Fix shorewall-lite install.sh; fix SHOREWALL_COMPILER=shell when removing shorewall-shell rpm; update web site for RC2

git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@6843 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2007-07-11 15:06:44 +00:00 · 2007-07-11 15:06:44 +00:00 · f0897e3773
commit f0897e3773
parent 38892108c9
5 changed files with 108 additions and 63 deletions
--- a/Shorewall-common/changelog.txt
+++ b/Shorewall-common/changelog.txt
@ -1,3 +1,7 @@
+Changes in 4.0.0 Final
+
+1)  Fix lite install.sh manpage problem.
+
 Changes in 4.0.0 RC 2

 1)  Fix zone type check in Tunnels File.
--- a/Shorewall-common/releasenotes.txt
+++ b/Shorewall-common/releasenotes.txt
@ -25,65 +25,22 @@ Shorewall 4.0.0 RC 2
   Shorewall-perl compiler. This support utilizes the reduced-function
   physdev match support available in Linux kernel 2.6.20 and later.

-Problems corrected in 4.0.0 RC 2.
+Problems corrected in 4.0.0 Final.

-1)  Shorewall-perl now correctly permits zones of type 'ipsec' in the
-    ZONE column of /etc/shorewall/tunnels.
-
-2)  The shorewall-common install.sh may now be run multiple times from
+1)  The shorewall-lite install.sh may now be run multiple times from
    the same directory. Previously, the manpages were gzipped in-place
    which made it impossible to rerun the script.

-3)  The implementation of LITEDIR has always been
-    unsatisfactory. Furthermore, there have been other cases where
-    people have asked to be able to designate the state directory
-    (default /var/lib/shorewall[-lite]).
+2)  If shorewall.conf contained SHOREWALL_COMPILER=shell (which it can
+    on Shorewall 3.4.2-4 systems) and the shorewall-shell RPM was
+    removed, subsequent "shorewall [re]start" operations failed. When
+    shorewall-shell is removed, the shorewall.conf file is modified to
+    specify SHOREWALL_COMPILER= and the original is saved in
+    shorewall.conf.rpmsave.

-    To meet these objectives:
+Other changes in Shorewall 4.0.0 Final.

-    a)  The LITEDIR variable has been eliminated in
-        /usr/share/shorewall[-lite]/configpath.
-
-    b)  A new file /etc/shorewall[-lite]/vardir has been added. This
-        file is not created by default but may be added as needed. It
-        is expected to contain a single variable assignment:
-
-	   VARDIR=<directory>
-
-	Example:
-
-	   VARDIR=/root/shorewall
-    
-    To change VARDIR, copy the old directory to the new one before you
-    restart Shorewall[-lite].
-
-    To use this feature with Shorewall-lite, all packages involved
-    (compiler, shorewall-common and shorewall-lite) must be version
-    4.0.0-RC2 or later.
-
-4)  Several bugs in Shorewall-perl's handling of ipsec zones have been
-    corrected.
-
-5)  Tuomo Soini has contributed bi-directional macros for various
-    tunnel types:
-
-	  IPsecah
-	  GRE
-	  IPsec
-	  IPIP
-	  IPsecnat
-	  L2TP
-
-Other changes in Shorewall 4.0.0 RC 2.
-
-1)  The -f option is no longer the default when Shorewall is started at
-    boot time (usually via /etc/init.d/shorewall). With Shorewall-perl,
-    "shorewall start" is nearly as fast as "shorewall restore" and
-    "shorewall start" uses the current configuration which avoids
-    confusion.
-
-2)  Code in Shorewall-perl that allowed it to run under Shorewall 3.4
-    has been removed (although it might still work under 3.4.4).
+None.

 Migration Considerations:

@ -158,6 +115,9 @@ Migration Considerations:
 	shorewall check
 	shorewall restart

+        Be sure to modify shorewall.conf if it still has
+        SHOREWALL_COMPILER=shell.
+
 2)  The ROUTE_FILTER and LOG_MARTIANS options in shorewall.conf work
    slightly differently in Shorewall 4.0.0. In prior releases, leaving
    these options empty was equivalent to setting them to 'No' which
@ -181,6 +141,36 @@ Migration Considerations:
    If you currently have neither of those files, you will need to
    create one of them. 

+4)  This issue will only affect you if you use Shorewall Lite and have
+    modified /usr/share/configpath to specify a different LITEDIR.
+
+    The implementation of LITEDIR has always been
+    unsatisfactory. Furthermore, there have been other cases where
+    people have asked to be able to designate the state directory
+    (default /var/lib/shorewall[-lite]).
+
+    To meet these objectives:
+
+    a)  The LITEDIR variable has been eliminated in
+        /usr/share/shorewall[-lite]/configpath.
+
+    b)  A new file /etc/shorewall[-lite]/vardir has been added. This
+        file is not created by default but may be added as needed. It
+        is expected to contain a single variable assignment:
+
+	   VARDIR=<directory>
+
+	Example:
+
+	   VARDIR=/root/shorewall
+    
+    To change VARDIR, copy the old directory to the new one before you
+    restart Shorewall[-lite].
+
+    To use this feature with Shorewall-lite, all packages involved
+    (compiler, shorewall-common and shorewall-lite) must be version
+    4.0.0-RC2 or later.
+
 ----------------------------------------------------------------------------
                         N E W  F E A T U R E S
 ----------------------------------------------------------------------------
@ -819,6 +809,48 @@ Migration Considerations:
    encounter problems with the generated module, simply copy the
    fallback module to /usr/share/shorewall-perl/Shorewall/Ports.pm.

