From f1ed9630770c078a9f0b2abe28f91cb3c5a87c83 Mon Sep 17 00:00:00 2001 From: matt darfeuille Date: Thu, 14 Jan 2016 16:08:20 +0100 Subject: [PATCH] Shorewall 5.0.4 Beta 2 Hi Tom, Some unnecessary lines need to be removed from the sysconfig files. I made some more changes to the init.openwrt.sh scripts(lite and lite6) Attached as sysconfig-lite.patch! In order to be able to use the build50 script I had to make a few changes(attached as build50.patch): - Adding a variable BASEDIR (to build shorewall in a subdirectory) BASEDIR=$PWD and doing: $BASEDIR/annotate.pl and so on ... - Adding a variable CYGWINSTYLESHEET and modifying the script to use this new variable(added cygwin clause in case statement) - Adding a variable GITRELEASEDIR and modifying the lines around 624(to specify an other name for the release repo) from ../release/ to ../$GITRELEASEDIR/ - Added line to remove unnecessary *.bak files - Added an if statement if a subdirectory is used when patches are created question/request: Would it be possible to use the build50 script without the '-t' option? That way only the packages would be built but the tarballs wouldn't be created. -Matt On 12 Jan 2016 at 7:57, Tom Eastep wrote: > Shorewall 5.0.4 Beta 2 is now available for download. > > New Feature since Beta 1: > > 1) The mangle file now supports an DIVERTHA action that provides > support for HAProxy. > > To setup the HAProxy transparent configuration described at > > http://www.loadbalancer.org/blog/setting-up-haproxy-with-transparent-mode-on-centos-6-x, > place this entry in shorewall-providers(5): > > > #NAME NUMBER MARK DUPLICATE INTERFACE GATEWAY OPTIONS > TProxy 1 - - lo - tproxy > > and use this DIVERTHA entry: > > #ACTION SOURCE DEST PROTO ... > DIVERTHA - - tcp > > Thank you for testing, > -Tom > -- > Tom Eastep \ When I die, I want to go like my Grandfather who > Shoreline, \ died peacefully in his sleep. Not screaming like > Washington, USA \ all of the passengers in his car > http://shorewall.net \________________________________________________ > > -------------- Enclosure number 1 ---------------- >From ca4c854433e1c4c5870ea3e71225e5df8da4e255 Mon Sep 17 00:00:00 2001 From: Matt Darfeuille Date: Wed, 13 Jan 2016 21:28:47 +0100 Subject: [PATCH 1/2] Modified lite and lite6.init.openwrt.sh Signed-off-by: Matt Darfeuille Signed-off-by: Tom Eastep --- Shorewall-lite/init.openwrt.sh | 21 +++++++---------- Shorewall-lite/sysconfig | 42 +++++++++++++++++---------------- Shorewall/sysconfig | 42 +++++++++++++++++---------------- Shorewall6-lite/init.openwrt.sh | 20 ++++++++-------- Shorewall6-lite/sysconfig | 42 +++++++++++++++++---------------- Shorewall6/sysconfig | 42 +++++++++++++++++---------------- 6 files changed, 107 insertions(+), 102 deletions(-) diff --git a/Shorewall-lite/init.openwrt.sh b/Shorewall-lite/init.openwrt.sh index 74c3a2800..fe22b304c 100755 --- a/Shorewall-lite/init.openwrt.sh +++ b/Shorewall-lite/init.openwrt.sh @@ -38,16 +38,13 @@ # description: Packet filtering firewall -# Product name variable -PRODUCT=shorewall-lite -+ # Openwrt related -# start and stop runlevel variable +# Start and stop runlevel variable START=50 STOP=89 -# variable to display what the status command do when /etc/init.d/shorewall-lite is invoke without argument +# Displays the status command EXTRA_COMMANDS="status" -EXTRA_HELP="status displays shorewall status" +EXTRA_HELP=" status Displays firewall status" ################################################################################ # Get startup