summaryrefslogtreecommitdiff
path: root/network/arno-iptables-firewall/files/patch-configuration-script.diff
diff options
context:
space:
mode:
Diffstat (limited to 'network/arno-iptables-firewall/files/patch-configuration-script.diff')
-rw-r--r--network/arno-iptables-firewall/files/patch-configuration-script.diff100
1 files changed, 100 insertions, 0 deletions
diff --git a/network/arno-iptables-firewall/files/patch-configuration-script.diff b/network/arno-iptables-firewall/files/patch-configuration-script.diff
new file mode 100644
index 0000000000..de7aec5dbd
--- /dev/null
+++ b/network/arno-iptables-firewall/files/patch-configuration-script.diff
@@ -0,0 +1,100 @@
+33,34c33,34
+< if [ -f ./share/arno-iptables-firewall/environment ]; then
+< . ./share/arno-iptables-firewall/environment
+---
+> if [ -f /usr/share/arno-iptables-firewall/environment ]; then
+> . /usr/share/arno-iptables-firewall/environment
+36c36
+< printf "\033[40m\033[1;31mERROR: Could not read environment file ./share/arno-iptables-firewall/environment!\033[0m\n" >&2
+---
+> printf "\033[40m\033[1;31mERROR: Could not read environment file /usr/share/arno-iptables-firewall/environment!\033[0m\n" >&2
+70a71,75
+> else
+> # If no value is entered, remove (unless commented) previously set
+> # values: this is to prevent e.g. ports from remaining open, or
+> # internal interfaces from remaining enabled with NAT.
+> sed -i -e "s~^$2=.*$~$2=\"\"~" "$1"
+85c90
+< # else
+---
+> else
+86a92,94
+> # This is needed in order to allow function change_conf_var()
+> # to remove values for previously set open ports.
+> change_conf_var "$2" "$3" ""
+216a225,231
+> else
+> # Remove previously set values related to the internal interface
+> # if no internal interface is entered with this script.
+> change_conf_var "$FIREWALL_CONF" "INT_IF" ""
+> change_conf_var "$FIREWALL_CONF" "INTERNAL_NET" ""
+> change_conf_var "$FIREWALL_CONF" "INT_NET_BCAST_ADDRESS" ""
+> change_conf_var "$FIREWALL_CONF" "NAT" "0"
+218c233
+<
+---
+>
+220,222c235,237
+< chmod 755 /etc/init.d/arno-iptables-firewall
+< chown 0:0 "$FIREWALL_CONF" /etc/init.d/arno-iptables-firewall
+< chmod 600 "$FIREWALL_CONF"
+---
+> chmod 755 /etc/rc.d/rc.arno-iptables-firewall
+> chown 0:0 "$FIREWALL_CONF" /etc/rc.d/rc.arno-iptables-firewall
+> chmod 600 "$FIREWALL_CONF"
+227c242
+< AIF_VERSION="$(grep "MY_VERSION=" ./bin/arno-iptables-firewall |sed -e "s/^MY_VERSION=\"//" -e "s/\"$//")"
+---
+> AIF_VERSION="$(grep "MY_VERSION=" /usr/sbin/arno-iptables-firewall |sed -e "s/^MY_VERSION=\"//" -e "s/\"$//")"
+235,251d249
+< # Remove any symlinks in rc*.d out of the way
+< rm -f /etc/rc*.d/*arno-iptables-firewall
+<
+< if get_user_yn "Do you want to start the firewall at boot (via /etc/init.d/) (Y/N)?" "y"; then
+< if [ -d /etc/rcS.d ]; then
+< ln -sv /etc/init.d/arno-iptables-firewall /etc/rcS.d/S41arno-iptables-firewall
+< else
+< ln -sv /etc/init.d/arno-iptables-firewall /etc/rc2.d/S11arno-iptables-firewall
+< fi
+<
+< # Check for insserv. Used for dependency based booting on eg. Debian
+< INSSERV="$(find_command /sbin/insserv)"
+< if [ -n "$INSSERV" ]; then
+< "$INSSERV" arno-iptables-firewall
+< fi
+< fi
+<
+253c251
+< change_conf_var /etc/init.d/arno-iptables-firewall "VERBOSE" "1"
+---
+> change_conf_var /etc/rc.d/rc.arno-iptables-firewall "VERBOSE" "1"
+255c253
+< change_conf_var /etc/init.d/arno-iptables-firewall "VERBOSE" "0"
+---
+> change_conf_var /etc/rc.d/rc.arno-iptables-firewall "VERBOSE" "0"
+258c256
+< if diff ./etc/arno-iptables-firewall/firewall.conf "$FIREWALL_CONF" >/dev/null; then
+---
+> if diff /usr/share/arno-iptables-firewall/firewall.conf.orig "$FIREWALL_CONF" >/dev/null; then
+274a273,291
+> echo ""
+> echo "-------------------------------------------------------------------------------"
+> echo "** NOTE: 1) You can now (manually) (re)start the firewall by executing **"
+> echo "** \"/etc/rc.d/rc.arno-iptables-firewall start\" or **"
+> echo "** \"/etc/rc.d/rc.arno-iptables-firewall restart\" **"
+> echo "** It is recommended however to first review the settings in **"
+> echo "** /etc/arno-iptables-firewall/firewall.conf! **"
+> echo "** **"
+> echo "** 2) In order to start the firewall automatically at boot-time, **"
+> echo "** you will need to manually create in /etc/rc.d/ an appropriate **"
+> echo "** symlink, named \"rc.firewall\", pointing to the startup script. **"
+> echo "** To do that, issue the following command: **"
+> echo "** **"
+> echo "** ln -sv /etc/rc.d/rc.arno-iptables-firewall /etc/rc.d/rc.firewall **"
+> echo "** **"
+> echo "** Simply delete the link if you wish to disable firewall startup **"
+> echo "** at boot-time. **"
+> echo "-------------------------------------------------------------------------------"
+> echo ""
+277d293
+<