holm/shorewall_code
1
0
Fork 0
forked from extern/shorewall_code
Code Pull Requests Activity

Clean up superfluous command options

Browse Source 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@3425 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
This commit is contained in:
teastep 2006-02-03 15:27:54 +00:00
parent 7085f1d417
commit eeab23353c
3 changed files with 29 additions and 78 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

23
Shorewall/help
View File

@ -203,12 +203,10 @@ logwatch)
;; ;;
refresh) refresh)
echo "refresh: [ -q ] refresh echo "refresh: refresh
The rules involving the broadcast addresses of firewall interfaces, The rules involving the broadcast addresses of firewall interfaces,
the black list, traffic control rules and ECN control rules are recreated the black list, traffic control rules and ECN control rules are recreated
to reflect any changes made. Existing connections are untouched. to reflect any changes made. Existing connections are untouched.
If \"-q\" is specified, less detain is displayed making it easier to spot warnings"
;; ;;
reject) reject)
@ -226,36 +224,34 @@ reset)
;; ;;
restart) restart)
echo "restart: restart [ -q ] [ -n ] [ <configuration-directory> ] echo "restart: restart [ -n ] [ <configuration-directory> ]
Restart is the same as a shorewall stop && shorewall start. Restart is the same as a shorewall stop && shorewall start.
Existing connections are maintained. Existing connections are maintained.
If \"-q\" is specified, less detain is displayed making it easier to spot warnings
If \"-n\" is specified, no changes to routing will be made" If \"-n\" is specified, no changes to routing will be made"
;; ;;
safe-restart) safe-restart)
echo "safe-restart: [ -q ] safe-restart echo "safe-restart: safe-restart
Restart the same way as a shorewall restart except that previous firewall Restart the same way as a shorewall restart except that previous firewall
configuration is backed up and will be restored if you notice any anomalies configuration is backed up and will be restored if you notice any anomalies
or you are not able to reach the firewall any more." or you are not able to reach the firewall any more."
;; ;;
safe-start) safe-start)
echo "safe-start: [ -q ] safe-start echo "safe-start: safe-start
Start the same way as a shorewall start except that in case of anomalies Start the same way as a shorewall start except that in case of anomalies
shorewall clear is issued. " shorewall clear is issued. "
;; ;;
restore) restore)
echo "restore: restore [ -q ] [ -n ] [ <file name> ] echo "restore: restore [ -n ] [ <file name> ]
Restore Shorewall to a state saved using the 'save' command Restore Shorewall to a state saved using the 'save' command
Existing connections are maintained. The <file name> names a restore file in Existing connections are maintained. The <file name> names a restore file in
/var/lib/shorewall created using \"shorewall save\"; if no <file name> is given /var/lib/shorewall created using \"shorewall save\"; if no <file name> is given
then Shorewall will be restored from the file specified by the RESTOREFILE then Shorewall will be restored from the file specified by the RESTOREFILE
option in shorewall.conf. option in shorewall.conf.
If \"-q\" is specified, less detain is displayed making it easier to spot warnings
If \"-n\" is specified, no changes to routing will be made. If \"-n\" is specified, no changes to routing will be made.
See also \"help save\", \"help compile\" and \"help forget\"" See also \"help save\", \"help compile\" and \"help forget\""
@ -305,11 +301,10 @@ show)
;; ;;
start) start)
echo "start: start [ -f ] [ -n ] [ -q ] [ <configuration-directory> ] echo "start: start [ -f ] [ -n ] [ <configuration-directory> ]
Start shorewall. Existing connections through shorewall managed Start shorewall. Existing connections through shorewall managed
interfaces are untouched. New connections will be allowed only interfaces are untouched. New connections will be allowed only
if they are allowed by the firewall rules or policies. if they are allowed by the firewall rules or policies.
If \"-q\" is specified, less detail is displayed making it easier to spot warnings
If \"-f\" is specified, the saved configuration specified by the RESTOREFILE option If \"-f\" is specified, the saved configuration specified by the RESTOREFILE option
in shorewall.conf will be restored if that saved configuration exists. In that in shorewall.conf will be restored if that saved configuration exists. In that
case, a <configuration-directory> may not be specified. case, a <configuration-directory> may not be specified.
@ -317,13 +312,11 @@ start)
;; ;;
stop) stop)
echo "stop: [ -n ] stop echo "stop: stop
Stops the firewall. All existing connections, except those Stops the firewall. All existing connections, except those
listed in /etc/shorewall/routestopped, are taken down. listed in /etc/shorewall/routestopped, are taken down.
The only new traffic permitted through the firewall The only new traffic permitted through the firewall
is from systems listed in /etc/shorewall/routestopped. is from systems listed in /etc/shorewall/routestopped.
If \"-n\" is specified, no changes to routing will be made"
;; ;;
status) status)
@ -364,7 +357,7 @@ try)
the default configuration. the default configuration.
The \"-n\" option will be passed down to the underlying commands (see The \"-n\" option will be passed down to the underlying commands (see
'start', 'stop', 'restart' and 'restore')" 'start', 'restart' and 'restore')"
;; ;;
version) version)

