Re: [leaf-devel] Fwd: Re: Bering-uClibc4: shore wall startup error on boot - further details

Wed, 27 Oct 2010 13:47:29 -0700 

Am Mittwoch, 27. Oktober 2010, 22:15:51 schrieb Tom Eastep:
> -------- Original Message --------
> Subject: Re: [leaf-devel] Bering-uClibc4: shorewall startup error on
> boot -        further details
> Date: Wed, 27 Oct 2010 13:06:12 -0700
> From: Tom Eastep <teas...@shorewall.net>
> To: davidMbrooke <dmb.leaf-de...@ntlworld.com>
> 
> On 10/25/10 1:39 PM, davidMbrooke wrote:
> > Hi,
> > 
> > While waiting for a full rebuild with the new GCC I am looking at my
> > Shorewall startup problem.
> > I added "set -x" to /sbin/shorewall and I can see the cause of the error
> > 
> > messages:
> >     + run_it /var/lib/shorewall/.start start
> >     + local script
> >     + local options
> >     + local version
> >     + export VARDIR
> >     + script=/var/lib/shorewall/.start
> >     + shift
> >     + get_script_version /var/lib/shorewall/.start
> >     + local temp
> >     + local version
> >     + local ifs
> >     + local digits
> >     + /bin/sh /var/lib/shorewall/.start version
> >     + sed s/-.*//
> >     + temp=Processing /etc/shorewall/params ...
> >     4.4.13.1
> >     + [ 0 -ne 0 ]
> >     + ifs=
> >     
> >     + IFS=.
> >     + echo Processing /etc/shorewall/params ...
> >     4 4 13 1
> >     + temp=Processing /etc/shorewall/params ...
> >     4 4 13 1
> >     + IFS=
> >     
> >     + digits=0
> >     + printf %02d Processing
> >     sh: Processing: invalid number
> > 
> > etc.
> > 
> > The corresponding code (from /var/lib/shorewall/.start) is:
> >     #
> >     # Get the Shorewall version of the passed script
> >     #
> >     get_script_version() { # $1 = script
> >     
> >         local temp
> >         local version
> >         local ifs
> >         local digits
> >         
> >         temp=$( $SHOREWALL_SHELL $1 version | sed 's/-.*//' )
> >         
> >         if [ $? -ne 0 ]; then
> >         
> >             version=0
> >         
> >         else
> >         
> >             ifs=$IFS
> >             IFS=.
> >             temp=$(echo $temp)
> >             IFS=$ifs
> >             digits=0
> >             
> >             for temp in $temp; do
> >             
> >                 version=${version}$(printf '%02d' $temp)
> > 
> > In summary, the output from "/var/lib/shorewall/.start version" is being
> > seen as "Processing /etc/shorewall/params ...<CR>4.4.13.1" rather than
> > simply "4.4.13.1". The "Processing ..." message is being generated by
> > function progress_message2() in /var/lib/shorewall/.start
> 
> Is /etc/init.d/shorewall exporting the VERBOSITY variable?
> 
> > A possibly related problem is the contents of /var/log/shorewall.log:
> >     Oct 25 19:23:42 Compiling iptables-restore input for chain
> > 
> > mangle:...
> > 
> >     Oct 25 19:23:42 Shorewall configuration compiled
> > 
> > to /var/lib/shorewall/.start
> > 
> >     Oct %_d 19:23:42 Processing /etc/shorewall/params ...
> >     Oct %_d 19:23:42 Processing /etc/shorewall/params ...
> > 
> > Note the "%_d". Perhaps it is a coincidence that
> > "Processing /etc/shorewall/params ..." is in both messages?
> 
> That's a bug that is fixed in the 4.4.14 Betas and RC1.
> 
> -Tom

Tom;

I attach the /etc/init.d/shorewall that worked over the years; maybe something 
has changed with the 4.4 series which raises the error. Can you please have a 
look at it?

thx kp

#!/bin/sh

RCDLINKS="2,S19 3,S19 4,S19 5,S19 0,K91 6,K91"
SRWL=/sbin/shorewall

WAIT_FOR_IFUP=/usr/share/shorewall/wait4ifup

# parse the shorewall params file in order to use params in                     
                                          
# /etc/default/shorewall

if [ -f "/etc/default/shorewall" ]
then
        . /etc/default/shorewall
fi

[ "$INITLOG" = "/dev/null" ] && SHOREWALL_INIT_SCRIPT=1 || 
SHOREWALL_INIT_SCRIPT=0

export SHOREWALL_INIT_SCRIPT

# wait for an unconfigured interface
wait_for_pppd () {
        if [ "$wait_interface" != "" ]
        then
                if [ -f $WAIT_FOR_IFUP ]
                then    
                        for i in $wait_interface
                        do
                                $WAIT_FOR_IFUP $i 90
                        done
                else
                        echo "$WAIT_FOR_IFUP: File not found"
                        exit 2
                fi              
        fi
}

# start the firewall
shorewall_start () {
  echo -n "Starting \"Shorewall firewall\": "
  wait_for_pppd
  $SRWL $SRWL_OPTIONS start 2>&1 && echo "done."
  return 0
}

# stop the firewall
shorewall_stop () {
  echo -n "Stopping \"Shorewall firewall\": "
  if [ "$SAFESTOP" = 1 ]; then
      $SRWL $SRWL_OPTIONS stop 2>&1 && echo "done."
  else
      $SRWL $SRWL_OPTIONS clear 2>&1 && echo "done."
  fi
  return 0
}

# restart the firewall
shorewall_restart () {
  echo -n "Restarting \"Shorewall firewall\": "
  $SRWL $SRWL_OPTIONS restart 2>&1 && echo "done."
  return 0
}

# refresh the firewall
shorewall_refresh () {
  echo -n "Refreshing \"Shorewall firewall\": "
  $SRWL $SRWL_OPTIONS refresh 2>&1 && echo "done."
  return 0
}

case "$1" in
  start)
     shorewall_start
     ;;
  stop)
     shorewall_stop
     ;;
  refresh)
     shorewall_refresh
     ;;
  force-reload|restart)
     shorewall_restart
     ;;
  *)
     echo "Usage: /etc/init.d/shorewall {start|stop|refresh|restart|force-
reload}"
     exit 1
esac

exit 0

------------------------------------------------------------------------------
Nokia and AT&T present the 2010 Calling All Innovators-North America contest
Create new apps & games for the Nokia N8 for consumers in  U.S. and Canada
$10 million total in prizes - $4M cash, 500 devices, nearly $6M in marketing
Develop with Nokia Qt SDK, Web Runtime, or Java and Publish to Ovi Store 
http://p.sf.net/sfu/nokia-dev2dev

_______________________________________________
leaf-devel mailing list
leaf-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/leaf-devel

Reply via email to