shorewall_code/Shorewall-shell/prog.footer
2008-12-17 17:40:44 +00:00

204 lines
3.9 KiB
Plaintext

#
# Give Usage Information
#
usage() {
echo "Usage: $0 [ -q ] [ -v ] [ -n ] [ start|stop|clear|reset|refresh|restart|status|version ]"
exit $1
}
################################################################################
# E X E C U T I O N B E G I N S H E R E #
################################################################################
#
# Start trace if first arg is "debug" or "trace"
#
if [ $# -gt 1 ] && [ "x$1" = "xdebug" -o "x$1" = "xtrace" ]; then
set -x
shift
fi
initialize
finished=0
while [ $finished -eq 0 -a $# -gt 0 ]; do
option=$1
case $option in
-*)
option=${option#-}
[ -z "$option" ] && usage 1
while [ -n "$option" ]; do
case $option in
v*)
VERBOSE=$(($VERBOSE + 1 ))
option=${option#v}
;;
q*)
VERBOSE=$(($VERBOSE - 1 ))
option=${option#q}
;;
n*)
NOROUTES=Yes
option=${option#n}
;;
*)
usage 1
;;
esac
done
shift
;;
*)
finished=1
;;
esac
done
COMMAND="$1"
[ -n "${PRODUCT:=Shorewall}" ]
case "$COMMAND" in
start)
[ $# -ne 1 ] && usage 2
if shorewall_is_started; then
error_message "$PRODUCT is already Running"
status=0
else
progress_message3 "Starting $PRODUCT...."
define_firewall
status=$?
if [ $status -eq 0 ]; then
[ -n "$PURGE" ] && conntrack -F
[ -n "$SUBSYSLOCK" ] && touch $SUBSYSLOCK
fi
progress_message3 "done."
fi
;;
stop)
[ $# -ne 1 ] && usage 2
progress_message3 "Stopping $PRODUCT...."
stop_firewall
status=0
[ -n "$SUBSYSLOCK" ] && rm -f $SUBSYSLOCK
progress_message3 "done."
;;
reset)
if ! shorewall_is_started ; then
error_message "$PRODUCT is not running"
status=2
elif [ $# -eq 1 ]; then
$IPTABLES -Z
$IPTABLES -t nat -Z
$IPTABLES -t mangle -Z
date > ${VARDIR}/restarted
status=0
progress_message3 "$PRODUCT Counters Reset"
else
status=0
for chain in $@; do
if chain_exists $chain; then
if qt $IPTABLES -Z $chain; then
progress_message3 "Filter table $chain Counters Reset"
else
error_message "ERROR: Reset of chain $chain failed"
status=2
break
fi
else
error_message "WARNING: Filter Chain $chain does not exist"
fi
done
fi
;;
restart)
[ $# -ne 1 ] && usage 2
if shorewall_is_started; then
progress_message3 "Restarting $PRODUCT...."
else
error_message "$PRODUCT is not running"
progress_message3 "Starting $PRODUCT...."
fi
define_firewall
status=$?
if [ $status -eq 0 ]; then
[ -n "$PURGE" ] && conntrack -F
[ -n "$SUBSYSLOCK" ] && touch $SUBSYSLOCK
else
[ -n "$SUBSYSLOCK" ] && rm -f $SUBSYSLOCK
fi
progress_message3 "done."
;;
refresh)
[ $# -ne 1 ] && usage 2
if shorewall_is_started; then
progress_message3 "Refreshing $PRODUCT...."
refresh_firewall
status=$?
progress_message3 "done."
else
echo "$PRODUCT is not running" >&2
status=2
fi
;;
restore)
[ $# -ne 1 ] && usage 2
restore_firewall
status=$?
if [ -n "$SUBSYSLOCK" ]; then
[ $status -eq 0 ] && touch $SUBSYSLOCK || rm -f $SUBSYSLOCK
fi
;;
clear)
[ $# -ne 1 ] && usage 2
progress_message3 "Clearing $PRODUCT...."
clear_firewall
status=0
[ -n "$SUBSYSLOCK" ] && rm -f $SUBSYSLOCK
progress_message3 "done."
;;
status)
[ $# -ne 1 ] && usage 2
echo "$PRODUCT-$VERSION Status at $HOSTNAME - $(date)"
echo
if shorewall_is_started; then
echo "$PRODUCT is running"
status=0
else
echo "$PRODUCT is stopped"
status=4
fi
if [ -f ${VARDIR}/state ]; then
state="$(cat ${VARDIR}/state)"
case $state in
Stopped*|Clear*)
status=3
;;
esac
else
state=Unknown
fi
echo "State:$state"
echo
;;
version)
[ $# -ne 1 ] && usage 2
echo $VERSION
status=0
;;
help)
[ $# -ne 1 ] && usage 2
usage 0
;;
*)
usage 2
;;
esac
exit $status