+11) Tuomo Soini has contributed bi-directional macros for various
+    tunnel types:
+
+	  IPsecah
+	  GRE
+	  IPsec
+	  IPIP
+	  IPsecnat
+	  L2TP
+
+12) The -f option is no longer the default when Shorewall is started at
+    boot time (usually via /etc/init.d/shorewall). With Shorewall-perl,
+    "shorewall start" is nearly as fast as "shorewall restore" and
+    "shorewall start" uses the current configuration which avoids
+    confusion.
+
+13) The implementation of LITEDIR has always been
+    unsatisfactory. Furthermore, there have been other cases where
+    people have asked to be able to designate the state directory
+    (default /var/lib/shorewall[-lite]).
+
+    To meet these objectives:
+
+    a)  The LITEDIR variable has been eliminated in
+        /usr/share/shorewall[-lite]/configpath.
+
+    b)  A new file /etc/shorewall[-lite]/vardir has been added. This
+        file is not created by default but may be added as needed. It
+        is expected to contain a single variable assignment:
+
+	   VARDIR=<directory>
+
+	Example:
+
+	   VARDIR=/root/shorewall
+    
+    To change VARDIR, copy the old directory to the new one before you
+    restart Shorewall[-lite].
+
+    To use this feature with Shorewall-lite, all packages involved
+    (compiler, shorewall-common and shorewall-lite) must be version
+    4.0.0-RC2 or later.
 ----------------------------------------------------------------------------
                      P R E R E Q U I S I T E S
 ----------------------------------------------------------------------------
--- a/Shorewall-lite/install.sh
+++ b/Shorewall-lite/install.sh
@ -334,16 +334,14 @@ echo "Modules file installed as ${PREFIX}/usr/share/shorewall-lite/modules"

 cd manpages

-rm -f *.gz
-
 for f in *.5; do
-    gzip $f
+    gzip -c $f > $f.gz
    run_install -D -m 644 $f.gz ${PREFIX}/usr/share/man/man5/$f.gz
    echo "Man page $f.gz installed to /usr/share/man/man5/$f.gz"
 done

 for f in *.8; do
-    gzip $f
+    gzip -d $f > $f.gz
    run_install -D -m 644 $f.gz ${PREFIX}/usr/share/man/man8/$f.gz
    echo "Man page $f.gz installed to /usr/share/man/man8/$f.gz"
 done
--- a/Shorewall-shell/shorewall-shell.spec
+++ b/Shorewall-shell/shorewall-shell.spec
@ -1,6 +1,6 @@
 %define name shorewall-shell
 %define version 4.0.0
-%define release 0RC2
+%define release 1

 Summary: Shoreline Firewall is an iptables-based firewall for Linux systems.
 Name: %{name}
@ -49,6 +49,17 @@ rm -rf $RPM_BUILD_ROOT

 %preun

+%postun
+
+if [ "$1" -eq 0 -a -f /etc/shorewall/shorewall.conf ]; then
+    sed -i.rpmsave -e 's/SHOREWALL_COMPILER=shell/SHOREWALL_COMPILER=/' /etc/shorewall/shorewall.conf
+    if cmp -s /etc/shorewall/shorewall.conf.rpmsave /etc/shorewall/shorewall.conf; then
+	rm -f /etc/shorewall/shorewall.conf.rpmsave
+    else
+	echo "/etc/shorewall/shorewall.conf modified - original saved as /etc/shorewall/shorewall.conf.rpmsave"
+    fi 
+fi
+
 %files
 %defattr(0644,root,root,0755)
 %attr(0755,root,root) %dir /usr/share/shorewall-shell
--- a/web/shorewall_index.htm
+++ b/web/shorewall_index.htm
@ -21,7 +21,7 @@ Sections, with no Front-Cover, and with no Back-Cover Texts. A copy of the
 license is included in the section entitled “<a href="GnuCopyright.htm"
 target="_self">GNU Free Documentation License</a>”.</p>

-<p>2007-07-05</p>
+<p>2007-07-10</p>
 <hr style="width: 100%; height: 2px;">

 <h2>Table of Contents</h2>
@ -131,16 +131,16 @@ is 3.2.10<br>
    href="http://www1.shorewall.net/pub/shorewall/3.2/shorewall-3.2.10/errata/">updates</a>.</li>
 </ul>
 The <span style="font-weight: bold;">current Development Release</span> is
-4.0.0 RC1 
+4.0.0 RC2
 <ul>
  <li>Here are the <a
-    href="http://www1.shorewall.net/pub/shorewall/development/4.0/shorewall-4.0.0-RC1/releasenotes.txt">release
+    href="http://www1.shorewall.net/pub/shorewall/development/4.0/shorewall-4.0.0-RC2/releasenotes.txt">release
    notes</a> <br>
  </li>
  <li>Here are the <a
-    href="http://www1.shorewall.net/pub/shorewall/development/4.0/shorewall-4.0.0-RC1/known_problems.txt">known
+    href="http://www1.shorewall.net/pub/shorewall/development/4.0/shorewall-4.0.0-RC2/known_problems.txt">known
    problems</a> and <a
-    href="http://www1.shorewall.net/pub/shorewall/development/4.0/shorewall-4.0.0-RC1/errata/">updates</a>.</li>
+    href="http://www1.shorewall.net/pub/shorewall/development/4.0/shorewall-4.0.0-RC2/errata/">updates</a>.</li>
 </ul>

 <div style="margin-left: 40px;">