Issue warning on missing IPSET

Shorewall/Perl/Shorewall/Chains.pm

@@ -244,6 +244,7 @@ our $mangle_table;
 our $filter_table;
 our $comment;
 our @comments;
+my  $export;
 
 #
 # Target Types
@@ -388,8 +389,8 @@ our %builtin_target = ( ACCEPT      => 1,
 #   2. The compiler can run multiple times in the same process so it has to be
 #      able to re-initialize its dependent modules' state.
 #
-sub initialize( $$ ) {
-    ( $family, my $hard ) = @_;
+sub initialize( $$$ ) {
+    ( $family, my $hard, $export ) = @_;
 
     %chain_table = ( raw    => {},
 		     mangle => {},
@@ -2819,6 +2820,10 @@ sub get_set_flags( $$ ) {
 
     $setname =~ s/^\+//;
 
+    unless ( $export || $> != 0 ) {
+	warning_message "Ipset $setname does not exist" unless qt "ipset -L $setname";
+    }
+
     fatal_error "Invalid ipset name ($setname)" unless $setname =~ /^[a-zA-Z]\w*/;
 
     have_capability 'OLD_IPSET_MATCH' ? "--set $setname $options " : "--match-set $setname $options ";

Shorewall/Perl/Shorewall/Compiler.pm

@@ -54,7 +54,7 @@ our $family;
 #
 sub initialize_package_globals() {
     Shorewall::Config::initialize($family);
-    Shorewall::Chains::initialize ($family, 1);
+    Shorewall::Chains::initialize ($family, 1, $export );
     Shorewall::Zones::initialize ($family);
     Shorewall::Nat::initialize;
     Shorewall::Providers::initialize($family);
@@ -817,7 +817,7 @@ sub compiler {
 	# We must reinitialize Shorewall::Chains before generating the iptables-restore input
 	# for stopping the firewall
 	#
-	Shorewall::Chains::initialize( $family, 0 );
+	Shorewall::Chains::initialize( $family, 0 , $export );
 	initialize_chain_table;
 	#
 	#                           S T O P _ F I R E W A L L
@@ -881,7 +881,7 @@ sub compiler {
 	# Re-initialize the chain table so that process_routestopped() has the same
 	# environment that it would when called by compile_stop_firewall().
 	#
-	Shorewall::Chains::initialize( $family , 0 );
+	Shorewall::Chains::initialize( $family , 0 , $export );
 	initialize_chain_table;
 
 	if ( $debug ) {