From: Felix Fietkau Date: Fri, 11 Dec 2009 02:09:19 +0000 (+0000) Subject: shorewall-lite: update to the latest release in the 4.2 series: 4.2.11. It also inclu... X-Git-Url: http://git.lede-project.org./?a=commitdiff_plain;h=f97c2b1a15066f9375a8f251a113bb29ebb8bb1f;p=openwrt%2Fsvn-archive%2Fpackages.git shorewall-lite: update to the latest release in the 4.2 series: 4.2.11. It also includes the following changes: * use the shorewall "restore" action (very quick) if available in the initscript's restart action * modify the 110-MODULESDIR.patch to include /lib/modules/$(uname -r) in the module search path * include an iface hotplug action to reload the ruleset on interface transitions Signed-off-by: Brian J. Murrell SVN-Revision: 18737 --- diff --git a/net/shorewall-lite/Makefile b/net/shorewall-lite/Makefile index 5ba209d5e..1cb682413 100644 --- a/net/shorewall-lite/Makefile +++ b/net/shorewall-lite/Makefile @@ -8,18 +8,18 @@ include $(TOPDIR)/rules.mk PKG_NAME:=shorewall-lite -PKG_VERSION:=4.0.12 +PKG_VERSION:=4.2.11 PKG_RELEASE:=1 -PKG_SOURCE_URL:=http://www.shorewall.net/pub/shorewall/4.0/shorewall-$(PKG_VERSION)/ \ - http://www1.shorewall.net/pub/shorewall/4.0/shorewall-$(PKG_VERSION)/ \ - http://slovakia.shorewall.net/pub/shorewall/4.0/shorewall-$(PKG_VERSION)/ \ - http://shorewall.de/pub/shorewall/4.0/shorewall-$(PKG_VERSION)/ \ - http://www.shorewall.com.au/4.0/shorewall-$(PKG_VERSION)/ \ - http://shorewall.infohiiway.com/pub/shorewall/4.0/shorewall-$(PKG_VERSION)/ \ - http://www.shorewall.com.ar/pub/shorewall/shorewall/4.0/shorewall-$(PKG_VERSION)/ +PKG_SOURCE_URL:=http://www.shorewall.net/pub/shorewall/4.2/shorewall-$(PKG_VERSION)/ \ + http://www1.shorewall.net/pub/shorewall/4.2/shorewall-$(PKG_VERSION)/ \ + http://slovakia.shorewall.net/pub/shorewall/4.2/shorewall-$(PKG_VERSION)/ \ + http://shorewall.de/pub/shorewall/4.2/shorewall-$(PKG_VERSION)/ \ + http://www.shorewall.com.au/4.2/shorewall-$(PKG_VERSION)/ \ + http://shorewall.infohiiway.com/pub/shorewall/4.2/shorewall-$(PKG_VERSION)/ \ + http://www.shorewall.com.ar/pub/shorewall/shorewall/4.2/shorewall-$(PKG_VERSION)/ PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2 -PKG_MD5SUM:=ab82b03f987f69536d305db40dc7692c +PKG_MD5SUM:=cb34824f076fdff6b7457d85e124ea74 include $(INCLUDE_DIR)/package.mk @@ -50,9 +50,11 @@ endef define Package/shorewall-lite/install $(INSTALL_DIR) $(1)/sbin $(INSTALL_DIR) $(1)/etc/init.d + $(INSTALL_DIR) $(1)/etc/hotplug.d/iface $(INSTALL_DIR) $(1)/etc/shorewall-lite $(INSTALL_DIR) $(1)/usr/share $(INSTALL_BIN) ./files/shorewall-lite.init $(1)/etc/init.d/shorewall-lite + $(INSTALL_BIN) ./files/hotplug_iface $(1)/etc/hotplug.d/iface/05-shorewall-lite $(INSTALL_BIN) $(PKG_INSTALL_DIR)/sbin/shorewall-lite $(1)/sbin $(CP) $(PKG_INSTALL_DIR)/usr/share/shorewall-lite $(1)/usr/share $(INSTALL_BIN) ./files/hostname $(1)/usr/share/shorewall-lite diff --git a/net/shorewall-lite/files/hotplug_iface b/net/shorewall-lite/files/hotplug_iface new file mode 100644 index 000000000..acb995074 --- /dev/null +++ b/net/shorewall-lite/files/hotplug_iface @@ -0,0 +1,12 @@ +#!