On 9/3/12 5:06 PM, Mr Dash Four wrote:
>> Remove the FORMAT line.
> So I did.
>
>>>> 3) When the -e option is specified, the current working directory is
>>>> now included in the CONFIG_PATH.
>>> [me@test1 dmz]$ shorewall compile -T -p -e
>>> Compiling...
>>> Processing /home/me/shorewall/dmz/params ...
>>> Processing /home/me/shorewall/dmz/shorewall.conf...
>>> WARNING: Your capabilities file is out of date -- it does not contain
>>> all of the capabilities defined by Shorewall version 4.5.8-Beta1 at
>>> /usr/share/perl5/Shorewall/Config.pm line 4015
>>> Shorewall::Config::read_capabilities() called at
>>> /usr/share/perl5/Shorewall/Config.pm line 4079
>>> Shorewall::Config::get_capabilities(1) called at
>>> /usr/share/perl5/Shorewall/Config.pm line 4319
>>> Shorewall::Config::get_configuration(1, 0, 0) called at
>>> /usr/share/perl5/Shorewall/Compiler.pm line 624
>>> Shorewall::Compiler::compiler('script', '/var/lib//firewall',
>>> 'directory', ., 'verbosity', 1, 'timestamp', 0, 'debug', ...) called at
>>> /usr/libexec/shorewall/compiler.pl line 134
>>> ERROR: Directory /var/lib// is not writable at
>>> /usr/share/perl5/Shorewall/Config.pm line 1133
>>> Shorewall::Config::fatal_error('Directory /var/lib// is not writable')
>>> called at /usr/share/perl5/Shorewall/Config.pm line 1517
>>> Shorewall::Config::create_temp_script('/var/lib//firewall', 1) called
>>> at /usr/share/perl5/Shorewall/Compiler.pm line 630
>>> Shorewall::Compiler::compiler('script', '/var/lib//firewall',
>>> 'directory', ., 'verbosity', 1, 'timestamp', 0, 'debug', ...) called at
>>> /usr/libexec/shorewall/compiler.pl line 134
>>>
>>
>> I'm not seeing this issue. How did you install? Can I see the
>> shorewallrc file you used to install?
> You mean how did I install shorewall? Compiled the sources with rpmbuild
> (Fedora's own build tool), though I had to grab the rest of the Beta1
> archives, because shorewall.spec builds the whole lot. After doing that I
> just executed "rpm -Uvh shorewall-core-* shorewall-4.5.8-*".
> I suspect that the .spec file needs modification to compensate for the rearranged shorewallrc file. If you pass me a copy of shorewall.spec, I'll take a look. > As for my own shorewallrc file (I presume you are after the one for the remote system) - see attached. The attached patch corrects a mingling of the two shorewallrc file contents. -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________
diff --git a/Shorewall/Perl/Shorewall/Compiler.pm
b/Shorewall/Perl/Shorewall/Compiler.pm
index faa984d..06eac5b 100644
--- a/Shorewall/Perl/Shorewall/Compiler.pm
+++ b/Shorewall/Perl/Shorewall/Compiler.pm
@@ -158,7 +158,7 @@ sub generate_script_2() {
push_indent;
- if ( $shorewallrc{TEMPDIR} ) {
+ if ( $shorewallrc1{TEMPDIR} ) {
emit( '',
qq(TMPDIR="$shorewallrc{TEMPDIR}") ,
q(export TMPDIR) );
@@ -168,14 +168,14 @@ sub generate_script_2() {
emit( 'g_family=4' );
if ( $export ) {
- emit ( qq(g_confdir=$shorewallrc{CONFDIR}/shorewall-lite),
+ emit ( qq(g_confdir=$shorewallrc1{CONFDIR}/shorewall-lite),
'g_product="Shorewall Lite"',
'g_program=shorewall-lite',
'g_basedir=/usr/share/shorewall-lite',
-
qq(CONFIG_PATH="$shorewallrc{CONFDIR}/shorewall-lite:$shorewallrc{SHAREDIR}/shorewall-lite")
