IPv6 work to only export when necessary

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-03-03 08:59:58 -08:00 · 2010-03-03 08:59:58 -08:00 · ee74696747
commit ee74696747
parent 234e4fa754
5 changed files with 157 additions and 47 deletions
--- a/Shorewall/Perl/Shorewall/Rules.pm
+++ b/Shorewall/Perl/Shorewall/Rules.pm
@ -2266,9 +2266,8 @@ EOF
 		    echo Restoring ${g_product:=Shorewall}...
                    
                    RECOVERING=Yes
-                    export RECOVERING

-		    if $g_restorepath restore; then
+		    if run_it $g_restorepath restore; then
 		        echo "$g_product restored from $g_restorepath"
 		        set_state "Started"
 		    else
--- a/Shorewall/Perl/prog.header6
+++ b/Shorewall/Perl/prog.header6
@ -1023,6 +1023,84 @@ startup_error() # $* = Error Message
    exit 2
 }

+#
+# Get the Shorewall version of the passed script
+#
+get_script_version() { # $1 = script
+    local temp
+    local version
+    local ifs
+
+    temp=$( $SHOREWALL_SHELL $1 version | sed 's/-.*//' )
+
+    if [ $? -ne 0 ]; then
+	version=0
+    else
+	ifs=$IFS
+	IFS=.
+	temp=$(echo $temp)
+	IFS=$ifs
+	
+	for temp in $temp; do
+	    version=${version}$(printf '%02d' $temp)
+	done
+    fi
+    
+    echo $version
+}
+ 
+    
+#
+# Do required exports or create the required option string and run the passed script using
+# $SHOREWALL_SHELL
+#
+run_it() {
+    local script
+    local options
+    local version
+
+    script=$1
+    shift
+
+    version=$(get_script_version $script)
+
+    if [ $version -lt 040408 ]; then
+	#
+	# Old script that doesn't understand 4.4.8 script options
+	#
+	export RESTOREFILE
+	export VERBOSITY
+	export NOROUTES
+	export PURGE
+	export TIMESTAMP
+	export RECOVERING
+ 
+	if [ "$g_product" != Shorewall6 ]; then
+	    #
+	    # Shorewall Lite
+	    #
+	    export LOGFORMAT
+	    export IP6TABLES
+	fi
+    else
+	#
+	# 4.4.8 or later -- no exports required
+	#
+	options='-'
+
+	[ -n "$NOROUTES" ]  && options=${options}n
+	[ -n "$TIMESTAMP" ] && options=${options}t
+	[ -n "$PURGE" ]     && options=${options}p
+	[ -n "$RECOVERING" ] && options=${options}r
+
+	options="${options}V $VERBOSITY"
+
+	[ -n "$RESTOREFILE" ] && options="${options} -R $RESTOREFILE"
+    fi
+	
+    $SHOREWALL_SHELL $script $options $@
+}
+
 #
 # Run iptables and if an error occurs, stop/restore the firewall
 #
--- a/Shorewall6-lite/shorewall6-lite
+++ b/Shorewall6-lite/shorewall6-lite
@ -166,35 +166,6 @@ verify_firewall_script() {
    fi
 }

-#
-# Do required exports and run $SHOREWALL_SHELL
-#
-do_exports() {
-    export RESTOREFILE
-    export VERBOSITY
-    export NOROUTES
-    export PURGE
-    export TIMESTAMP
-    export PATH
-    export RECOVERING
-
-    export LOGFORMAT
-    export IP6TABLES
-}
-
-#
-# Do required exports and run or exec $SHOREWALL_SHELL
-#
-run_it() {
-    do_exports
-    $SHOREWALL_SHELL $@
-}
-
-exec_it() {
-    do_exports
-    exec $SHOREWALL_SHELL $@
-}
-
 #
 # Start Command Executor
 #
@ -593,7 +564,7 @@ case "$COMMAND" in
    stop|reset|clear)
 	[ $# -ne 1 ] && usage 1
 	verify_firewall_script
-	exec_it $g_firewall $debugging $nolock $COMMAND
+	run_it $g_firewall $debugging $nolock $COMMAND
 	;;
    restart)
 	shift
--- a/Shorewall6/lib.cli
+++ b/Shorewall6/lib.cli
@ -34,6 +34,83 @@ fatal_error() # $@ = Message
    exit 2
 }

+#
+# Get the Shorewall version of the passed script
+#
+get_script_version() { # $1 = script
+    local temp
+    local version
+    local ifs
+
+    temp=$( $SHOREWALL_SHELL $1 version | sed 's/-.*//' )
+
+    if [ $? -ne 0 ]; then
+	version=0
+    else
+	ifs=$IFS
+	IFS=.
+	temp=$(echo $temp)
+	IFS=$ifs
+	
+	for temp in $temp; do
+	    version=${version}$(printf '%02d' $temp)
+	done
+    fi
+    
+    echo $version
+}
+  
+#
+# Do required exports or create the required option string and run the passed script using
+# $SHOREWALL_SHELL
+#
+run_it() {
+    local script
+    local options
+    local version
+
+    script=$1
+    shift
+
+    version=$(get_script_version $script)
+
+    if [ $version -lt 040408 ]; then
+	#
+	# Old script that doesn't understand 4.4.8 script options
+	#
+	export RESTOREFILE
+	export VERBOSITY
+	export NOROUTES
+	export PURGE
+	export TIMESTAMP
+	export RECOVERING
+ 
+	if [ "$g_product" != Shorewall6 ]; then
+	    #
+	    # Shorewall6 Lite
+	    #
+	    export LOGFORMAT
+	    export IP6TABLES
+	fi
+    else
+	#
+	# 4.4.8 or later -- no exports required
+	#
+	options='-'
+
+	[ -n "$NOROUTES" ]  && options=${options}n
+	[ -n "$TIMESTAMP" ] && options=${options}t
+	[ -n "$PURGE" ]     && options=${options}p
+	[ -n "$RECOVERING" ] && options=${options}r
+
+	options="${options}V $VERBOSITY"
+
+	[ -n "$RESTOREFILE" ] && options="${options} -R $RESTOREFILE"
+    fi
+	
+    $SHOREWALL_SHELL $script $options $@
+}
+
 # Display a chain if it exists
 #

--- a/Shorewall6/shorewall6
+++ b/Shorewall6/shorewall6
@ -298,21 +298,6 @@ compiler() {
    $command perl $debugflags $pc $options $@
 }    

-#
-# Do required exports and run $SHOREWALL_SHELL
-#
-run_it() {
-    export RESTOREFILE
-    export VERBOSITY
-    export NOROUTES
-    export PURGE
-    export TIMESTAMP
-    export PATH
-    export RECOVERING
-
-    $SHOREWALL_SHELL $@
-}
-
 #
 # Start Command Executor
 #