1 |
constanze 13/08/28 16:59:04 |
2 |
|
3 |
Added: shorewall6.confd shorewall6.conf-SUBSYSLOCK.patch |
4 |
shorewallrc shorewall6.initd shorewall6.systemd |
5 |
Log: |
6 |
Version bump; Add new files/ structure |
7 |
|
8 |
(Portage version: 2.1.12.2/cvs/Linux x86_64, signed Manifest commit with key BB80F419010E3EC3) |
9 |
|
10 |
Revision Changes Path |
11 |
1.1 net-firewall/shorewall6/files/4.5.19/shorewall6.confd |
12 |
|
13 |
file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/net-firewall/shorewall6/files/4.5.19/shorewall6.confd?rev=1.1&view=markup |
14 |
plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/net-firewall/shorewall6/files/4.5.19/shorewall6.confd?rev=1.1&content-type=text/plain |
15 |
|
16 |
Index: shorewall6.confd |
17 |
=================================================================== |
18 |
# Global start/restart/stop options |
19 |
# |
20 |
OPTIONS="" |
21 |
|
22 |
# Start options |
23 |
# |
24 |
STARTOPTIONS="" |
25 |
|
26 |
# Stop options |
27 |
# |
28 |
STOPOPTIONS="" |
29 |
|
30 |
# Restart options |
31 |
# |
32 |
RESTARTOPTIONS="" |
33 |
|
34 |
|
35 |
|
36 |
1.1 net-firewall/shorewall6/files/4.5.19/shorewall6.conf-SUBSYSLOCK.patch |
37 |
|
38 |
file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/net-firewall/shorewall6/files/4.5.19/shorewall6.conf-SUBSYSLOCK.patch?rev=1.1&view=markup |
39 |
plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/net-firewall/shorewall6/files/4.5.19/shorewall6.conf-SUBSYSLOCK.patch?rev=1.1&content-type=text/plain |
40 |
|
41 |
Index: shorewall6.conf-SUBSYSLOCK.patch |
42 |
=================================================================== |
43 |
--- configfiles/shorewall6.conf 2013-06-24 22:07:38.000000000 +0200 |
44 |
+++ configfiles/shorewall6.conf.new 2013-07-01 15:50:54.747711444 +0200 |
45 |
@@ -85,7 +85,7 @@ |
46 |
|
47 |
SHOREWALL_SHELL=/bin/sh |
48 |
|
49 |
-SUBSYSLOCK=/var/lock/subsys/shorewall6 |
50 |
+SUBSYSLOCK=/run/lock/shorewall6 |
51 |
|
52 |
TC= |
53 |
|
54 |
--- configfiles/shorewall6.conf.annotated 2013-06-27 20:32:22.000000000 +0200 |
55 |
+++ configfiles/shorewall6.conf.annotated.new 2013-07-01 15:51:38.448332964 +0200 |
56 |
@@ -444,7 +444,7 @@ |
57 |
# or specified as a null value, /bin/sh is assumed. Using a light-weight |
58 |
# shell such as ash or dash can significantly improve performance. |
59 |
# |
60 |
-SUBSYSLOCK=/var/lock/subsys/shorewall6 |
61 |
+SUBSYSLOCK=/run/lock/shorewall6 |
62 |
# |
63 |
# SUBSYSLOCK=[pathname] |
64 |
# |
65 |
|
66 |
|
67 |
|
68 |
1.1 net-firewall/shorewall6/files/4.5.19/shorewallrc |
69 |
|
70 |
file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/net-firewall/shorewall6/files/4.5.19/shorewallrc?rev=1.1&view=markup |
71 |
plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/net-firewall/shorewall6/files/4.5.19/shorewallrc?rev=1.1&content-type=text/plain |
72 |
|
73 |
Index: shorewallrc |
74 |
=================================================================== |
75 |
# |
76 |
# Gentoo Shorewall 4.5 rc file |
77 |
# |
78 |
BUILD= #Default is to detect the build system |
79 |
HOST=linux #Generic Linux |
80 |
PREFIX=@GENTOO_PORTAGE_EPREFIX@/usr #Top-level directory for shared files, libraries, etc. |
81 |
SHAREDIR=${PREFIX}/share #Directory for arch-neutral files. |
82 |
LIBEXECDIR=${PREFIX}/share #Directory for executable scripts. |
