"Fossies" - the Fresh Open Source Software Archive

Member "shorewall-init-5.2.8/init.sh" (24 Sep 2020, 3537 Bytes) of package /linux/misc/shorewall/shorewall-init-5.2.8.tar.bz2:


As a special service "Fossies" has tried to format the requested source page into HTML format using (guessed) Bash source code syntax highlighting (style: standard) with prefixed line numbers and code folding option. Alternatively you can here view or download the uninterpreted source code file.

    1 #! /bin/bash
    2 #     The Shoreline Firewall (Shorewall) Packet Filtering Firewall - V5.2
    3 #
    4 #     (c) 2010,2012-2014 - Tom Eastep (teastep@shorewall.net)
    5 #
    6 #       On most distributions, this file should be called /etc/init.d/shorewall.
    7 #
    8 #       This program is part of Shorewall.
    9 #
   10 #   This program is free software; you can redistribute it and/or modify
   11 #   it under the terms of the GNU General Public License as published by the
   12 #       Free Software Foundation, either version 2 of the license or, at your
   13 #       option, any later version.
   14 #
   15 #   This program is distributed in the hope that it will be useful,
   16 #   but WITHOUT ANY WARRANTY; without even the implied warranty of
   17 #   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
   18 #   GNU General Public License for more details.
   19 #
   20 #   You should have received a copy of the GNU General Public License
   21 #   along with this program; if not, see <http://www.gnu.org/licenses/>.
   22 #
   23 #       You should have received a copy of the GNU General Public License
   24 #       along with this program; if not, write to the Free Software
   25 #       Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
   26 #
   27 # chkconfig: - 09 91
   28 #
   29 ### BEGIN INIT INFO
   30 # Provides: shorewall-init
   31 # Required-start: $local_fs
   32 # Required-stop:  $local_fs
   33 # Default-Start:  2 3 5
   34 # Default-Stop:   6
   35 # Short-Description: Initialize the firewall at boot time
   36 # Description:       Place the firewall in a safe state at boot time
   37 #                    prior to bringing up the network.  
   38 ### END INIT INFO
   39 
   40 if [ "$(id -u)" != "0" ]
   41 then
   42   echo "You must be root to start, stop or restart \"Shorewall \"."
   43   exit 1
   44 fi
   45 
   46 # check if shorewall-init is configured or not
   47 if [ -f "/etc/sysconfig/shorewall-init" ]
   48 then
   49     . /etc/sysconfig/shorewall-init
   50     if [ -z "$PRODUCTS" ]
   51     then
   52         exit 0
   53     fi
   54 else
   55     exit 0
   56 fi
   57 
   58 #
   59 # The installer may alter this
   60 #
   61 . /usr/share/shorewall/shorewallrc
   62 
   63 # Locate the current PRODUCT's statedir
   64 setstatedir() {
   65     local statedir
   66     if [ -f ${CONFDIR}/${PRODUCT}/vardir ]; then
   67     statedir=$( . /${CONFDIR}/${PRODUCT}/vardir && echo $VARDIR )
   68     fi
   69 
   70     [ -n "$statedir" ] && STATEDIR=${statedir} || STATEDIR=${VARLIB}/${PRODUCT}
   71 
   72     if [ -x ${STATEDIR}/firewall ]; then
   73     return 0
   74     elif [ $PRODUCT = shorewall -o $PRODUCT = shorewall6 ]; then
   75     ${SBINDIR}/$PRODUCT ${OPTIONS} compile $STATEDIR/firewall
   76     else
   77     return 1
   78     fi
   79 }
   80 
   81 # Initialize the firewall
   82 shorewall_start () {
   83   local PRODUCT
   84   local STATEDIR
   85 
   86   printf "Initializing \"Shorewall-based firewalls\": "
   87   for PRODUCT in $PRODUCTS; do
   88       if setstatedir; then
   89       if ! ${SBIN}/$PRODUCT status > /dev/null 2>&1; then
   90           ${STATEDIR}/firewall ${OPTIONS} stop
   91       fi
   92       fi
   93   done
   94 
   95   if [ -n "$SAVE_IPSETS" -a -f "$SAVE_IPSETS" ]; then
   96       ipset -R < "$SAVE_IPSETS"
   97   fi
   98 
   99   return 0
  100 }
  101 
  102 # Clear the firewall
  103 shorewall_stop () {
  104   local PRODUCT
  105   local STATEDIR
  106 
  107   printf "Clearing \"Shorewall-based firewalls\": "
  108   for PRODUCT in $PRODUCTS; do
  109       if setstatedir; then
  110       ${STATEDIR}/firewall ${OPTIONS} clear
  111       fi
  112   done
  113 
  114   if [ -n "$SAVE_IPSETS" ]; then
  115       mkdir -p $(dirname "$SAVE_IPSETS")
  116       if ipset -S > "${SAVE_IPSETS}.tmp"; then
  117       grep -qE -- '^(-N|create )' "${SAVE_IPSETS}.tmp" && mv -f "${SAVE_IPSETS}.tmp" "$SAVE_IPSETS" || rm -f "${SAVE_IPSETS}.tmp"
  118       else
  119       rm -f "${SAVE_IPSETS}.tmp"
  120       fi
  121   fi
  122 
  123   return 0
  124 }
  125 
  126 case "$1" in
  127   start)
  128      shorewall_start
  129      ;;
  130   stop)
  131      shorewall_stop
  132      ;;
  133   *)
  134      echo "Usage: /etc/init.d/shorewall-init {start|stop}"
  135      exit 1
  136 esac
  137 
  138 exit 0