On 12/18/2017 1:32 AM, Bill Shirley wrote: > [0:root@yoda filter.d]$ rpm -q shorewall6 > shorewall6-5.0.14.1-3.fc25.noarch > > In params I'm trying conditional execution: > > STAGING=yes # empty = No > # ------------- > ?if $STAGING > SFN_VPN1_IF=$SFNINET_IF # Comcast staging > SFN_VPN1_SRC_MARK=$SFNINET_MARK6 > SFN_VPN1_SRC_IP=$SFNINET_IP6 > SFN_VPN1_THIS_ENDPOINT=$SFNLAN_IP1 > ?else > SFN_VPN1_IF=$INET1_IF # Zimbabwe Comcast > SFN_VPN1_SRC_MARK=$INET1_MARK6 > SFN_VPN1_SRC_IP=$INET1_IP6 > SFN_VPN1_THIS_ENDPOINT=$ZIM_IP1 > ?endif > # ------------- > > ?if, ?else, and ?endif work fine in mangle. > > but Shorewall6's not happy: > > [0:root@yoda filter.d]$ shorewall6 check > /etc/shorewall6/params: line 231: ?if: command not found > /etc/shorewall6/params: line 236: ?else: command not found > /etc/shorewall6/params: line 241: ?endif: command not found > Checking using Shorewall 5.0.14.1... > Processing /etc/shorewall6/params ... > /etc/shorewall6/params: line 231: ?if: command not found > /etc/shorewall6/params: line 236: ?else: command not found > /etc/shorewall6/params: line 241: ?endif: command not found > > I tried uppercase in params too; doesn't work. > > Is there another way to do conditionals? >
My understanding is that /etc/shorewall[6]/params is a shell script. shorewall[6].conf: "SHOREWALL_SHELL=[pathname] This option is used to specify the shell program to be used to run the Shorewall compiler and to interpret the compiled script. If not specified or specified as a null value, /bin/sh is assumed. Using a light-weight shell such as ash or dash can significantly improve performance." -Matt -- Matt Darfeuille ------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot _______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users
