]> git.pld-linux.org Git - packages/firewall-init.git/blob - firewall-init-syntax_verify.patch
projects / packages / firewall-init.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
- typo
[packages/firewall-init.git] / firewall-init-syntax_verify.patch
1 --- firewall-init-2.1/firewall.init.orig        Mon Nov 11 10:48:08 2002
2 +++ firewall-init-2.1/firewall.init     Mon Mar 29 09:16:27 2004
3 @@ -23,6 +23,12 @@
4  
5  [ -f /sbin/ipchains ] || exit 0
6  
7 +syntax_error ()
8 +{
9 +       echo $2: "$(nls "$1")"
10 +       echo "$3"
11 +}
12 +
13  ipv4_forward_set ()
14  {
15         # Turn IP forwarding on or off. We do this before bringing up the
16 @@ -97,48 +103,150 @@
17         for CHAIN in ${FILES}; do
18             if [ -s ${CHAIN} ]; then
19                 grep -v '^#' ${CHAIN} | grep -v '^$' | \
20 -               while read POLICY PROTO SADDR SPORT DADDR DPORT IFACE OPTIONS ; do
21 +               while read LINE; do
22 +               #POLICY PROTO SADDR SPORT DADDR DPORT IFACE OPTIONS
23 +                   LINE2=`echo $LINE`
24 +                   POLICY=${LINE2%% *}
25 +                   LINE2=${LINE2#$POLICY}; LINE2=${LINE2# }
26                     case "${POLICY}" in
27 -                    [Nn][Oo][Nn][Ee])
28 +                     [Nn][Oo][Nn][Ee])
29                             POLICY=''
30                             ;;
31 -                    *)
32 +                     *)
33                             POLICY="-j ${POLICY}"
34                             ;;
35                     esac
36 +                   PROTO=${LINE2%% *}
37 +                   LINE2=${LINE2#$PROTO}; LINE2=${LINE2# }
38 +                   case "${PROTO}" in
39 +                     [Aa][Nn][Yy])
40 +                           PROTO=''
41 +                           ;;
42 +                     !)
43 +                           PROTO2=${LINE2%% *}
44 +                           LINE2=${LINE2#$PROTO2}; LINE2=${LINE2# }
45 +                           PROTO="-p ! ${PROTO2}"
46 +                           ;;
47 +                     *)
48 +                           PROTO="-p ${PROTO}"
49 +                   esac
50 +                   SADDR=${LINE2%% *}
51 +                   LINE2=${LINE2#$SADDR}; LINE2=${LINE2# }
52 +                   case "${SADDR}" in
53 +                     !)
54 +                           SADDR2=${LINE2%% *}
55 +                           LINE2=${LINE2#$SADDR2}; LINE2=${LINE2# }
56 +                           SADDR="! ${SADDR2}"
57 +                           ;;
58 +                   esac
59 +                   SPORT=${LINE2%% *}
60 +                   LINE2=${LINE2#$SPORT}; LINE2=${LINE2# }
61 +                   DADDR=''
62                     case "${SPORT}" in
63                       0:65535|[Aa][Nn][Yy])
64                             SPORT=''
65                             ;;
66 +                     */*|*.*.*.*)
67 +                           DADDR="${SPORT}"
68 +                           SPORT=''
69 +                           ;;
70 +                     !)
71 +                           SPORT2=${LINE2%% *}
72 +                           LINE2=${LINE2#$SPORT2}; LINE2=${LINE2# }
73 +                           case "${SPORT2}" in
74 +                             */*|*.*.*.*)
75 +                                   DADDR="! ${SPORT2}"
76 +                                   SPORT=''
77 +                                   ;;
78 +                             *)
79 +                                   if [ -z "$PROTO" ]; then
80 +                                       syntax_error "Source port is illegal in line:" "$CHAIN" "$LINE"
81 +                                   else
82 +                                       SPORT="! ${SPORT2}"
83 +                                   fi
84 +                           esac
85 +                           ;;
86 +                     *)
87 +                           if [ -z "$PROTO" ]; then
88 +                               syntax_error "Source port is illegal in line:" "$CHAIN" "$LINE"
89 +                           fi
90 +                   esac
91 +                   if [ -z "${DADDR}" ]; then
92 +                       DADDR=${LINE2%% *}
93 +                       LINE2=${LINE2#$DADDR}; LINE2=${LINE2# }
94 +                   fi
95 +                   case "${DADDR}" in
96 +                     !)