/bin/sh + +# should restart shorewall when an interface comes up + +[ ifup = "$ACTION" ] && { + /etc/init.d/shorewall-lite restart +} + +[ ifdown = "$ACTION" ] && { + # might need to restore some routing + /etc/init.d/shorewall-lite restart +} diff --git a/net/shorewall-lite/files/shorewall-lite.init b/net/shorewall-lite/files/shorewall-lite.init index 419415849..fb081f3c5 100644 --- a/net/shorewall-lite/files/shorewall-lite.init +++ b/net/shorewall-lite/files/shorewall-lite.init @@ -12,5 +12,9 @@ stop() { } restart() { - /sbin/shorewall-lite -qq restart + if [ -f /etc/shorewall-lite/state/restore ] ; then + /sbin/shorewall-lite -qq restore + else + /sbin/shorewall-lite -qq restart + fi } diff --git a/net/shorewall-lite/patches/110-MODULESDIR.patch b/net/shorewall-lite/patches/110-MODULESDIR.patch index 46f3f9c02..ddb6253e3 100644 --- a/net/shorewall-lite/patches/110-MODULESDIR.patch +++ b/net/shorewall-lite/patches/110-MODULESDIR.patch @@ -1,20 +1,20 @@ --- a/lib.base +++ b/lib.base -@@ -251,7 +251,7 @@ +@@ -267,7 +267,7 @@ reload_kernel_modules() { - [ -n "${MODULE_SUFFIX:=o gz ko o.gz ko.gz}" ] + [ -z "$MODULESDIR" ] && \ + uname=$(uname -r) && \ +- MODULESDIR=/lib/modules/$uname/kernel/net/ipv4/netfilter:/lib/modules/$uname/kernel/net/netfilter:/lib/modules/$uname/extra:/lib/modules/$uname/extra/ipset ++ MODULESDIR=/lib/modules/$uname/kernel/net/ipv4/netfilter:/lib/modules/$uname/kernel/net/netfilter:/lib/modules/$uname/extra:/lib/modules/$uname/extra/ipset:/lib/modules/$uname -- [ -z "$MODULESDIR" ] && MODULESDIR=/lib/modules/$(uname -r)/kernel/net/ipv4/netfilter:/lib/modules/$(uname -r)/kernel/net/netfilter -+ [ -z "$MODULESDIR" ] && MODULESDIR=/lib/modules/$(uname -r)/kernel/net/ipv4/netfilter:/lib/modules/$(uname -r)/kernel/net/netfilter:/lib/modules/$(uname -r) MODULES=$(lsmod | cut -d ' ' -f1) - for directory in $(split $MODULESDIR); do -@@ -283,7 +283,7 @@ - [ -n "${MODULE_SUFFIX:=o gz ko o.gz ko.gz}" ] +@@ -306,7 +306,7 @@ load_kernel_modules() # $1 = Yes, if we [ -z "$MODULESDIR" ] && \ -- MODULESDIR=/lib/modules/$(uname -r)/kernel/net/ipv4/netfilter:/lib/modules/$(uname -r)/kernel/net/netfilter -+ MODULESDIR=/lib/modules/$(uname -r)/kernel/net/ipv4/netfilter:/lib/modules/$(uname -r)/kernel/net/netfilter:/lib/modules/$(uname -r) + uname=$(uname -r) && \ +- MODULESDIR=/lib/modules/$uname/kernel/net/ipv4/netfilter:/lib/modules/$uname/kernel/net/netfilter:/lib/modules/$uname/extra:/lib/modules/$uname/extra/ipset ++ MODULESDIR=/lib/modules/$uname/kernel/net/ipv4/netfilter:/lib/modules/$uname/kernel/net/netfilter:/lib/modules/$uname/extra:/lib/modules/$uname/extra/ipset:/lib/modules/$uname for directory in $(split $MODULESDIR); do [ -d $directory ] && moduledirectories="$moduledirectories $directory"