diff options
Diffstat (limited to 'network/arno-iptables-firewall/files/patch-configuration-script.diff')
-rw-r--r-- | network/arno-iptables-firewall/files/patch-configuration-script.diff | 100 |
1 files changed, 100 insertions, 0 deletions
diff --git a/network/arno-iptables-firewall/files/patch-configuration-script.diff b/network/arno-iptables-firewall/files/patch-configuration-script.diff new file mode 100644 index 0000000000..de7aec5dbd --- /dev/null +++ b/network/arno-iptables-firewall/files/patch-configuration-script.diff @@ -0,0 +1,100 @@ +33,34c33,34 +< if [ -f ./share/arno-iptables-firewall/environment ]; then +< . ./share/arno-iptables-firewall/environment +--- +> if [ -f /usr/share/arno-iptables-firewall/environment ]; then +> . /usr/share/arno-iptables-firewall/environment +36c36 +< printf "\033[40m\033[1;31mERROR: Could not read environment file ./share/arno-iptables-firewall/environment!\033[0m\n" >&2 +--- +> printf "\033[40m\033[1;31mERROR: Could not read environment file /usr/share/arno-iptables-firewall/environment!\033[0m\n" >&2 +70a71,75 +> else +> # If no value is entered, remove (unless commented) previously set +> # values: this is to prevent e.g. ports from remaining open, or +> # internal interfaces from remaining enabled with NAT. +> sed -i -e "s~^$2=.*$~$2=\"\"~" "$1" +85c90 +< # else +--- +> else +86a92,94 +> # This is needed in order to allow function change_conf_var() +> # to remove values for previously set open ports. +> change_conf_var "$2" "$3" "" +216a225,231 +> else +> # Remove previously set values related to the internal interface +> # if no internal interface is entered with this script. +> change_conf_var "$FIREWALL_CONF" "INT_IF" "" +> change_conf_var "$FIREWALL_CONF" "INTERNAL_NET" "" +> change_conf_var "$FIREWALL_CONF" "INT_NET_BCAST_ADDRESS" "" +> change_conf_var "$FIREWALL_CONF" "NAT" "0" +218c233 +< +--- +> +220,222c235,237 +< chmod 755 /etc/init.d/arno-iptables-firewall +< chown 0:0 "$FIREWALL_CONF" /etc/init.d/arno-iptables-firewall +< chmod 600 "$FIREWALL_CONF" +--- +> chmod 755 /etc/rc.d/rc.arno-iptables-firewall +> chown 0:0 "$FIREWALL_CONF" /etc/rc.d/rc.arno-iptables-firewall +> chmod 600 "$FIREWALL_CONF" +227c242 +< AIF_VERSION="$(grep "MY_VERSION=" ./bin/arno-iptables-firewall |sed -e "s/^MY_VERSION=\"//" -e "s/\"$//")" +--- +> AIF_VERSION="$(grep "MY_VERSION=" /usr/sbin/arno-iptables-firewall |sed -e "s/^MY_VERSION=\"//" -e "s/\"$//")" +235,251d249 +< # Remove any symlinks in rc*.d out of the way +< rm -f /etc/rc*.d/*arno-iptables-firewall +< +< if get_user_yn "Do you want to start the firewall at boot (via /etc/init.d/) (Y/N)?" "y"; then +< if [ -d /etc/rcS.d ]; then +< ln -sv /etc/init.d/arno-iptables-firewall /etc/rcS.d/S41arno-iptables-firewall +< else +< ln -sv /etc/init.d/arno-iptables-firewall /etc/rc2.d/S11arno-iptables-firewall +< fi +< +< # Check for insserv. Used for dependency based booting on eg. Debian +< INSSERV="$(find_command /sbin/insserv)" +< if [ -n "$INSSERV" ]; then +< "$INSSERV" arno-iptables-firewall +< fi +< fi +< +253c251 +< change_conf_var /etc/init.d/arno-iptables-firewall "VERBOSE" "1" +--- +> change_conf_var /etc/rc.d/rc.arno-iptables-firewall "VERBOSE" "1" +255c253 +< change_conf_var /etc/init.d/arno-iptables-firewall "VERBOSE" "0" +--- +> change_conf_var /etc/rc.d/rc.arno-iptables-firewall "VERBOSE" "0" +258c256 +< if diff ./etc/arno-iptables-firewall/firewall.conf "$FIREWALL_CONF" >/dev/null; then +--- +> if diff /usr/share/arno-iptables-firewall/firewall.conf.orig "$FIREWALL_CONF" >/dev/null; then +274a273,291 +> echo "" +> echo "-------------------------------------------------------------------------------" +> echo "** NOTE: 1) You can now (manually) (re)start the firewall by executing **" +> echo "** \"/etc/rc.d/rc.arno-iptables-firewall start\" or **" +> echo "** \"/etc/rc.d/rc.arno-iptables-firewall restart\" **" +> echo "** It is recommended however to first review the settings in **" +> echo "** /etc/arno-iptables-firewall/firewall.conf! **" +> echo "** **" +> echo "** 2) In order to start the firewall automatically at boot-time, **" +> echo "** you will need to manually create in /etc/rc.d/ an appropriate **" +> echo "** symlink, named \"rc.firewall\", pointing to the startup script. **" +> echo "** To do that, issue the following command: **" +> echo "** **" +> echo "** ln -sv /etc/rc.d/rc.arno-iptables-firewall /etc/rc.d/rc.firewall **" +> echo "** **" +> echo "** Simply delete the link if you wish to disable firewall startup **" +> echo "** at boot-time. **" +> echo "-------------------------------------------------------------------------------" +> echo "" +277d293 +< |