diff options
Diffstat (limited to 'net-firewall/shorewall-init/files/4.5.21.9/shorewall-init.initd')
| -rw-r--r-- | net-firewall/shorewall-init/files/4.5.21.9/shorewall-init.initd | 196 |
1 files changed, 196 insertions, 0 deletions
diff --git a/net-firewall/shorewall-init/files/4.5.21.9/shorewall-init.initd b/net-firewall/shorewall-init/files/4.5.21.9/shorewall-init.initd new file mode 100644 index 000000000000..be652deec1db --- /dev/null +++ b/net-firewall/shorewall-init/files/4.5.21.9/shorewall-init.initd @@ -0,0 +1,196 @@ +#!/sbin/runscript +# Copyright 1999-2014 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/net-firewall/shorewall-init/files/4.5.21.9/shorewall-init.initd,v 1.1 2014/04/26 09:30:51 hwoarang Exp $ + +SHOREWALLRC_FILE="@GENTOO_PORTAGE_EPREFIX@/usr/share/shorewall/shorewallrc" +CONFIG_FILE="@GENTOO_PORTAGE_EPREFIX@/etc/conf.d/${SVCNAME}" + +description="Puts Shorewall in a safe state at boot time" +description="${description} prior to bringing up the network." + +required_files="$SHOREWALLRC_FILE" + +depend() { + need localmount + before net + after bootmisc ipset tmpfiles.setup ulogd +} + + +. $SHOREWALLRC_FILE + +checkconfig() { + local PRODUCT= + + if [ -z "${VARLIB}" ]; then + eerror "\"VARLIB\" isn't defined or empty! Please check" \ + "\"${SHOREWALLRC_FILE}\"." + + + return 1 + fi + + if [ -z "${PRODUCTS}" ]; then + eerror "${SVCNAME} isn't configured! Please check" \ + "\"${CONFIG_FILE}\"." + + + return 1 + fi + + for PRODUCT in ${PRODUCTS}; do + if [ ! -x ${SBINDIR}/${PRODUCT} ]; then + eerror "Invalid product \"${PRODUCT}\" specified" \ + "in \"${CONFIG_FILE}\"!" + eerror "Maybe \"${PRODUCT}\" isn't installed?" + + + return 1 + fi + done + + + return 0 +} + +check_firewall_script() { + if [ ! -x ${STATEDIR}/firewall ]; then + if [ ${PRODUCT} = shorewall -o ${PRODUCT} = shorewall6 ]; then + ebegin "Creating \"${STATEDIR}/firewall\"" + ${SBINDIR}/${PRODUCT} compile 1>/dev/null + eend $? + else + eerror "\"${PRODUCT}\" isn't configured!" + eerror "Please go to your 'administrative system'" \ + "and deploy the compiled firewall" \ + "configuration for this system." + + + return 1 + fi + fi + + + return 0 +} + +is_allowed_to_be_executed() { + # This is not a real service. shorewall-init is an intermediate + # script to put your Shorewall-based firewall into a safe state + # at boot time prior to bringing up the network. + # Please read /usr/share/doc/shorewall-init-*/README.gentoo.gz + # for more information. + # When your system is up, there is no need to call shorewall-init. + # Please call shorewall{,6,-lite,6-lite} directly. That's the + # reason why we are preventing start, stop or restart here. + + local PRODUCT= + + if [ "${RC_RUNLEVEL}" != "boot" -a "${RC_CMD}" = "start" ]; then + # Starting shorewall-init is only allowed at boot time + eerror "This is a boot service, which can only be started" \ + "at boot." + eerror "If you want to get your shorewall-based firewall" \ + "into the same safe boot state again, run" + eerror "" + eindent + for PRODUCT in ${PRODUCTS}; do + eerror "/etc/init.d/${PRODUCT} stop" + done + eoutdent + eerror "" + eerror "Yes, \"stop\" and not start." + eerror "" + return 1 + fi + + if [ "${RC_RUNLEVEL}" != "shutdown" -a "${RC_CMD}" = "stop" ]; then + # Stopping shorewall-init is only allowed at shutdown + eerror "This is a boot service, which cannot be stopped." + eerror "If you really want to stop your Shorewall-based" \ + "firewall the same way this service would stop" \ + "Shorewall at shutdown, please run" + eerror "" + eindent + for PRODUCT in ${PRODUCTS}; do + eerror "/etc/init.d/${PRODUCT} clear" + done + eoutdent + eerror "" + eerror "Keep in mind that this will clear (=bring down)" \ + "your firewall!" + eerror "" + return 1 + fi + + if [ "${RC_CMD}" = "restart" ]; then + eerror "This is a boot service, which cannot be restarted." + eerror "If you want to restart any of your Shorewall-based" \ + "firewalls, run" + eerror "" + eindent + for PRODUCT in ${PRODUCTS}; do + eerror "/etc/init.d/${PRODUCT} restart" + done + eoutdent + eerror "" + return 1 + fi + + + return 0 +} + +set_statedir() { + STATEDIR= + local VARDIR= + + if [ -f ${CONFDIR}/${PRODUCT}/vardir ]; then + STATEDIR=$( . ${CONFDIR}/${PRODUCT}/vardir && echo ${VARDIR} ) + fi + + [ ! -n "${STATEDIR}" ] && STATEDIR=${VARLIB}/${PRODUCT} +} + +start_pre() { + checkconfig || return 1 + + is_allowed_to_be_executed || return 1 +} + +start() { + local PRODUCT= + local STATEDIR= + + for PRODUCT in ${PRODUCTS}; do + set_statedir + + check_firewall_script || return 1 + + ebegin "Initializing \"${PRODUCT}\"" + ${STATEDIR}/firewall stop 1>/dev/null + eend $? + done +} + +stop_pre() { + checkconfig || return 1 + + is_allowed_to_be_executed || return 1 +} + +stop() { + local PRODUCT= + local STATEDIR= + + for PRODUCT in ${PRODUCTS}; do + set_statedir + + check_firewall_script || return 1 + + ebegin "Clearing \"${PRODUCT}\"" + ${STATEDIR}/firewall clear 1>/dev/null + eend $? + done +} |