"Fossies" - the Fresh Open Source Software Archive

Member "shorewall-init-5.2.8/init.debian.sh" (24 Sep 2020, 4359 Bytes) of package /linux/misc/shorewall/shorewall-init-5.2.8.tar.bz2:


As a special service "Fossies" has tried to format the requested source page into HTML format using (guessed) Bash source code syntax highlighting (style: standard) with prefixed line numbers and code folding option. Alternatively you can here view or download the uninterpreted source code file. See also the last Fossies "Diffs" side-by-side code changes report for "init.debian.sh": 5.2.3.6_vs_5.2.6.

    1 #!/bin/sh
    2 #
    3 #     The Shoreline Firewall (Shorewall) Packet Filtering Firewall - V5.2
    4 #
    5 #     This program is under GPL [http://www.gnu.org/licenses/old-licenses/gpl-2.0.txt]
    6 #
    7 #     (c) 2010,2012 - Tom Eastep (teastep@shorewall.net)
    8 #
    9 #       On most distributions, this file should be called /etc/init.d/shorewall.
   10 #
   11 #       Complete documentation is available at https://shorewall.org
   12 #
   13 #       This program is free software; you can redistribute it and/or modify
   14 #       it under the terms of Version 2 of the GNU General Public License
   15 #       as published by the Free Software Foundation.
   16 #
   17 #       This program is distributed in the hope that it will be useful,
   18 #       but WITHOUT ANY WARRANTY; without even the implied warranty of
   19 #       MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
   20 #       GNU General Public License for more details.
   21 #
   22 #       You should have received a copy of the GNU General Public License
   23 #       along with this program; if not, write to the Free Software
   24 #       Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
   25 #
   26 ### BEGIN INIT INFO
   27 # Provides:          shorewall-init
   28 # Required-Start:    $local_fs
   29 # X-Start-Before:    $network
   30 # Required-Stop:     $local_fs
   31 # X-Stop-After:      $network
   32 # Default-Start:     S
   33 # Default-Stop:      0 1 6
   34 # Short-Description: Initialize the firewall at boot time
   35 # Description:       Place the firewall in a safe state at boot time prior to
   36 #                    bringing up the network
   37 ### END INIT INFO
   38 
   39 . /lib/lsb/init-functions
   40 
   41 export VERBOSITY=0
   42 
   43 if [ "$(id -u)" != "0" ]
   44 then
   45   echo "You must be root to start, stop or restart \"Shorewall \"."
   46   exit 1
   47 fi
   48 
   49 echo_notdone () {
   50   echo "not done."
   51   exit 1
   52 }
   53 
   54 not_configured () {
   55     echo "#### WARNING ####"
   56     echo "the firewall won't be initialized unless it is configured"
   57     if [ "$1" != "stop" ]
   58     then
   59     echo ""
   60     echo "Please read about Debian specific customization in"
   61     echo "/usr/share/doc/shorewall-init/README.Debian.gz."
   62     fi
   63     echo "#################"
   64     exit 0
   65 }
   66 
   67 # set the STATEDIR variable
   68 setstatedir() {
   69     local statedir
   70     if [ -f ${CONFDIR}/${PRODUCT}/vardir ]; then
   71     statedir=$( . /${CONFDIR}/${PRODUCT}/vardir && echo $VARDIR )
   72     fi
   73 
   74     [ -n "$statedir" ] && STATEDIR=${statedir} || STATEDIR=${VARLIB}/${PRODUCT}
   75 
   76     if [ -x ${STATEDIR}/firewall ]; then
   77         return 0
   78     else
   79         if [ $PRODUCT = shorewall ]; then
   80             ${SBINDIR}/shorewall compile
   81         elif [ $PRODUCT = shorewall6 ]; then
   82             ${SBINDIR}/shorewall -6 compile
   83         else
   84             return 1
   85         fi
   86     fi
   87 }
   88 
   89 #
   90 # The installer may alter this
   91 #
   92 . /usr/share/shorewall/shorewallrc
   93 
   94 # check if shorewall-init is configured or not
   95 if [ -f "$SYSCONFDIR/shorewall-init" ]
   96 then
   97     . $SYSCONFDIR/shorewall-init
   98     if [ -z "$PRODUCTS" ]
   99     then
  100     not_configured
  101     fi
  102 else
  103     not_configured
  104 fi
  105 
  106 # Initialize the firewall
  107 shorewall_start () {
  108   local PRODUCT
  109   local STATEDIR
  110 
  111   printf "Initializing \"Shorewall-based firewalls\": "
  112 
  113   for PRODUCT in $PRODUCTS; do
  114       if setstatedir; then
  115           #
  116       # Run in a sub-shell to avoid name collisions
  117       #
  118       (
  119           if ! ${STATEDIR}/firewall status > /dev/null 2>&1; then
  120           ${STATEDIR}/firewall ${OPTIONS} stop
  121           fi
  122       )
  123       fi
  124   done
  125 
  126   echo "done."
  127 
  128   if [ -n "$SAVE_IPSETS" -a -f "$SAVE_IPSETS" ]; then
  129 
  130       printf "Restoring ipsets: "
  131 
  132       if ! ipset -R < "$SAVE_IPSETS"; then
  133       echo_notdone
  134       fi
  135 
  136       echo "done."
  137   fi
  138 
  139   return 0
  140 }
  141 
  142 # Clear the firewall
  143 shorewall_stop () {
  144   local PRODUCT
  145   local STATEDIR
  146 
  147   printf "Clearing \"Shorewall-based firewalls\": "
  148   for PRODUCT in $PRODUCTS; do
  149       if setstatedir; then
  150       ${STATEDIR}/firewall ${OPTIONS} clear
  151       fi
  152   done
  153 
  154   echo "done."
  155 
  156   if [ -n "$SAVE_IPSETS" ]; then
  157 
  158       echo "Saving ipsets: "
  159 
  160       mkdir -p $(dirname "$SAVE_IPSETS")
  161       if ipset -S > "${SAVE_IPSETS}.tmp"; then
  162       grep -qE -- '^(-N|create )' "${SAVE_IPSETS}.tmp" && mv -f "${SAVE_IPSETS}.tmp" "$SAVE_IPSETS" || rm -f "${SAVE_IPSETS}.tmp"
  163       else
  164       rm -f "${SAVE_IPSETS}.tmp"
  165       echo_notdone
  166       fi
  167 
  168       echo "done."
  169   fi
  170 
  171   return 0
  172 }
  173 
  174 case "$1" in
  175   start)
  176      shorewall_start
  177      ;;
  178   stop)
  179      shorewall_stop
  180      ;;
  181   reload|force-reload)
  182      ;;
  183   *)
  184      echo "Usage: $0 {start|stop|reload|force-reload}"
  185      exit 1
  186 esac
  187 
  188 exit 0