holm/shorewall_code
1
0
Fork 0
forked from extern/shorewall_code
Code Pull Requests Activity

Change implementation of start and restart to use the compiler

Browse Source 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@3364 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
This commit is contained in:
teastep 2006-01-23 23:30:58 +00:00
parent dfdbdff286
commit e850d6cc7f
3 changed files with 142 additions and 86 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
Shorewall/compiler
View File

@ -382,6 +382,14 @@ addnatrule() # $1 = chain name, remainder of arguments specify the rule
run_iptables2 -t nat -A $@ run_iptables2 -t nat -A $@
} }
#
# Create a rule to delete a chain if it exists
#
deletechain() # $1 = name of chain
{
save_command "qt $IPTABLES -L $1 -n && qt $IPTABLES -F $1 && qt $IPTABLES -X $1"
}
# #
# Determine if a chain is a policy chain # Determine if a chain is a policy chain
# #
@ -7051,6 +7059,8 @@ initialize_netfilter () {
TERMINATOR=fatal_error TERMINATOR=fatal_error
deletechain shorewall
if [ -n "$NAT_ENABLED" ]; then if [ -n "$NAT_ENABLED" ]; then
delete_nat delete_nat
for chain in PREROUTING POSTROUTING OUTPUT; do for chain in PREROUTING POSTROUTING OUTPUT; do

39
Shorewall/prog.footer
View File

@ -61,34 +61,51 @@ fi
case "$COMMAND" in case "$COMMAND" in
start) start)
echo "Starting Shorewall...." if shorewall_is_started; then
define_firewall error_message "Shorewall is already Running"
status=$? status=1
echo "done." else
progress_message3 "Starting Shorewall...."
define_firewall
status=$?
progress_message3 "done."
fi
;; ;;
stop) stop)
echo "Stopping Shorewall...." progress_message3 "Stopping Shorewall...."
stop_firewall stop_firewall
status=0 status=0
echo "done." progress_message3 "done."
;; ;;
restart) restart)
echo "Restarting Shorewall...." if shorewall_is_started; then
progress_message3 "Restarting Shorewall...."
else
echo "Shorewall is not running" >&2
progress_message3 "Starting Shorewall...."
fi
define_firewall define_firewall
status=$? status=$?
echo "done." progress_message3 "done."
;; ;;
reload) reload)
echo "Reloading Shorewall...." if shorewall_is_started; then
progress_message3 "Reloading Shorewall...."
else
echo "Shorewall is not running" >&2
progress_message3 "Starting Shorewall...."
fi
define_firewall define_firewall
status=$? status=$?
echo "done." echo "done."
;; ;;
clear) clear)
echo "Clearing Shorewall...." progress_message3 "Clearing Shorewall...."
clear_firewall clear_firewall
status=0 status=0
echo "done." progress_message3 "done."
;; ;;
status) status)
echo "Shorewall-$VERSION Status at $HOSTNAME - $(date)" echo "Shorewall-$VERSION Status at $HOSTNAME - $(date)"

