"Fossies" - the Fresh Open Source Software Archive

Member "shorewall-init-5.2.3.3/init.alt.sh" (12 Apr 2019, 3035 Bytes) of package /linux/misc/shorewall/shorewall-init-5.2.3.3.tgz:


As a special service "Fossies" has tried to format the requested source page into HTML format using (guessed) Bash source code syntax highlighting (style: standard) with prefixed line numbers. Alternatively you can here view or download the uninterpreted source code file.

    1 #!/bin/sh
    2 #
    3 # Shorewall init script
    4 #
    5 # chkconfig: - 09 91
    6 # description: Initialize the shorewall firewall at boot time
    7 #
    8 ### BEGIN INIT INFO
    9 # Provides: shorewall-init
   10 # Required-Start: $local_fs
   11 # Required-Stop: $local_fs
   12 # Default-Start: 3 4 5
   13 # Default-Stop:  0 1 2 6
   14 # Short-Description: Initialize the shorewall firewall at boot time
   15 # Description:       Place the firewall in a safe state at boot time
   16 #                    prior to bringing up the network.
   17 ### END INIT INFO
   18 
   19 # Do not load RH compatibility interface.
   20 WITHOUT_RC_COMPAT=1
   21 
   22 # Source function library.
   23 . /etc/init.d/functions
   24 
   25 #
   26 # The installer may alter this
   27 #
   28 . /usr/share/shorewall/shorewallrc
   29 NAME="Shorewall-init firewall"
   30 PROG="shorewall-init"
   31 SHOREWALL="$SBINDIR/$PROG"
   32 LOGGER="logger -i -t $PROG"
   33 
   34 # Get startup options (override default)
   35 OPTIONS=
   36 
   37 LOCKFILE=/var/lock/subsys/shorewall-init
   38 
   39 # check if shorewall-init is configured or not
   40 if [ -f "/etc/sysconfig/shorewall-init" ]; then
   41     . /etc/sysconfig/shorewall-init
   42     if [ -z "$PRODUCTS" ]; then
   43         echo "No PRODUCTS configured"
   44         exit 6
   45     fi
   46 else
   47     echo "/etc/sysconfig/shorewall-init not found"
   48     exit 6
   49 fi
   50 
   51 RETVAL=0
   52 
   53 # set the STATEDIR variable
   54 setstatedir() {
   55     local statedir
   56     if [ -f ${CONFDIR}/${PRODUCT}/vardir ]; then
   57         statedir=$( . /${CONFDIR}/${PRODUCT}/vardir && echo $VARDIR )
   58     fi
   59 
   60     [ -n "$statedir" ] && STATEDIR=${statedir} || STATEDIR=${VARLIB}/${PRODUCT}
   61 
   62     if [ -x ${STATEDIR}/firewall ]; then
   63         return 0
   64     elif [ $PRODUCT = shorewall ]; then
   65         ${SBINDIR}/shorewall compile
   66     elif [ $PRODUCT = shorewall6 ]; then
   67         ${SBINDIR}/shorewall -6 compile
   68     else
   69         return 1
   70     fi
   71 }
   72 
   73 start() {
   74     local PRODUCT
   75     local STATEDIR
   76 
   77     printf "Initializing \"Shorewall-based firewalls\": "
   78 
   79     for PRODUCT in $PRODUCTS; do
   80         if setstatedir; then
   81             $STATEDIR/$PRODUCT/firewall ${OPTIONS} stop 2>&1 | "$LOGGER"
   82             RETVAL=$?
   83         else
   84             RETVAL=6
   85             break
   86         fi
   87     done
   88 
   89     if [ -n "$SAVE_IPSETS" -a -f "$SAVE_IPSETS" ]; then
   90         ipset -R < "$SAVE_IPSETS"
   91     fi
   92 
   93     [ $RETVAL -eq 0 ] && touch "$LOCKFILE"
   94     return $RETVAL
   95 }
   96 
   97 stop() {
   98     local PRODUCT
   99     local STATEDIR
  100 
  101     printf "Clearing \"Shorewall-based firewalls\": "
  102     for PRODUCT in $PRODUCTS; do
  103         if setstatedir; then
  104             ${STATEDIR}/firewall ${OPTIONS} clear 2>&1 | "$LOGGER"
  105             RETVAL=$?
  106         else
  107             RETVAL=6
  108             break
  109         fi
  110     done
  111 
  112     if [ -n "$SAVE_IPSETS" ]; then
  113         mkdir -p $(dirname "$SAVE_IPSETS")
  114         if ipset -S > "${SAVE_IPSETS}.tmp"; then
  115             grep -qE -- '^(-N|create )' "${SAVE_IPSETS}.tmp" && mv -f "${SAVE_IPSETS}.tmp" "$SAVE_IPSETS" || rm -f "${SAVE_IPSETS}.tmp"
  116         else
  117             rm -f "${SAVE_IPSETS}.tmp"
  118         fi
  119     fi
  120 
  121     [ $RETVAL -eq 0 ] && rm -f "$LOCKFILE"
  122     return $RETVAL
  123 }
  124 
  125 # See how we were called.
  126 case "$1" in
  127     start)
  128         start
  129         ;;
  130     stop)
  131         stop
  132         ;;
  133     restart|reload|condrestart|condreload)
  134         # "Not implemented"
  135         ;;
  136     condstop)
  137         if [ -e "$LOCKFILE" ]; then
  138         stop
  139         fi
  140         ;;
  141     status)
  142         status "$PROG"
  143          RETVAL=$?
  144         ;;
  145     *)
  146         echo $"Usage: ${0##*/}  {start|stop|restart|reload|condrestart|condstop|status}"
  147         RETVAL=1
  148 esac
  149 
  150 exit $RETVAL