options (override default) @@ -59,8 +56,8 @@ OPTIONS= # . /usr/share/shorewall/shorewallrc -if [ -f ${SYSCONFDIR}/$PRODUCT ]; then - . ${SYSCONFDIR}/$PRODUCT +if [ -f ${SYSCONFDIR}/shorewall-lite ]; then + . ${SYSCONFDIR}/shorewall-lite fi SHOREWALL_INIT_SCRIPT=1 @@ -68,7 +65,7 @@ SHOREWALL_INIT_SCRIPT=1 ################################################################################ # E X E C U T I O N B E G I N S H E R E # ################################################################################ -# arg1 of init script is arg2 when rc.common is sourced; set to action variable +# Arg1 of init script is arg2 when rc.common is sourced; set to action variable command="$action" start() { @@ -76,8 +73,8 @@ start() { } boot() { -local command="start" -start + local command="start" + start } restart() { @@ -93,5 +90,5 @@ stop() { } status() { - exec ${SBINDIR}/shorewall-lite $OPTIONS $command $STATUSOPTIONS + exec ${SBINDIR}/shorewall-lite $OPTIONS $command $@ } diff --git a/Shorewall-lite/sysconfig b/Shorewall-lite/sysconfig index df4440bf9..d60587cb1 100644 --- a/Shorewall-lite/sysconfig +++ b/Shorewall-lite/sysconfig @@ -1,25 +1,27 @@ -# sysV init file script configuration(/etc/sysconfdir/shorewall-lite) +# +# Global start/restart/reload/stop options +# +OPTIONS="" -# startup option(default "-vvv") -OPTIONS= +# +# Start options +# +STARTOPTIONS="" -# change default start run level(if none empty; /etc/init.d/shorewall-lite enable) -START=50 +# +# Restart options +# +RESTARTOPTIONS="" -# change default stop run level(if none empty; /etc/init.d/shorewall-lite enable) -STOP= +# +# Reload options +# +RELOADOPTIONS="" -# option to pass when shorewall start is executed -STARTOPTIONS= +# +# Stop options +# +STOPOPTIONS="" -# option to pass when shorewall restart is executed -RESTARTOPTIONS= - -# option to pass when shorewall reload is executed -RELOADOPTIONS= - -# option to pass when shorewall stop is executed -STOPOPTIONS= - -# option to pass when shorewall status is executed -STATUSOPTIONS= +# EOF +>>>>>>> 39caa74... Improved sysconfig files diff --git a/Shorewall/sysconfig b/Shorewall/sysconfig index df4440bf9..d60587cb1 100644 --- a/Shorewall/sysconfig +++ b/Shorewall/sysconfig @@ -1,25 +1,27 @@ -# sysV init file script configuration(/etc/sysconfdir/shorewall-lite) +# +# Global start/restart/reload/stop options +# +OPTIONS="" -# startup option(default "-vvv") -OPTIONS= +# +# Start options +# +STARTOPTIONS="" -# change default start run level(if none empty; /etc/init.d/shorewall-lite enable) -START=50 +# +# Restart options +# +RESTARTOPTIONS="" -# change default stop run level(if none empty; /etc/init.d/shorewall-lite enable) -STOP= +# +# Reload options +# +RELOADOPTIONS="" -# option to pass when shorewall start is executed -STARTOPTIONS= +# +# Stop options +# +STOPOPTIONS="" -# option to pass when shorewall restart is executed -RESTARTOPTIONS= - -# option to pass when shorewall reload is executed -RELOADOPTIONS= - -# option to pass when shorewall stop is executed -STOPOPTIONS= - -# option to pass when shorewall status is executed -STATUSOPTIONS= +# EOF +>>>>>>> 39caa74... Improved sysconfig files diff --git a/Shorewall6-lite/init.openwrt.sh b/Shorewall6-lite/init.openwrt.sh index c8c2fde79..9c1e7914a 100755 --- a/Shorewall6-lite/init.openwrt.sh +++ b/Shorewall6-lite/init.openwrt.sh @@ -39,13 +39,13 @@ # description: Packet filtering firewall -# openwrt stuph -# start and stop runlevel variable +# Openwrt related +# Start and stop runlevel variable START=50 