Re: [Leaf-devel] Shorewall on Eigerstein2Beta not working

Mon, 09 Apr 2001 15:46:13 -0700 

Thus spoke Ewald Wasscher:

> Hello Tom and others,
>
> I've been testing the new shorewall-1.1.1.lrp package on Eigerstein2beta
> today and have run into a few problems:
>
> First there seems to be an extra space in the line for
> /etc/shorewall/policy in /var/lib/lrpkg/shorewal.conf. When I tried to
> edit /etc/shorewall/policy through the lrcfg menus ae would try to load
> "/etc/shorewall/policy ". Note there is an extra space after "policy".
> This is easily fixed.
>
> Second problem is that the /etc/shorewall/firewall script seems to enter
> an infinite loop. After displaying "Determining Zones" it doesn't show
> anymore progress.
>
> A trace (or how should I call it?) is attached.
>

Hmmm -- This is probably because of how "grep" is defined on LRP. Please
try it with the attached /etc/shorewall/functions file.

Thanks,
-Tom
-- 
Tom Eastep             \ Alt Email: [EMAIL PROTECTED]
ICQ #60745924           \ Websites: http://seawall.sourceforge.net
[EMAIL PROTECTED]       \          http://seattlefirewall.dyndns.org
Shoreline, Washington USA \         http://shorewall.sourceforge.net
                           \_________________________________________

#
# Shorewall 1.1 -- /etc/shorewall/functions

#
# Suppress all output for a command
#    
qt()  
{ 
    "$@" >/dev/null 2>&1
}
#
# Poor Man's grep -- Some LRP systems have a grep that simply searches for
#                    strings rather than regular expressions. When we are
#                    really looking for regular expressions, we use this one
#
mygrep () 
{
    local pat
    pat="$1"
    shift
    sed "\'$pat'P" -n "$@"
}
#
# Find the zones
#
find_zones() 
{
    while read zone display comments; do
        [ -n "$zone" ] && case "$zone" in
            \#*)
                ;;
            *)
                echo $zone
                ;;
        esac
    done < /etc/shorewall/zones
}

find_display() # $1 = zone
{
    mygrep ^$1 /etc/shorewall/zones | while read z display comments; do
        [ "x$1" = "x$z" ] && echo $display
    done
}

determine_zones() 
{
    if [ -f /etc/shorewall/zones ]; then
        zones=`find_zones`
        zones=`echo $zones` # Remove extra trash
        zonepattern="^$zones"

        while echo "$zonepattern" | qt mygrep \' \'; do
            zonepattern="`echo "$zonepattern" | sed 's/ /\\\|^/'`"
        done

        for zone in $zones; do
            dsply=`find_display $zone`
            eval ${zone}_display=\$dsply
        done
    else
        zones="net local dmz gw"
        zonepattern="^net\|^local\|^dmz\|^gw"
        net_display=Net
        local_display=Local
        dmz_display=DMZ
        gw_display=Gateway
    fi
}

Reply via email to