorewall6 ] ; then + . /etc/sysconfig/shorewall6 +elif [ -f /etc/default/shorewall6 ] ; then + . /etc/default/shorewall6 fi -# if you want to override options, do so in /etc/sysconfig/shorewall or -# in /etc/default/shorewall -- +# if you want to override options, do so in /etc/sysconfig/shorewall6 or +# in /etc/default/shorewall6 -- # i strongly encourage you use the latter, since /etc/sysconfig/ does not exist. . /etc/rc.conf . /etc/rc.d/functions -DAEMON_NAME="shorewall" # of course shorewall is NOT a deamon. +DAEMON_NAME="shorewall6" # of course shorewall6 is NOT a deamon. case "$1" in start) stat_busy "Starting $DAEMON_NAME" - /sbin/shorewall $OPTIONS start &>/dev/null + /sbin/shorewall6 $OPTIONS start &>/dev/null if [ $? -gt 0 ]; then stat_fail else @@ -32,7 +32,7 @@ case "$1" in stop) stat_busy "Stopping $DAEMON_NAME" - /sbin/shorewall stop &>/dev/null + /sbin/shorewall6 stop &>/dev/null if [ $? -gt 0 ]; then stat_fail else @@ -43,7 +43,7 @@ case "$1" in restart|reload) stat_busy "Restarting $DAEMON_NAME" - /sbin/shorewall restart &>/dev/null + /sbin/shorewall6 restart &>/dev/null if [ $? -gt 0 ]; then stat_fail else diff --git a/Shorewall6/init.debian.sh b/Shorewall6/init.debian.sh index 9d9994ddf..78f496674 100755 --- a/Shorewall6/init.debian.sh +++ b/Shorewall6/init.debian.sh @@ -58,7 +58,7 @@ not_configured () { # check if shorewall is configured or not if [ -f "/etc/default/shorewall6" ] then - . /etc/default/shorewall + . /etc/default/shorewall6 SRWL_OPTS="$SRWL_OPTS $OPTIONS" if [ "$startup" != "1" ] then diff --git a/Shorewall6/lib.cli b/Shorewall6/lib.cli index 98a6c245a..e6011f8df 100644 --- a/Shorewall6/lib.cli +++ b/Shorewall6/lib.cli @@ -253,9 +253,9 @@ save_config() { iptables_save=${IP6TABLES}-save - [ -x $iptables_save ] || echo "$ip6tables-save does not exist or is not executable" >&2 + [ -x $iptables_save ] || echo "$iptables_save does not exist or is not executable" >&2 - if shorewall66_is_started ; then + if shorewall6_is_started ; then [ -d ${VARDIR} ] || mkdir -p ${VARDIR} if [ -f $RESTOREPATH -a ! -x $RESTOREPATH ]; then @@ -268,10 +268,10 @@ save_config() { *) validate_restorefile RESTOREFILE - if $IPTABLES -L dynamic -n > ${VARDIR}/save; then + if $IP6TABLES -L dynamic -n > ${VARDIR}/save; then echo " Dynamic Rules Saved" if [ -f ${VARDIR}/.restore ]; then - if $iptables_save | iptablesbug > ${VARDIR}/restore-$$; then + if $iptables_save > ${VARDIR}/restore-$$; then cp -f ${VARDIR}/.restore $RESTOREPATH mv -f ${VARDIR}/restore-$$ ${RESTOREPATH}-iptables chmod +x $RESTOREPATH @@ -755,8 +755,8 @@ restore_command() { if [ -x $RESTOREPATH ]; then if [ -x ${RESTOREPATH}-ipsets ] ; then echo Restoring Ipsets... - iptables -F - iptables -X + $IP6TABLES -F + $IP6TABLES -X $SHOREWALL_SHELL ${RESTOREPATH}-ipsets fi diff --git a/manpages/shorewall-accounting.xml b/manpages/shorewall-accounting.xml index e2107d083..a5bf59e05 100644 --- a/manpages/shorewall-accounting.xml +++ b/manpages/shorewall-accounting.xml @@ -1,4 +1,6 @@ + shorewall-accounting