Hi Tom,
I have been patching shorewall packages for the opensuse releases, but I
guess it is better to send them to you . the upstream so it gets
incorporated into shorewall itself and I do not have to patch it ;)
I believe I have incorparted most of my patches in to this one. If you
can review them and if appropriate apply them that would be great
Thanks
Togan
>From 6072c08de753e7d1cc31bb758295dee198197e41 Mon Sep 17 00:00:00 2001
From: Togan Muftuoglu <[email protected]>
Date: Fri, 24 Aug 2012 13:17:12 +0200
Subject: [PATCH] suse-specific
Signed-off-by: Togan Muftuoglu <[email protected]>
---
Shorewall-core/shorewallrc.suse | 2 +-
Shorewall-init/init.suse.sh | 115 ++++++++++++++++++++++++++++++++++++++++
Shorewall-lite/init.suse.sh | 92 ++++++++++++++++++++++++++++++++
Shorewall-lite/install.sh | 5 +-
Shorewall/init.suse.sh | 93 ++++++++++++++++++++++++++++++++
Shorewall6-lite/init.suse.sh | 87 ++++++++++++++++++++++++++++++
Shorewall6/init.suse.sh | 89 +++++++++++++++++++++++++++++++
7 files changed, 481 insertions(+), 2 deletions(-)
create mode 100755 Shorewall-init/init.suse.sh
create mode 100755 Shorewall-lite/init.suse.sh
create mode 100755 Shorewall/init.suse.sh
create mode 100644 Shorewall6-lite/init.suse.sh
create mode 100755 Shorewall6/init.suse.sh
diff --git a/Shorewall-core/shorewallrc.suse b/Shorewall-core/shorewallrc.suse
index 6f2e44d..f1ec6ca 100644
--- a/Shorewall-core/shorewallrc.suse
+++ b/Shorewall-core/shorewallrc.suse
@@ -12,7 +12,7 @@ SBINDIR=/sbin #Directory where system ad
MANDIR=${SHAREDIR}/man/ #Directory where manpages are installed.
INITDIR=/etc/init.d #Directory where SysV init scripts are installed.
INITFILE=$PRODUCT #Name of the product's SysV init script
-INITSOURCE=init.sh #Name of the distributed file to be installed as the SysV init script
+INITSOURCE=init.suse.sh #Name of the distributed file to be installed as the SysV init script
ANNOTATED= #If non-zero, annotated configuration files are installed
SYSTEMD= #Directory where .service files are installed (systems running systemd only)
SYSCONFFILE= #Name of the distributed file to be installed in $SYSCONFDIR
diff --git a/Shorewall-init/init.suse.sh b/Shorewall-init/init.suse.sh
new file mode 100755
index 0000000..0afa523
--- /dev/null
+++ b/Shorewall-init/init.suse.sh
@@ -0,0 +1,115 @@
+#! /bin/bash
+# The Shoreline Firewall (Shorewall) Packet Filtering Firewall - V4.5
+#
+# This program is under GPL [http://www.gnu.org/licenses/old-licenses/gpl-2.0.txt]
+#
+# (c) 2010,2012 - Tom Eastep ([email protected])
+#
+# On most distributions, this file should be called /etc/init.d/shorewall.
+#
+# Complete documentation is available at http://shorewall.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of Version 2 of the GNU General Public License
+# as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+#
+### BEGIN INIT INFO
+# Provides: shorewall-init
+# Required-Start: $local_fs
+# Required-Stop: $local_fs
+# Default-Start: 2 3 5
+# Default-Stop: 0 1 6
+# Short-Description: Initialize the firewall at boot time
+# Description: Place the firewall in a safe state at boot time
+# prior to bringing up the network.
+### END INIT INFO
+
+if [ "$(id -u)" != "0" ]
+then
+ echo "You must be root to start, stop or restart \"Shorewall \"."