97 +                           DADDR2=${LINE2%% *}
98 +                           LINE2=${LINE2#$DADDR2}; LINE2=${LINE2# }
99 +                           DADDR="! ${DADDR2}"
100 +                           ;;
101                     esac
102 +                   DPORT=${LINE2%% *}
103 +                   LINE2=${LINE2#$DPORT}; LINE2=${LINE2# }
104 +                   IFACE=''
105                     case "${DPORT}" in
106                       0:65535|[Aa][Nn][Yy])
107                             DPORT=''
108                             ;;
109 +                     eth[+0-9]*|lo|ppp[+0-9]*|tunl[+0-9]*)
110 +                           IFACE="${DPORT}"
111 +                           DPORT=''
112 +                           ;;
113 +                     !)
114 +                           DPORT2=${LINE2%% *}
115 +                           LINE2=${LINE2#$DPORT2}; LINE2=${LINE2# }
116 +                           case "${DPORT2}" in
117 +                             eth[+0-9]*|lo|ppp[+0-9]*|tunl[+0-9]*)
118 +                                   IFACE="! ${DPORT2}"
119 +                                   DPORT=''
120 +                                   ;;
121 +                             *)
122 +                                   if [ -z "$PROTO" ]; then
123 +                                       syntax_error "Destination port is illegal in line:" "$CHAIN" "$LINE"
124 +                                   else
125 +                                       DPORT="! ${DPORT2}"
126 +                                   fi
127 +                           esac
128 +                           ;;
129 +                     *)
130 +                           if [ -z "$PROTO" ]; then
131 +                               syntax_error "Destination port is illegal in line:" "$CHAIN" "$LINE"
132 +                           fi
133                     esac
134 +                   if [ -z "${IFACE}" ]; then
135 +                       IFACE=${LINE2%% *}
136 +                       LINE2=${LINE2#$IFACE}; LINE2=${LINE2# }
137 +                   fi
138                     case "${IFACE}" in
139                       [Aa][Nn][Yy])
140                             IFACE=''
141                             ;;
142 +                     !)
143 +                           IFACE2=${LINE2%% *}
144 +                           LINE2=${LINE2#$IFACE2}; LINE2=${LINE2# }
145 +                           IFACE="-i ! ${IFACE2}"
146 +                           ;;
147                       *)
148                             IFACE="-i ${IFACE}"
149                             ;;
150                     esac
151 -                   /sbin/ipchains -A ${CHAIN} -p ${PROTO} ${IFACE} \
152 +                   OPTIONS=$LINE2
153 +                   /sbin/ipchains -A ${CHAIN} ${PROTO} ${IFACE} \
154                                 -s ${SADDR} ${SPORT} -d ${DADDR} ${DPORT} ${POLICY} ${OPTIONS} 2>> /tmp/.firewall
155                 done
156             fi
157         done
158         
159         for MODNAME in ${MASQ_MODS}; do
160 -               insmod ${MODNAME} > /dev/null 2> /dev/null
161 +           insmod ${MODNAME} > /dev/null 2> /dev/null
162         done
163         
164         if [ -s /tmp/.firewall ]; then
165             grep -v '^Try' < /tmp/.firewall | logger -t 'firewall' -p user.notice
166             deltext
167             fail
168 -           echo 'PROBLEMS SETTING UP FIREWALL.  CHECK /var/log/messages!'
169 +           echo $(nls 'PROBLEMS SETTING UP FIREWALL.  CHECK /var/log/messages!')
170         else
171             deltext
172             ok
173 @@ -155,7 +263,7 @@
174         /sbin/ipchains -X
175  
176         for MODNAME in ${MASQ_MODS}; do
177 -               rmmod ${MODNAME} > /dev/null 2> /dev/null
178 +           rmmod ${MODNAME} > /dev/null 2> /dev/null
179         done
180  
181         deltext
Firewall SysV-init style start-up script
This page took 0.065676 seconds and 3 git commands to generate.