83 |
PERLLIBDIR=${PREFIX}/share/shorewall #Directory to install Shorewall Perl module directory |
84 |
CONFDIR=@GENTOO_PORTAGE_EPREFIX@/etc #Directory where subsystem configurations are installed |
85 |
SBINDIR=@GENTOO_PORTAGE_EPREFIX@/sbin #Directory where system administration programs are installed |
86 |
MANDIR=${PREFIX}/share/man #Directory where manpages are installed. |
87 |
INITDIR=${CONFDIR}/init.d #Directory where SysV init scripts are installed. |
88 |
INITFILE=${PRODUCT} #Name of the product's installed SysV init script |
89 |
INITSOURCE=init.gentoo.sh #Name of the distributed file to be installed as the SysV init script |
90 |
ANNOTATED= #If non-zero, annotated configuration files are installed |
91 |
SYSTEMD=@GENTOO_PORTAGE_EPREFIX@/usr/lib/systemd/system #Directory where .service files are installed (systems running systemd only) |
92 |
SYSCONFFILE=default.gentoo #Name of the distributed file to be installed in $SYSCONFDIR |
93 |
SYSCONFDIR=${CONFDIR}/conf.d #Directory where SysV init parameter files are installed |
94 |
SPARSE= #If non-empty, only install $PRODUCT/$PRODUCT.conf in $CONFDIR |
95 |
VARLIB=@GENTOO_PORTAGE_EPREFIX@/var/lib #Directory where product variable data is stored. |
96 |
VARDIR=${VARLIB}/${PRODUCT} #Directory where product variable data is stored. |
97 |
|
98 |
|
99 |
|
100 |
1.1 net-firewall/shorewall6/files/4.5.19/shorewall6.initd |
101 |
|
102 |
file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/net-firewall/shorewall6/files/4.5.19/shorewall6.initd?rev=1.1&view=markup |
103 |
plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/net-firewall/shorewall6/files/4.5.19/shorewall6.initd?rev=1.1&content-type=text/plain |
104 |
|
105 |
Index: shorewall6.initd |
106 |
=================================================================== |
107 |
#!/sbin/runscript |
108 |
# Copyright 1999-2013 Gentoo Foundation |
109 |
# Distributed under the terms of the GNU General Public License v2 |
110 |
# $Header: /var/cvsroot/gentoo-x86/net-firewall/shorewall6/files/4.5.19/shorewall6.initd,v 1.1 2013/08/28 16:59:04 constanze Exp $ |
111 |
|
112 |
description='The Shoreline Firewall 6, more commonly known as "Shorewall6", is' |
113 |
description="${description} a high-level tool for configuring Netfilter." |
114 |
|
115 |
extra_commands="check clear" |
116 |
extra_started_commands="refresh reset" |
117 |
|
118 |
description_check="Checks if the configuration will compile or not." |
119 |
|
120 |
description_clear="Clear will remove all rules and chains installed by" |
121 |
description_clear="${description_clear} Shorewall6. The firewall is then" |
122 |
description_clear="${description_clear} wide open and unprotected." |
123 |
|
124 |
description_refresh="The mangle table will be refreshed along with the" |
125 |
description_refresh="${description_refresh} blacklist chain (if any)." |
126 |
|
127 |
description_reset="All the packet and byte counters in the firewall are reset." |
128 |
|
129 |
depend() { |
130 |
need net |
131 |
provide firewall |
132 |
after ulogd |
133 |
} |
134 |
|
135 |
status() { |
136 |
local _retval |
137 |
/sbin/shorewall6 status 1>/dev/null |
138 |
_retval=$? |
139 |
if [ ${_retval} = '0' ]; then |
140 |
einfo 'status: started' |
141 |
mark_service_started "${SVCNAME}" |
142 |
return 0 |
143 |
else |