+ exit 1
+fi
+
+# check if shorewall-init is configured or not
+if [ -f "/etc/sysconfig/shorewall-init" ]
+then
+ . /etc/sysconfig/shorewall-init
+ if [ -z "$PRODUCTS" ]
+ then
+ exit 0
+ fi
+else
+ exit 0
+fi
+
+#
+# The installer may alter this
+#
+. /usr/share/shorewall/shorewallrc
+
+# Initialize the firewall
+shorewall_start () {
+ local PRODUCT
+ local VARDIR
+
+ echo -n "Initializing \"Shorewall-based firewalls\": "
+ for PRODUCT in $PRODUCTS; do
+ if [ -x ${VARDIR}/firewall ]; then
+ if ! ${SBIN}/$PRODUCT status > /dev/null 2>&1; then
+ ${VARDIR}/firewall stop || echo_notdone
+ fi
+ fi
+ done
+
+ if [ -n "$SAVE_IPSETS" -a -f "$SAVE_IPSETS" ]; then
+ ipset -R < "$SAVE_IPSETS"
+ fi
+
+ return 0
+}
+
+# Clear the firewall
+shorewall_stop () {
+ local PRODUCT
+ local VARDIR
+
+ echo -n "Clearing \"Shorewall-based firewalls\": "
+ for PRODUCT in $PRODUCTS; do
+ if [ -x ${VARDIR}/firewall ]; then
+ ${VARDIR}/firewall clear || exit 1
+ fi
+ done
+
+ if [ -n "$SAVE_IPSETS" ]; then
+ mkdir -p $(dirname "$SAVE_IPSETS")
+ if ipset -S > "${SAVE_IPSETS}.tmp"; then
+ grep -qE -- '^(-N|create )' "${SAVE_IPSETS}.tmp" && mv -f "${SAVE_IPSETS}.tmp" "$SAVE_IPSETS"
+ fi
+ fi
+
+ return 0
+}
+
+case "$1" in
+ start)
+ shorewall_start
+ ;;
+ stop)
+ shorewall_stop
+ ;;
+ *)
+ echo "Usage: /etc/init.d/shorewall-init {start|stop}"
+ exit 1
+esac
+
+exit 0
diff --git a/Shorewall-lite/init.suse.sh b/Shorewall-lite/init.suse.sh
new file mode 100755
index 0000000..ea7df61
--- /dev/null
+++ b/Shorewall-lite/init.suse.sh
@@ -0,0 +1,92 @@
+#!/bin/sh
+#
+# The Shoreline Firewall (Shorewall) Packet Filtering Firewall - V4.5
+#
+# This program is under GPL [http://www.gnu.org/licenses/old-licenses/gpl-2.0.txt]
+#
+# (c) 1999,2000,2001,2002,2003,2004,2005,2006,2007,2012 - Tom Eastep ([email protected])
+#
+# On most distributions, this file should be called /etc/init.d/shorewall.
+#
+# Complete documentation is available at http://shorewall.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of Version 2 of the GNU General Public License
+# as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+# If an error occurs while starting or restarting the firewall, the
+# firewall is automatically stopped.
+#
+# Commands are:
+#
+# shorewall start Starts the firewall
+# shorewall restart Restarts the firewall
+# shorewall reload Reload the firewall
+# (same as restart)
+# shorewall stop Stops the firewall
+# shorewall status Displays firewall status
+#
+
+
+### BEGIN INIT INFO
+# Provides: shorewall-lite
+# Required-Start: $network $remote_fs
+# Required-Stop:
+# Default-Start: 2 3 5
+# Default-Stop: 0 1 6
+# Description: starts and stops the shorewall firewall
+# Short-Description: Packet filtering firewall
+### END INIT INFO
+
+################################################################################
+# Give Usage Information #
+################################################################################
+usage() {
+ echo "Usage: $0 start|stop|reload|restart|status"
+ exit 1
+}
+
+################################################################################
+# Get startup options (override default)
+################################################################################
+OPTIONS=
+
+#
+# The installer may alter this
+#
+. /usr/share/shorewall/shorewallrc
+
+if [ -f ${SYSCONFDIR}/shorewall-lite ]; then
+ . ${SYSCONFDIR}/shorewall-lite
+fi
+
+SHOREWALL_INIT_SCRIPT=1
+
+################################################################################
+# E X E C U T I O N B E G I N S H E R E #
+################################################################################
+command="$1"
+
+case "$command" in
+ start)
+ exec ${SBINDIR}/shorewall-lite $OPTIONS start $STARTOPTIONS
+ ;;
+ restart|reload)
+ exec ${SBINDIR}/shorewall-lite $OPTIONS restart $RESTARTOPTIONS
+ ;;
+ status|stop)
+ exec ${SBINDIR}/shorewall-lite $OPTIONS $command $@
+ ;;
+ *)
+ usage
+ ;;
+esac
diff --git a/Shorewall-lite/install.sh b/Shorewall-lite/install.sh
index f751dbc..e5d77b4 100755
--- a/Shorewall-lite/install.sh
+++ b/Shorewall-lite/install.sh
@@ -253,8 +253,11 @@ case "$HOST" in
archlinux)
echo "Installing ArchLinux-specific configuration..."
