From c75ce79e91b4caba035206920ae518426d09fa9d Mon Sep 17 00:00:00 2001
From: Felix Fietkau <nbd@openwrt.org>
Date: Fri, 11 Dec 2009 02:09:19 +0000
Subject: [PATCH] shorewall-lite: update  to the latest release in the 4.2
 series: 4.2.11. It also includes the following changes:   * use the shorewall
 "restore" action (very quick) if available in     the initscript's restart
 action   * modify the 110-MODULESDIR.patch to include /lib/modules/$(uname   
  -r) in the module search path   * include an iface hotplug action to reload
 the ruleset on     interface transitions

Signed-off-by: Brian J. Murrell <brian@interlinx.bc.ca>

SVN-Revision: 18737
---
 net/shorewall-lite/Makefile                   | 20 ++++++++++---------
 net/shorewall-lite/files/hotplug_iface        | 12 +++++++++++
 net/shorewall-lite/files/shorewall-lite.init  |  6 +++++-
 .../patches/110-MODULESDIR.patch              | 18 ++++++++---------
 4 files changed, 37 insertions(+), 19 deletions(-)
 create mode 100644 net/shorewall-lite/files/hotplug_iface

diff --git a/net/shorewall-lite/Makefile b/net/shorewall-lite/Makefile
index 5ba209d5e2..1cb6824133 100644
--- a/net/shorewall-lite/Makefile
+++ b/net/shorewall-lite/Makefile
@@ -8,18 +8,18 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=shorewall-lite
-PKG_VERSION:=4.0.12
+PKG_VERSION:=4.2.11
 PKG_RELEASE:=1
 
-PKG_SOURCE_URL:=http://www.shorewall.net/pub/shorewall/4.0/shorewall-$(PKG_VERSION)/ \
-	http://www1.shorewall.net/pub/shorewall/4.0/shorewall-$(PKG_VERSION)/ \
-	http://slovakia.shorewall.net/pub/shorewall/4.0/shorewall-$(PKG_VERSION)/ \
-	http://shorewall.de/pub/shorewall/4.0/shorewall-$(PKG_VERSION)/ \
-	http://www.shorewall.com.au/4.0/shorewall-$(PKG_VERSION)/ \
-	http://shorewall.infohiiway.com/pub/shorewall/4.0/shorewall-$(PKG_VERSION)/ \
-	http://www.shorewall.com.ar/pub/shorewall/shorewall/4.0/shorewall-$(PKG_VERSION)/
+PKG_SOURCE_URL:=http://www.shorewall.net/pub/shorewall/4.2/shorewall-$(PKG_VERSION)/ \
+	http://www1.shorewall.net/pub/shorewall/4.2/shorewall-$(PKG_VERSION)/ \
+	http://slovakia.shorewall.net/pub/shorewall/4.2/shorewall-$(PKG_VERSION)/ \
+	http://shorewall.de/pub/shorewall/4.2/shorewall-$(PKG_VERSION)/ \
+	http://www.shorewall.com.au/4.2/shorewall-$(PKG_VERSION)/ \
+	http://shorewall.infohiiway.com/pub/shorewall/4.2/shorewall-$(PKG_VERSION)/ \
+	http://www.shorewall.com.ar/pub/shorewall/shorewall/4.2/shorewall-$(PKG_VERSION)/
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2
-PKG_MD5SUM:=ab82b03f987f69536d305db40dc7692c
+PKG_MD5SUM:=cb34824f076fdff6b7457d85e124ea74
 
