# Shorewall Packet Filtering Firewall Export Directory Makefile - V4.0 # # This program is under GPL [http://www.gnu.org/licenses/old-licenses/gpl-2.0.txt] # # (c) 2006 - Tom Eastep (teastep@shorewall.net) # # Shorewall documentation is available at http://www.shorewall.net # # This program is free software; you can redistribute it and/or modify # it under the terms of Version 2 of the GNU General Public License # as published by the Free Software Foundation. # # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this program; if not, write to the Free Software # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. ################################################################################ # Place this file in each export directory. Modify each copy to set HOST # to the name of the remote firewall corresponding to the directory. # # To make the 'firewall' script, type "make". # # Once the script is compiling correctly, you can install it by # typing "make install". # ################################################################################ # V A R I A B L E S # # Files in the export directory on which the firewall script does not depend # IGNOREFILES = firewall% Makefile% trace% %~ # # Remote Firewall system # HOST = gateway # # Save some typing # LITEDIR = /var/lib/shorewall-lite # # Set this if the remote system has a non-standard modules directory # MODULESDIR= # # Default target is the firewall script # ################################################################################ # T A R G E T S # all: firewall # # Only generate the capabilities file if it doesn't already exist # capabilities: ssh root@$(HOST) "MODULESDIR=$(MODULESDIR) /usr/share/shorewall-lite/shorecap > $(LITEDIR)/capabilities" scp root@$(HOST):$(LITEDIR)/capabilities . # # Compile the firewall script. Using the 'wildcard' function causes "*" to be expanded so that # 'filter-out' will be presented with the list of files in this directory rather than "*" # firewall: $(filter-out $(IGNOREFILES) capabilities , $(wildcard *) ) capabilities shorewall compile -e . firewall # # Only reload on demand. # install: firewall scp firewall firewall.conf root@$(HOST):$(LITEDIR) ssh root@$(HOST) "/sbin/shorewall-lite restart" # # Save running configuration # save: ssh root@$(HOST) "/sbin/shorewall-lite save" # # Remove generated files # clean: rm -f capabilities firewall firewall.conf reload