8
Shorewall/releasenotes.txt
View File

@ -34,9 +34,11 @@ Problems Corrected in 3.1.5
2) Specifying a GATEWAY IP address in /etc/shorewall/providers no longer 2) Specifying a GATEWAY IP address in /etc/shorewall/providers no longer
causes "shorewall [re]start to fail". causes "shorewall [re]start to fail".
New Features added in 3.1.5 Other changes in 3.1.5
None. 1) Synonyms have been removed from the /sbin/shorewall command set. The
'generate' and 'reload' command have been removed. The 'reload' command
has also been removed from the program generated by 'compile'.
Migration Considerations: Migration Considerations:
@ -193,7 +195,7 @@ file>
<program> [ -q ] [ -v ] [ -n ] start <program> [ -q ] [ -v ] [ -n ] start
<program> [ -q ] [ -v ] [ -n ] stop <program> [ -q ] [ -v ] [ -n ] stop
<program> [ -q ] [ -v ] [ -n ] clear <program> [ -q ] [ -v ] [ -n ] clear
<program> [ -q ] [ -v ] [ -n ] {restart|reload} <program> [ -q ] [ -v ] [ -n ] restart
<program> [ -q ] [ -v ] [ -n ] status <program> [ -q ] [ -v ] [ -n ] status
<program> [ -q ] [ -v ] [ -n ] version <program> [ -q ] [ -v ] [ -n ] version