,
+
qq(CONFIG_PATH="$shorewallrc1{CONFDIR}/shorewall-lite:$shorewallrc1{SHAREDIR}/shorewall-lite")
,
);
} else {
- emit ( qq(g_confdir=$shorewallrc{CONFDIR}/shorewall),
+ emit ( qq(g_confdir=$shorewallrc1{CONFDIR}/shorewall),
'g_product=Shorewall',
'g_program=shorewall',
'g_basedir=/usr/share/shorewall',
@@ -186,14 +186,14 @@ sub generate_script_2() {
emit( 'g_family=6' );
if ( $export ) {
- emit ( qq(g_confdir=$shorewallrc{CONFDIR}/shorewall6-lite),
+ emit ( qq(g_confdir=$shorewallrc1{CONFDIR}/shorewall6-lite),
'g_product="Shorewall6 Lite"',
'g_program=shorewall6-lite',
'g_basedir=/usr/share/shorewall6',
-
qq(CONFIG_PATH="$shorewallrc{CONFDIR}/shorewall6-lite:$shorewallrc{SHAREDIR}/shorewall6-lite")
,
+
qq(CONFIG_PATH="$shorewallrc1{CONFDIR}/shorewall6-lite:$shorewallrc{SHAREDIR}/shorewall6-lite")
,
);
} else {
- emit ( qq(g_confdir=$shorewallrc{CONFDIR}/shorewall6),
+ emit ( qq(g_confdir=$shorewallrc1{CONFDIR}/shorewall6),
'g_product=Shorewall6',
'g_program=shorewall6',
'g_basedir=/usr/share/shorewall',
@@ -206,15 +206,15 @@ sub generate_script_2() {
if ( $family == F_IPV4 ) {
if ( $export ) {
- emit ( '[ -n "${VARDIR:=' . $shorewallrc{VARDIR} .
'/shorewall-lite}" ]' );
+ emit ( '[ -n "${VARDIR:=' . $shorewallrc1{VARDIR} .
'/shorewall-lite}" ]' );
} else {
- emit ( '[ -n "${VARDIR:=' . $shorewallrc{VARDIR} . '/shorewall}" ]'
);
+ emit ( '[ -n "${VARDIR:=' . $shorewallrc1{VARDIR} . '/shorewall}"
]' );
}
} else {
if ( $export ) {
- emit ( '[ -n "${VARDIR:=' . $shorewallrc{VARDIR} .
'/shorewall6-lite}" ]' );
+ emit ( '[ -n "${VARDIR:=' . $shorewallrc1{VARDIR} .
'/shorewall6-lite}" ]' );
} else {
- emit ( '[ -n "${VARDIR:=' . $shorewallrc{VARDIR} . '/shorewall6}"
]' );
+ emit ( '[ -n "${VARDIR:=' . $shorewallrc1{VARDIR} . '/shorewall6}"
]' );
}
}
diff --git a/Shorewall/Perl/Shorewall/Config.pm
b/Shorewall/Perl/Shorewall/Config.pm
index 61cf8c1..c90eca0 100644
--- a/Shorewall/Perl/Shorewall/Config.pm
+++ b/Shorewall/Perl/Shorewall/Config.pm
@@ -144,6 +144,7 @@ our %EXPORT_TAGS = ( internal => [ qw( create_temp_script
%globals
%config_files
%shorewallrc
+ %shorewallrc1
%helpers
%helpers_map
@@ -540,7 +541,7 @@ my $ifstack;
#
# From .shorewallrc
#
-our %shorewallrc;
+our ( %shorewallrc, %shorewallrc1 );
#
# read_a_line options
#
@@ -900,6 +901,11 @@ sub initialize( $;$$) {
SHAREDIR => '/usr/share/',
CONFDIR => '/etc/',
);
+
+ %shorewallrc1 = (
+ SHAREDIR => '/usr/share/',
+ CONFDIR => '/etc/',
+ );
%helpers_enabled = (
amanda => 1,
@@ -968,7 +974,15 @@ sub initialize( $;$$) {
#
# If we are compiling for export, process the shorewallrc from the remote
system
#
- process_shorewallrc( $shorewallrc1 ) if $shorewallrc1;
+ if ( $shorewallrc1 ) {
+ my %rc = %shorewallrc;
+ %shorewallrc = ( );
+ process_shorewallrc( $shorewallrc1 );
+ %shorewallrc1 = %shorewallrc;
+ %shorewallrc = %rc;
+ } else {
+ %shorewallrc1 = %shorewallrc;
+ }
}
my @abbr = qw( Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec );
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ Live Security Virtual Conference Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
_______________________________________________ Shorewall-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-devel