 include $(INCLUDE_DIR)/package.mk
 
@@ -50,9 +50,11 @@ endef
 define Package/shorewall-lite/install
 	$(INSTALL_DIR) $(1)/sbin
 	$(INSTALL_DIR) $(1)/etc/init.d
+	$(INSTALL_DIR) $(1)/etc/hotplug.d/iface
 	$(INSTALL_DIR) $(1)/etc/shorewall-lite
 	$(INSTALL_DIR) $(1)/usr/share
 	$(INSTALL_BIN) ./files/shorewall-lite.init $(1)/etc/init.d/shorewall-lite
+	$(INSTALL_BIN) ./files/hotplug_iface $(1)/etc/hotplug.d/iface/05-shorewall-lite
 	$(INSTALL_BIN) $(PKG_INSTALL_DIR)/sbin/shorewall-lite $(1)/sbin
 	$(CP) $(PKG_INSTALL_DIR)/usr/share/shorewall-lite $(1)/usr/share
 	$(INSTALL_BIN) ./files/hostname $(1)/usr/share/shorewall-lite
diff --git a/net/shorewall-lite/files/hotplug_iface b/net/shorewall-lite/files/hotplug_iface
new file mode 100644
index 0000000000..acb995074d
--- /dev/null
+++ b/net/shorewall-lite/files/hotplug_iface
@@ -0,0 +1,12 @@
+#!/bin/sh
+
+# should restart shorewall when an interface comes up
+
+[ ifup = "$ACTION" ] && {
+	/etc/init.d/shorewall-lite restart
+}
+
+[ ifdown = "$ACTION" ] && {
+	# might need to restore some routing
+	/etc/init.d/shorewall-lite restart
+}
diff --git a/net/shorewall-lite/files/shorewall-lite.init b/net/shorewall-lite/files/shorewall-lite.init
index 4194158495..fb081f3c5c 100644
--- a/net/shorewall-lite/files/shorewall-lite.init
+++ b/net/shorewall-lite/files/shorewall-lite.init
@@ -12,5 +12,9 @@ stop() {
 }
 
 restart() {
-	/sbin/shorewall-lite -qq restart
+	if [ -f /etc/shorewall-lite/state/restore ] ; then
+		/sbin/shorewall-lite -qq restore
+	else
+		/sbin/shorewall-lite -qq restart
+	fi
 }
diff --git a/net/shorewall-lite/patches/110-MODULESDIR.patch b/net/shorewall-lite/patches/110-MODULESDIR.patch
index 46f3f9c020..ddb6253e33 100644
--- a/net/shorewall-lite/patches/110-MODULESDIR.patch
+++ b/net/shorewall-lite/patches/110-MODULESDIR.patch
@@ -1,20 +1,20 @@
 --- a/lib.base
 +++ b/lib.base
-@@ -251,7 +251,7 @@
+@@ -267,7 +267,7 @@ reload_kernel_modules() {
  
-     [ -n "${MODULE_SUFFIX:=o gz ko o.gz ko.gz}" ]
+     [ -z "$MODULESDIR" ] && \
+ 	uname=$(uname -r) && \
+-	MODULESDIR=/lib/modules/$uname/kernel/net/ipv4/netfilter:/lib/modules/$uname/kernel/net/netfilter:/lib/modules/$uname/extra:/lib/modules/$uname/extra/ipset
++	MODULESDIR=/lib/modules/$uname/kernel/net/ipv4/netfilter:/lib/modules/$uname/kernel/net/netfilter:/lib/modules/$uname/extra:/lib/modules/$uname/extra/ipset:/lib/modules/$uname
  
--    [ -z "$MODULESDIR" ] && MODULESDIR=/lib/modules/$(uname -r)/kernel/net/ipv4/netfilter:/lib/modules/$(uname -r)/kernel/net/netfilter
-+    [ -z "$MODULESDIR" ] && MODULESDIR=/lib/modules/$(uname -r)/kernel/net/ipv4/netfilter:/lib/modules/$(uname -r)/kernel/net/netfilter:/lib/modules/$(uname -r)
      MODULES=$(lsmod | cut -d ' ' -f1)
  
-     for directory in $(split $MODULESDIR); do
-@@ -283,7 +283,7 @@
-     [ -n "${MODULE_SUFFIX:=o gz ko o.gz ko.gz}" ]
+@@ -306,7 +306,7 @@ load_kernel_modules() # $1 = Yes, if we 
  
      [ -z "$MODULESDIR" ] && \
--	MODULESDIR=/lib/modules/$(uname -r)/kernel/net/ipv4/netfilter:/lib/modules/$(uname -r)/kernel/net/netfilter
-+	MODULESDIR=/lib/modules/$(uname -r)/kernel/net/ipv4/netfilter:/lib/modules/$(uname -r)/kernel/net/netfilter:/lib/modules/$(uname -r)
+ 	uname=$(uname -r) && \
+-	MODULESDIR=/lib/modules/$uname/kernel/net/ipv4/netfilter:/lib/modules/$uname/kernel/net/netfilter:/lib/modules/$uname/extra:/lib/modules/$uname/extra/ipset
++	MODULESDIR=/lib/modules/$uname/kernel/net/ipv4/netfilter:/lib/modules/$uname/kernel/net/netfilter:/lib/modules/$uname/extra:/lib/modules/$uname/extra/ipset:/lib/modules/$uname
  
      for directory in $(split $MODULESDIR); do
  	[ -d $directory ] && moduledirectories="$moduledirectories $directory"
-- 
2.30.2