STOP=89 -# variable to display what the status command do when /etc/init.d/shorewall6-lite is invoke without argument +# Displays the status command EXTRA_COMMANDS="status" -EXTRA_HELP="status displays shorewall status" +EXTRA_HELP=" status Displays firewall status" ################################################################################ # Get startup options (override default) @@ -57,8 +57,8 @@ OPTIONS= # . /usr/share/shorewall/shorewallrc -if [ -f ${SYSCONFDIR}/$PRODUCT ]; then - . ${SYSCONFDIR}/$PRODUCT +if [ -f ${SYSCONFDIR}/shorewall6-lite ]; then + . ${SYSCONFDIR}/shorewall6-lite fi SHOREWALL_INIT_SCRIPT=1 @@ -66,7 +66,7 @@ SHOREWALL_INIT_SCRIPT=1 ################################################################################ # E X E C U T I O N B E G I N S H E R E # ################################################################################ -# arg1 of init script is arg2 when rc.common is sourced; set to action variable +# Arg1 of init script is arg2 when rc.common is sourced; set to action variable command="$action" start() { @@ -74,8 +74,8 @@ start() { } boot() { -local command="start" -start + local command="start" + start } restart() { @@ -91,5 +91,5 @@ stop() { } status() { - exec ${SBINDIR}/shorewall6-lite $OPTIONS $command $STATUSOPTIONS + exec ${SBINDIR}/shorewall6-lite $OPTIONS $command $@ } diff --git a/Shorewall6-lite/sysconfig b/Shorewall6-lite/sysconfig index df4440bf9..d60587cb1 100644 --- a/Shorewall6-lite/sysconfig +++ b/Shorewall6-lite/sysconfig @@ -1,25 +1,27 @@ -# sysV init file script configuration(/etc/sysconfdir/shorewall-lite) +# +# Global start/restart/reload/stop options +# +OPTIONS="" -# startup option(default "-vvv") -OPTIONS= +# +# Start options +# +STARTOPTIONS="" -# change default start run level(if none empty; /etc/init.d/shorewall-lite enable) -START=50 +# +# Restart options +# +RESTARTOPTIONS="" -# change default stop run level(if none empty; /etc/init.d/shorewall-lite enable) -STOP= +# +# Reload options +# +RELOADOPTIONS="" -# option to pass when shorewall start is executed -STARTOPTIONS= +# +# Stop options +# +STOPOPTIONS="" -# option to pass when shorewall restart is executed -RESTARTOPTIONS= - -# option to pass when shorewall reload is executed -RELOADOPTIONS= - -# option to pass when shorewall stop is executed -STOPOPTIONS= - -# option to pass when shorewall status is executed -STATUSOPTIONS= +# EOF +>>>>>>> 39caa74... Improved sysconfig files diff --git a/Shorewall6/sysconfig b/Shorewall6/sysconfig index df4440bf9..d60587cb1 100644 --- a/Shorewall6/sysconfig +++ b/Shorewall6/sysconfig @@ -1,25 +1,27 @@ -# sysV init file script configuration(/etc/sysconfdir/shorewall-lite) +# +# Global start/restart/reload/stop options +# +OPTIONS="" -# startup option(default "-vvv") -OPTIONS= +# +# Start options +# +STARTOPTIONS="" -# change default start run level(if none empty; /etc/init.d/shorewall-lite enable) -START=50 +# +# Restart options +# +RESTARTOPTIONS="" -# change default stop run level(if none empty; /etc/init.d/shorewall-lite enable) -STOP= +# +# Reload options +# +RELOADOPTIONS="" -# option to pass when shorewall start is executed -STARTOPTIONS= +# +# Stop options +# +STOPOPTIONS="" -# option to pass when shorewall restart is executed -RESTARTOPTIONS= - -# option to pass when shorewall reload is executed -RELOADOPTIONS= - -# option to pass when shorewall stop is executed -STOPOPTIONS= - -# option to pass when shorewall status is executed -STATUSOPTIONS= +# EOF +>>>>>>> 39caa74... Improved sysconfig files