;;
- linux|suse)
+ suse )
+ echo "Installing Suse-specific configuration..."
;;
+ linux )
+ ;;
*)
echo "ERROR: Unknown HOST \"$HOST\"" >&2
exit 1;
diff --git a/Shorewall/init.suse.sh b/Shorewall/init.suse.sh
new file mode 100755
index 0000000..a7157db
--- /dev/null
+++ b/Shorewall/init.suse.sh
@@ -0,0 +1,93 @@
+#!/bin/sh
+#
+# The Shoreline Firewall (Shorewall) Packet Filtering Firewall - V4.2
+#
+# This program is under GPL [http://www.gnu.org/licenses/old-licenses/gpl-2.0.txt]
+#
+# (c) 1999,2000,2001,2002,2003,2004,2005 - Tom Eastep ([email protected])
+#
+# On most distributions, this file should be called /etc/init.d/shorewall.
+#
+# Complete documentation is available at http://shorewall.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of Version 2 of the GNU General Public License
+# as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+# If an error occurs while starting or restarting the firewall, the
+# firewall is automatically stopped.
+#
+# Commands are:
+#
+# shorewall start Starts the firewall
+# shorewall restart Restarts the firewall
+# shorewall reload Reload the firewall
+# (same as restart)
+# shorewall stop Stops the firewall
+# shorewall status Displays firewall status
+#
+
+### BEGIN INIT INFO
+# Provides: shorewall
+# Required-Start: $network $remote_fs
+# Required-Stop: $network $remote_fs
+# Default-Start: 2 3 5
+# Default-Stop: 0 6
+# Short-Description: Configure the firewall at boot time
+# Description: Configure the firewall according to the rules specified in
+# /etc/shorewall
+### END INIT INFO
+
+################################################################################
+# Give Usage Information #
+################################################################################
+usage() {
+ echo "Usage: $0 start|stop|reload|restart|status" >&2
+ exit 1
+}
+
+################################################################################
+# Get startup options (override default)
+################################################################################
+OPTIONS="-v0"
+
+#
+# The installer may alter this
+#
+. /usr/share/shorewall/shorewallrc
+
+if [ -f ${SYSCONFDIR}/shorewall ]; then
+ . ${SYSCONFDIR}/shorewall
+fi
+
+export SHOREWALL_INIT_SCRIPT=1
+
+################################################################################
+# E X E C U T I O N B E G I N S H E R E #
+################################################################################
+command="$1"
+shift
+
+case "$command" in
+ start)
+ exec $SBINDIR/shorewall $OPTIONS start $STARTOPTIONS
+ ;;
+ restart|reload)
+ exec $SBINDIR/shorewall $OPTIONS restart $RESTARTOPTIONS
+ ;;
+ status|stop)
+ exec $SBINDIR/shorewall $OPTIONS $command
+ ;;
+ *)
+ usage
+ ;;
+esac
diff --git a/Shorewall6-lite/init.suse.sh b/Shorewall6-lite/init.suse.sh
new file mode 100644
index 0000000..f9764f6
--- /dev/null
+++ b/Shorewall6-lite/init.suse.sh
@@ -0,0 +1,87 @@
+#!/bin/sh
+#
+# The Shoreline Firewall (Shorewall) Packet Filtering Firewall - V4.5
+#
+# This program is under GPL [http://www.gnu.org/licenses/old-licenses/gpl-2.0.txt]
+#
+# (c) 1999,2000,2001,2002,2003,2004,2005,2006,2007,2012 - Tom Eastep ([email protected])
+#
+# On most distributions, this file should be called /etc/init.d/shorewall.
+#
+# Complete documentation is available at http://shorewall.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of Version 2 of the GNU General Public License
+# as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+# If an error occurs while starting or restarting the firewall, the
+# firewall is automatically stopped.