76
Shorewall/shorewall
View File

@ -526,22 +526,10 @@ start_command() {
finished=1 finished=1
option= option=
;; ;;
q*)
VERBOSE=$(($VERBOSE - 1 ))
option=${option#q}
;;
v*)
VERBOSE=$(($VERBOSE + 1 ))
option=${option#v}
;;
f*) f*)
FAST=Yes FAST=Yes
option=${option#f} option=${option#f}
;; ;;
n*)
NOROUTES=Yes
option=${option#n}
;;
*) *)
usage 1 usage 1
;; ;;
@ -635,14 +623,6 @@ compile_command() {
EXPORT=Yes EXPORT=Yes
option=${option#e} option=${option#e}
;; ;;
q*)
VERBOSE=$(($VERBOSE - 1 ))
option=${option#q}
;;
v*)
VERBOSE=$(($VERBOSE + 1 ))
option=${option#v}
;;
-) -)
finished=1 finished=1
option= option=
@ -708,13 +688,9 @@ check_command() {
finished=1 finished=1
option= option=
;; ;;
q*) e*)
VERBOSE=$(($VERBOSE - 1 )) EXPORT=Yes
option=${option#q} option=${option#e}
;;
v*)
VERBOSE=$(($VERBOSE + 1 ))
option=${option#v}
;; ;;
*) *)
usage 1 usage 1
@ -774,14 +750,6 @@ restart_command() {
finished=1 finished=1
option= option=
;; ;;
q*)
VERBOSE=$(($VERBOSE - 1 ))
option=${option#q}
;;
v*)
VERBOSE=$(($VERBOSE + 1 ))
option=${option#v}
;;
n*) n*)
NOROUTES=Yes NOROUTES=Yes
option=${option#n} option=${option#n}
@ -856,6 +824,10 @@ show_command() {
VERBOSE=$(($VERBOSE + 1 )) VERBOSE=$(($VERBOSE + 1 ))
option=${option#v} option=${option#v}
;; ;;
x*)
IPT_OPTIONS="-xnv"
option=${option#x}
;;
*) *)
usage 1 usage 1
;; ;;
@ -989,9 +961,9 @@ dump_command() {
finished=1 finished=1
option= option=
;; ;;
v*) x*)
VERBOSE=$(($VERBOSE + 1 )) IPT_OPTIONS="-xnv"
option=${option#v} option=${option#x}
;; ;;
*) *)
usage 1 usage 1
@ -1109,14 +1081,6 @@ safe_commands() {
finished=1 finished=1
option= option=
;; ;;
q*)
VERBOSE=$(($VERBOSE - 1 ))
option=${option#q}
;;
v*)
VERBOSE=$(($VERBOSE + 1 ))
option=${option#v}
;;
n*) n*)
NOROUTES=Yes NOROUTES=Yes
option=${option#n} option=${option#n}
@ -1210,14 +1174,6 @@ restore_command() {
finished=1 finished=1
option= option=
;; ;;
q*)
VERBOSE=$(($VERBOSE + 1 ))
option=${option#q}
;;
v*)
VERBOSE=$(($VERBOSE + 1 ))
option=${option#v}
;;
n*) n*)
NOROUTES=Yes NOROUTES=Yes
option=${option#n} option=${option#n}
@ -1284,7 +1240,7 @@ help()
# #
usage() # $1 = exit status usage() # $1 = exit status
{ {
echo "Usage: $(basename $0) [debug|trace] [nolock] [ -x ] [ -q ] [ -v ] [ -n ] <command>" echo "Usage: $(basename $0) [debug|trace] [nolock] [ -q ] [ -v ] <command>"
echo "where <command> is one of:" echo "where <command> is one of:"
echo " add <interface>[:<host-list>] ... <zone>" echo " add <interface>[:<host-list>] ... <zone>"
echo " allow <address> ..." echo " allow <address> ..."
@ -1293,7 +1249,7 @@ usage() # $1 = exit status
echo " compile [ -e ] [ <directory name> ] <path name>" echo " compile [ -e ] [ <directory name> ] <path name>"
echo " delete <interface>[:<host-list>] ... <zone>" echo " delete <interface>[:<host-list>] ... <zone>"
echo " drop <address> ..." echo " drop <address> ..."
echo " dump" echo " dump [ -x ]"
echo " forget [ <file name> ]" echo " forget [ <file name> ]"
echo " help [ <command > | host | address ]" echo " help [ <command > | host | address ]"
echo " hits" echo " hits"
@ -1304,11 +1260,11 @@ usage() # $1 = exit status
echo " refresh" echo " refresh"
echo " reject <address> ..." echo " reject <address> ..."
echo " reset" echo " reset"
echo " restart [ <directory> ]" echo " restart [ -n ] [ <directory> ]"
echo " restore [ <file name> ]" echo " restore [ -n ] [ <file name> ]"
echo " save [ <file name> ]" echo " save [ <file name> ]"
echo " show [<chain> [ <chain> ... ]|actions|capabilities|classifiers|connections|log|macros|mangle|nat|tc|zones]" echo " show [ -x ] [<chain> [ <chain> ... ]|actions|capabilities|classifiers|connections|log|macros|mangle|nat|tc|zones]"
echo " start [ -f ] [ <directory> ]" echo " start [ -f ] [ -n ] [ <directory> ]"
echo " stop" echo " stop"
echo " status" echo " status"
echo " try <directory> [ <timeout> ]" echo " try <directory> [ <timeout> ]"