179
Shorewall/shorewall
View File

@ -494,6 +494,23 @@ save_config() {
start_command() { start_command() {
local finished=0 local finished=0
do_it() {
[ -n "$nolock" ] || mutex_on
progress_message3 "Compiling..."
if $SHOREWALL_SHELL /usr/share/shorewall/compiler $debugging $nolock compile /var/lib/shorewall/.start; then
/var/lib/shorewall/.start start
fi
[ -n "$nolock" ] || mutex_off
}
if shorewall_is_started; then
error_message "Shorewall is already running"
exit 1
fi
while [ $finished -eq 0 -a $# -gt 0 ]; do while [ $finished -eq 0 -a $# -gt 0 ]; do
option=$1 option=$1
case $option in case $option in
@ -558,6 +575,7 @@ start_command() {
esac esac
export NOROUTES export NOROUTES
export PROGRAM=Yes
if [ -n "$FAST" ]; then if [ -n "$FAST" ]; then
if qt mywhich make; then if qt mywhich make; then
@ -585,13 +603,13 @@ start_command() {
date > /var/lib/shorewall/restarted date > /var/lib/shorewall/restarted
echo Shorewall restored from $RESTOREPATH echo Shorewall restored from $RESTOREPATH
else else
exec $SHOREWALL_SHELL $FIREWALL $debugging $nolock start do_it
fi fi
else else
exec $SHOREWALL_SHELL $FIREWALL $debugging $nolock start do_it
fi fi
else else
exec $SHOREWALL_SHELL $FIREWALL $debugging $nolock start do_it
fi fi
} }
# #
@ -675,75 +693,6 @@ compile_command() {
exec $SHOREWALL_SHELL /usr/share/shorewall/compiler $debugging generate $file exec $SHOREWALL_SHELL /usr/share/shorewall/compiler $debugging generate $file
} }
# #
# Restart Command Executor
#
restart_command() {
local finished=0
while [ $finished -eq 0 -a $# -gt 0 ]; do
option=$1
case $option in
-*)
option=${option#-}
while [ -n "$option" ]; do
case $option in
-)
finished=1
option=
;;
q*)
VERBOSE=$(($VERBOSE - 1 ))
option=${option#q}
;;
v*)
VERBOSE=$(($VERBOSE + 1 ))
option=${option#v}
;;
n*)
NOROUTES=Yes
option=${option#n}
;;
*)
usage 1
;;
esac
done
shift
;;
*)
finished=1
;;
esac
done
case $# in
0)
;;
1)
[ -n "$SHOREWALL_DIR" ] && usage 2
if [ ! -d $1 ]; then
if [ -e $1 ]; then
echo "$1 is not a directory" >&2 && exit 2
else
echo "Directory $1 does not exist" >&2 && exit 2
fi
fi
SHOREWALL_DIR=$1
export SHOREWALL_DIR
;;
*)
usage 1
;;
esac
export NOROUTES
exec $SHOREWALL_SHELL $FIREWALL $debugging $nolock restart
}
#
# Check Command Executor # Check Command Executor
# #
check_command() { check_command() {
@ -808,6 +757,7 @@ check_command() {
exec $SHOREWALL_SHELL /usr/share/shorewall/compiler $debugging $nolock check exec $SHOREWALL_SHELL /usr/share/shorewall/compiler $debugging $nolock check
} }
# #
# Reload Command Executor # Reload Command Executor
# #
@ -881,12 +831,91 @@ reload_command() {
progress_message3 "Compiling..." progress_message3 "Compiling..."
if $SHOREWALL_SHELL /usr/share/shorewall/compiler $debugging $nolock compile /var/lib/shorewall/.reload; then if $SHOREWALL_SHELL /usr/share/shorewall/compiler $debugging $nolock compile /var/lib/shorewall/.reload; then
progress_message3 "Installing..."
/var/lib/shorewall/.reload reload /var/lib/shorewall/.reload reload
fi fi
[ -n "$nolock" ] || mutex_off [ -n "$nolock" ] || mutex_off
} }
#
# Restart Command Executor
#
restart_command() {
local finished=0
while [ $finished -eq 0 -a $# -gt 0 ]; do
option=$1
case $option in
-*)
option=${option#-}
while [ -n "$option" ]; do
case $option in
-)
finished=1
option=
;;
q*)
VERBOSE=$(($VERBOSE - 1 ))
option=${option#q}
;;
v*)
VERBOSE=$(($VERBOSE + 1 ))
option=${option#v}
;;
n*)
NOROUTES=Yes
option=${option#n}
;;
*)
usage 1
;;
esac
done
shift
;;
*)
finished=1
;;
esac
done
case $# in
0)
;;
1)
[ -n "$SHOREWALL_DIR" ] && usage 2
if [ ! -d $1 ]; then
if [ -e $1 ]; then
echo "$1 is not a directory" >&2 && exit 2
else
echo "Directory $1 does not exist" >&2 && exit 2
fi
fi
SHOREWALL_DIR=$1
export SHOREWALL_DIR
;;
*)
usage 1
;;
esac
export NOROUTES
export PROGRAM=Yes
[ -n "$nolock" ] || mutex_on
progress_message3 "Compiling..."
if $SHOREWALL_SHELL /usr/share/shorewall/compiler $debugging $nolock compile /var/lib/shorewall/.restart; then
/var/lib/shorewall/.restart restart
fi
[ -n "$nolock" ] || mutex_off
}
# #
# Show Command Executor # Show Command Executor
# #
@ -1249,8 +1278,8 @@ usage() # $1 = exit status
echo " refresh" echo " refresh"
echo " reject <address> ..." echo " reject <address> ..."
echo " reset" echo " reset"
echo " reload [ -n ] [ -q ] [ <directory> ]" echo " reload [ -n ] [ -q ] [ -v ] [ <directory> ]"
echo " restart [ -n ] [ -q ] [ <directory> ]" echo " restart [ -n ] [ -q ] [ -v ] [ <directory> ]"
echo " restore [ -n ] [ -q ] [ <file name> ]" echo " restore [ -n ] [ -q ] [ <file name> ]"
echo " save [ <file name> ]" echo " save [ <file name> ]"
echo " show [ -v ] [<chain> [ <chain> ... ]|actions|capabilities|classifiers|connections|log|macros|mangle|nat|tc|zones]" echo " show [ -v ] [<chain> [ <chain> ... ]|actions|capabilities|classifiers|connections|log|macros|mangle|nat|tc|zones]"