+#
+# Commands are:
+#
+# shorewall6-lite start Starts the firewall
+# shorewall6-lite restart Restarts the firewall
+# shorewall6-lite reload Reload the firewall
+# (same as restart)
+# shorewall6-lite stop Stops the firewall
+# shorewall6-lite status Displays firewall status
+#
+
+### BEGIN INIT INFO
+# Provides: shorewall6-lite
+# Required-Start: $local_fs $remote_fs $syslog $network
+# Required-Stop: $network $remote_fs
+# Default-Start: 2 3 5
+# Default-Stop: 0 1 6
+# Description: starts and stops the shorewall firewall
+# Short-Description: Packet filtering firewall
+### END INIT INFO
+
+################################################################################
+# Give Usage Information #
+################################################################################
+usage() {
+ echo "Usage: $0 start|stop|reload|restart|status"
+ exit 1
+}
+
+################################################################################
+# Get startup options (override default)
+################################################################################
+OPTIONS=
+
+#
+# The installer may alter this
+#
+. /usr/share/shorewall/shorewallrc
+
+export SHOREWALL_INIT_SCRIPT=1
+
+################################################################################
+# E X E C U T I O N B E G I N S H E R E #
+################################################################################
+command="$1"
+
+case "$command" in
+ start)
+ exec ${SBINDIR}/shorewall6-lite $OPTIONS start $STARTOPTIONS
+ ;;
+ restart|reload)
+ exec ${SBINDIR}/shorewall6-lite $OPTIONS restart $RESTARTOPTIONS
+ ;;
+ status|stop)
+ exec ${SBINDIR}/shorewall6-lite $OPTIONS $command $@
+ ;;
+ *)
+ usage
+ ;;
+esac
diff --git a/Shorewall6/init.suse.sh b/Shorewall6/init.suse.sh
new file mode 100755
index 0000000..358d934
--- /dev/null
+++ b/Shorewall6/init.suse.sh
@@ -0,0 +1,89 @@
+#!/bin/sh
+#
+# The Shoreline Firewall (Shorewall6) Packet Filtering Firewall - V4.5
+#
+# This program is under GPL [http://www.gnu.org/licenses/old-licenses/gpl-2.0.txt]
+#
+# (c) 1999,2000,2001,2002,2003,2004,2005,2012 - Tom Eastep ([email protected])
+#
+# On most distributions, this file should be called /etc/init.d/shorewall.
+#
+# Complete documentation is available at http://shorewall.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of Version 2 of the GNU General Public License
+# as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+# If an error occurs while starting or restarting the firewall, the
+# firewall is automatically stopped.
+#
+# Commands are:
+#
+# shorewall6 start Starts the firewall
+# shorewall6 restart Restarts the firewall
+# shorewall6 reload Reload the firewall
+# (same as restart)
+# shorewall6 stop Stops the firewall
+# shorewall6 status Displays firewall status
+#
+
+### BEGIN INIT INFO
+# Provides: shorewall6
+# Required-Start: $local_fs $remote_fs $syslog
+# Should-Start: VMware $time $named
+# Should-Stop: $null
+# Required-Stop: $null
+# Default-Start: 2 3 5
+# Default-Stop: 0 1 6
+# Description: starts and stops the shorewall6 firewall
+# Short-Description: Packet filtering firewall
+### END INIT INFO
+
+################################################################################
+# Give Usage Information #
+################################################################################
+usage() {
+ echo "Usage: $0 start|stop|reload|restart|status"
+ exit 1
+}
+
+################################################################################
+# Get startup options (override default)
+################################################################################
+OPTIONS="-v0"
+
+#
+# The installer may alter this
+#
+. /usr/share/shorewall/shorewallrc
+
+export SHOREWALL_INIT_SCRIPT=1
+
+################################################################################
+# E X E C U T I O N B E G I N S H E R E #
+################################################################################
+command="$1"
+
+case "$command" in
+ start)
+ exec ${SBINDIR}/shorewall6 $OPTIONS start $STARTOPTIONS
+ ;;
+ restart|reload)
+ exec ${SBINDIR}/shorewall6 $OPTIONS restart $RESTARTOPTIONS
+ ;;
+ status|stop)
+ exec ${SBINDIR}/shorewall6 $OPTIONS $command $@
+ ;;
+ *)
+ usage
+ ;;
+esac
--
1.7.11.5
------------------------------------------------------------------------------
Live Security Virtual Conference
Exclusive live event will cover all the ways today's security and
threat landscape has changed and how IT managers can respond. Discussions
will include endpoint security, mobile security and the latest in malware
threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
_______________________________________________
Shorewall-devel mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-devel
