"Fossies" - the Fresh Open Source Software Archive

Member "shorewall-init-5.2.3.3/init.fedora.sh" (12 Apr 2019, 3301 Bytes) of package /linux/misc/shorewall/shorewall-init-5.2.3.3.tgz:


As a special service "Fossies" has tried to format the requested source page into HTML format using (guessed) Bash source code syntax highlighting (style: standard) with prefixed line numbers. Alternatively you can here view or download the uninterpreted source code file.

    1 #! /bin/bash
    2 #
    3 # chkconfig: - 09 91
    4 # description: Initialize the shorewall firewall at boot time
    5 #
    6 ### BEGIN INIT INFO
    7 # Provides: shorewall-init
    8 # Required-Start: $local_fs
    9 # Required-Stop:  $local_fs
   10 # Default-Start:
   11 # Default-Stop:   0 1 2 3 4 5 6
   12 # Short-Description: Initialize the shorewall firewall at boot time
   13 # Description:       Place the firewall in a safe state at boot time
   14 #                    prior to bringing up the network.  
   15 ### END INIT INFO
   16 #determine where the files were installed
   17 
   18 . /usr/share/shorewall/shorewallrc
   19 
   20 prog="shorewall-init"
   21 logger="logger -i -t $prog"
   22 lockfile="/var/lock/subsys/shorewall-init"
   23 
   24 # Source function library.
   25 . /etc/rc.d/init.d/functions
   26 
   27 # Get startup options (override default)
   28 OPTIONS=
   29 
   30 # check if shorewall-init is configured or not
   31 if [ -f "/etc/sysconfig/shorewall-init" ]; then
   32     . /etc/sysconfig/shorewall-init
   33 else
   34     echo "/etc/sysconfig/shorewall-init not found"
   35     exit 6
   36 fi
   37 
   38 # set the STATEDIR variable
   39 setstatedir() {
   40     local statedir
   41     if [ -f ${CONFDIR}/${PRODUCT}/vardir ]; then
   42     statedir=$( . /${CONFDIR}/${PRODUCT}/vardir && echo $VARDIR )
   43     fi
   44 
   45     [ -n "$statedir" ] && STATEDIR=${statedir} || STATEDIR=${VARLIB}/${PRODUCT}
   46 
   47     if [ -x ${STATEDIR}/firewall ]; then
   48     return 0
   49     elif [ $PRODUCT = shorewall ]; then
   50     ${SBINDIR}/shorewall compile
   51     elif [ $PRODUCT = shorewall6 ]; then
   52     ${SBINDIR}/shorewall -6 compile
   53     else
   54     return 1
   55     fi
   56 }
   57 
   58 # Initialize the firewall
   59 start () {
   60     local PRODUCT
   61     local STATEDIR
   62 
   63     if [ -z "$PRODUCTS" ]; then
   64     echo "No firewalls configured for shorewall-init"
   65     failure
   66     return 6 #Not configured
   67     fi
   68 
   69     printf "Initializing \"Shorewall-based firewalls\": "
   70 
   71     if [ -n "$SAVE_IPSETS" -a -f "$SAVE_IPSETS" ]; then
   72     ipset -R < "$SAVE_IPSETS"
   73     fi
   74 
   75     for PRODUCT in $PRODUCTS; do
   76     setstatedir
   77     retval=$?
   78 
   79     if [ $retval -eq 0 ]; then
   80         ${STATEDIR}/firewall ${OPTIONS} stop 2>&1 | $logger
   81         retval=${PIPESTATUS[0]}
   82         [ $retval -ne 0 ] && break
   83     else
   84         retval=6 #Product not configured
   85         break
   86     fi
   87     done
   88 
   89     if [ $retval -eq 0 ]; then
   90     touch $lockfile 
   91     success
   92     else
   93     failure
   94     fi
   95     echo
   96     return $retval
   97 }
   98 
   99 # Clear the firewall
  100 stop () {
  101     local PRODUCT
  102     local STATEDIR
  103 
  104     printf "Clearing \"Shorewall-based firewalls\": "
  105 
  106     for PRODUCT in $PRODUCTS; do
  107     setstatedir
  108     retval=$?
  109 
  110     if [ $retval -eq 0 ]; then
  111         ${STATEDIR}/firewall ${OPTIONS} clear 2>&1 | $logger
  112         retval=${PIPESTATUS[0]}
  113         [ $retval -ne 0 ] && break
  114     else
  115         retval=6 #Product not configured
  116         break
  117     fi
  118     done
  119 
  120     if [ $retval -eq 0 ]; then
  121     if [ -n "$SAVE_IPSETS" ]; then
  122         mkdir -p $(dirname "$SAVE_IPSETS")
  123         if ipset -S > "${SAVE_IPSETS}.tmp"; then
  124         grep -qE -- '^(-N|create )' "${SAVE_IPSETS}.tmp" && mv -f "${SAVE_IPSETS}.tmp" "$SAVE_IPSETS" || rm -f "${SAVE_IPSETS}.tmp"
  125         else
  126         rm -f "${SAVE_IPSETS}.tmp"
  127         fi
  128     fi
  129 
  130     rm -f $lockfile
  131     success
  132     else
  133     failure
  134     fi
  135     echo
  136     return $retval
  137 }
  138 
  139 status_q() {
  140     status > /dev/null 2>&1
  141 }
  142 
  143 case "$1" in
  144     start)
  145     status_q && exit 0
  146     $1
  147     ;;
  148     stop)
  149     status_q || exit 0
  150     $1
  151     ;;
  152     restart|reload|force-reload|condrestart|try-restart)
  153     echo "Not implemented"
  154     exit 3
  155     ;;
  156     status)
  157     status $prog
  158     ;;
  159   *)
  160     echo "Usage: $0 {start|stop|status}"
  161     exit 1
  162 esac
  163 
  164 exit 0