144 |
einfo 'status: stopped' |
145 |
mark_service_stopped "${SVCNAME}" |
146 |
return 3 |
147 |
fi |
148 |
} |
149 |
|
150 |
start() { |
151 |
ebegin "Starting shorewall6" |
152 |
/sbin/shorewall6 ${OPTIONS} start ${STARTOPTIONS} 1>/dev/null |
153 |
eend $? |
154 |
} |
155 |
|
156 |
stop() { |
157 |
ebegin "Stopping shorewall6" |
158 |
/sbin/shorewall6 ${OPTIONS} stop ${STOPOPTIONS} 1>/dev/null |
159 |
eend $? |
160 |
} |
161 |
|
162 |
restart() { |
163 |
# shorewall comes with its own control script that includes a |
164 |
# restart function, so refrain from calling svc_stop/svc_start |
165 |
# here. Note that this comment is required to fix bug 55576; |
166 |
# runscript.sh greps this script... (09 Jul 2004 agriffis) |
167 |
|
168 |
ebegin "Restarting shorewall6" |
169 |
/sbin/shorewall6 status 1>/dev/null |
170 |
if [ $? != 0 ] ; then |
171 |
svc_start |
172 |
else |
173 |
/sbin/shorewall6 ${OPTIONS} restart ${RESTARTOPTIONS} 1>/dev/null |
174 |
fi |
175 |
eend $? |
176 |
} |
177 |
|
178 |
clear() { |
179 |
# clear will remove all the rules and bring the system to an unfirewalled |
180 |
# state. (21 Nov 2004 eldad) |
181 |
|
182 |
ebegin "Clearing all shorewall rules and setting policy to ACCEPT" |
183 |
/sbin/shorewall6 ${OPTIONS} clear 1>/dev/null |
184 |
eend $? |
185 |
} |
186 |
|
187 |
reset() { |
188 |
# reset the packet and byte counters in the firewall |
189 |
|
190 |
ebegin "Resetting the packet and byte counters in shorewall6" |
191 |
/sbin/shorewall6 ${OPTIONS} reset 1>/dev/null |
192 |
eend $? |
193 |
} |
194 |
|
195 |
refresh() { |
196 |
# refresh the rules involving the broadcast addresses of firewall |
197 |
# interfaces, the black list, traffic control rules and |
198 |
# ECN control rules |
199 |
|
200 |
ebegin "Refreshing shorewall6 rules" |
201 |
/sbin/shorewall6 ${OPTIONS} refresh 1>/dev/null |
202 |
eend $? |
203 |
} |
204 |
|
205 |
check() { |
206 |
# perform cursory validation of the zones, interfaces, hosts, rules |
207 |
# and policy files. CAUTION: does not parse and validate the generated |
208 |
# iptables commands. |
209 |
|
210 |
ebegin "Checking shorewall6 configuration" |
211 |
/sbin/shorewall6 ${OPTIONS} check 1>/dev/null |
212 |
eend $? |
213 |
} |
214 |
|
215 |
|
216 |
|
217 |
1.1 net-firewall/shorewall6/files/4.5.19/shorewall6.systemd |
218 |
|
219 |
file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/net-firewall/shorewall6/files/4.5.19/shorewall6.systemd?rev=1.1&view=markup |
220 |
plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/net-firewall/shorewall6/files/4.5.19/shorewall6.systemd?rev=1.1&content-type=text/plain |
221 |
|
222 |
Index: shorewall6.systemd |
223 |
=================================================================== |
224 |
# |
225 |
# The Shoreline Firewall 6 (Shorewall6) Packet Filtering Firewall - V4.5 |
226 |
# |
227 |
[Unit] |
228 |
Description=Shorewall IPv6 firewall |
229 |
Documentation=man:shorewall6(8) http://www.shorewall.net/Documentation_Index.html |
230 |
After=network.target |
231 |
|
232 |
[Service] |
233 |
Type=oneshot |
234 |
RemainAfterExit=yes |
235 |
EnvironmentFile=/etc/conf.d/shorewall6 |
236 |
ExecStart=/sbin/shorewall6 $OPTIONS start $STARTOPTIONS |
237 |
ExecStop=/sbin/shorewall6 $OPTIONS stop $STOPOPTIONS |
238 |
|
239 |
[Install] |
240 |
WantedBy=multi-user.target |