holm/shorewall_code
1
0
Fork 0
forked from extern/shorewall_code
Code Pull Requests Activity

IPv6 work to only export when necessary

Browse Source 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
This commit is contained in:
Tom Eastep 2010-03-03 08:59:58 -08:00
parent 234e4fa754
commit ee74696747
5 changed files with 157 additions and 47 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
Shorewall/Perl/Shorewall/Rules.pm
View File

@ -2266,9 +2266,8 @@ EOF
echo Restoring ${g_product:=Shorewall}... echo Restoring ${g_product:=Shorewall}...
RECOVERING=Yes RECOVERING=Yes
export RECOVERING
if $g_restorepath restore; then if run_it $g_restorepath restore; then
echo "$g_product restored from $g_restorepath" echo "$g_product restored from $g_restorepath"
set_state "Started" set_state "Started"
else else

78
Shorewall/Perl/prog.header6
View File

@ -1023,6 +1023,84 @@ startup_error() # $* = Error Message
exit 2 exit 2
} }
#
# Get the Shorewall version of the passed script
#
get_script_version() { # $1 = script
local temp
local version
local ifs
temp=$( $SHOREWALL_SHELL $1 version | sed 's/-.*//' )
if [ $? -ne 0 ]; then
version=0
else
ifs=$IFS
IFS=.
temp=$(echo $temp)
IFS=$ifs
for temp in $temp; do
version=${version}$(printf '%02d' $temp)
done
fi
echo $version
}
#
# Do required exports or create the required option string and run the passed script using
# $SHOREWALL_SHELL
#
run_it() {
local script
local options
local version
script=$1
shift
version=$(get_script_version $script)
if [ $version -lt 040408 ]; then
#
# Old script that doesn't understand 4.4.8 script options
#
export RESTOREFILE
export VERBOSITY
export NOROUTES
export PURGE
export TIMESTAMP
export RECOVERING
if [ "$g_product" != Shorewall6 ]; then
#
# Shorewall Lite
#
export LOGFORMAT
export IP6TABLES
fi
else
#
# 4.4.8 or later -- no exports required
#
options='-'
[ -n "$NOROUTES" ] && options=${options}n
[ -n "$TIMESTAMP" ] && options=${options}t
[ -n "$PURGE" ] && options=${options}p
[ -n "$RECOVERING" ] && options=${options}r
options="${options}V $VERBOSITY"
[ -n "$RESTOREFILE" ] && options="${options} -R $RESTOREFILE"
fi
$SHOREWALL_SHELL $script $options $@
}
# #
# Run iptables and if an error occurs, stop/restore the firewall # Run iptables and if an error occurs, stop/restore the firewall
# #

31
Shorewall6-lite/shorewall6-lite
View File

@ -166,35 +166,6 @@ verify_firewall_script() {
fi fi
} }
#
# Do required exports and run $SHOREWALL_SHELL
#
do_exports() {
export RESTOREFILE
export VERBOSITY
export NOROUTES
export PURGE
export TIMESTAMP
export PATH
export RECOVERING
export LOGFORMAT
export IP6TABLES
}
#
# Do required exports and run or exec $SHOREWALL_SHELL
#
run_it() {
do_exports
$SHOREWALL_SHELL $@
}
exec_it() {
do_exports
exec $SHOREWALL_SHELL $@
}
# #
# Start Command Executor # Start Command Executor
# #
@ -593,7 +564,7 @@ case "$COMMAND" in
stop|reset|clear) stop|reset|clear)
[ $# -ne 1 ] && usage 1 [ $# -ne 1 ] && usage 1
verify_firewall_script verify_firewall_script
exec_it $g_firewall $debugging $nolock $COMMAND run_it $g_firewall $debugging $nolock $COMMAND
;; ;;
restart) restart)
shift shift

77
Shorewall6/lib.cli
View File

@ -34,6 +34,83 @@ fatal_error() # $@ = Message
exit 2 exit 2
} }
#
# Get the Shorewall version of the passed script
#
get_script_version() { # $1 = script
local temp
local version
local ifs
temp=$( $SHOREWALL_SHELL $1 version | sed 's/-.*//' )
if [ $? -ne 0 ]; then
version=0
else
ifs=$IFS
IFS=.
temp=$(echo $temp)
IFS=$ifs
for temp in $temp; do
version=${version}$(printf '%02d' $temp)
done
fi
echo $version
}
#
# Do required exports or create the required option string and run the passed script using
# $SHOREWALL_SHELL
#
run_it() {
local script
local options
local version
script=$1
shift
version=$(get_script_version $script)
if [ $version -lt 040408 ]; then
#
# Old script that doesn't understand 4.4.8 script options
#
export RESTOREFILE
export VERBOSITY
export NOROUTES
export PURGE
export TIMESTAMP
export RECOVERING
if [ "$g_product" != Shorewall6 ]; then
#
# Shorewall6 Lite
#
export LOGFORMAT
export IP6TABLES
fi
else
#
# 4.4.8 or later -- no exports required
#
options='-'
[ -n "$NOROUTES" ] && options=${options}n
[ -n "$TIMESTAMP" ] && options=${options}t
[ -n "$PURGE" ] && options=${options}p
[ -n "$RECOVERING" ] && options=${options}r
options="${options}V $VERBOSITY"
[ -n "$RESTOREFILE" ] && options="${options} -R $RESTOREFILE"
fi
$SHOREWALL_SHELL $script $options $@
}
# Display a chain if it exists # Display a chain if it exists
# #

15
Shorewall6/shorewall6
View File

@ -298,21 +298,6 @@ compiler() {
$command perl $debugflags $pc $options $@ $command perl $debugflags $pc $options $@
} }
#
# Do required exports and run $SHOREWALL_SHELL
#
run_it() {
export RESTOREFILE
export VERBOSITY
export NOROUTES
export PURGE
export TIMESTAMP
export PATH
export RECOVERING
$SHOREWALL_SHELL $@
}
# #
# Start Command Executor # Start Command Executor
# #