mirror of
https://github.com/firehol/firehol.git
synced 2024-06-28 18:02:33 +00:00
Extract common functions to functions.common.sh
Version number detection, command detection, terminal setup and a few other bits have moved. The processed (not .in) scripts will look for it in e.g. /usr/local/lib/firehol or wherever the system will install it. The .in scripts will look for it in their own directory. Updated the configure system so that it correctly replaces paths rather via the Makefile rather than trying to subsitute NONE in configire.ac. Extracted all of the configure-time command substitutions to a single sed file which is used to process the script.in files. Extended the package checks to cover this file.
This commit is contained in:
parent
d2c85854a0
commit
2c9a2d4000
1
.gitignore
vendored
1
.gitignore
vendored
@ -29,6 +29,7 @@ doc/apa*.html
|
||||
doc/services-?.xml
|
||||
doc/service-links
|
||||
doc/tools/pandoc-post
|
||||
sbin/commands.sed
|
||||
sbin/firehol
|
||||
sbin/fireqos
|
||||
sbin/link-balancer
|
||||
|
10
configure.ac
10
configure.ac
@ -114,9 +114,6 @@ else
|
||||
fi
|
||||
fi
|
||||
|
||||
FIREHOL_CONFIG_DIR=$(eval echo "$sysconfdir/firehol" | sed -e 's|^NONE|/usr/local|')
|
||||
AC_SUBST(FIREHOL_CONFIG_DIR)
|
||||
|
||||
PATH=$PATH:/sbin:/usr/sbin:/usr/local/sbin:/usr/local/bin
|
||||
|
||||
if test x"$USE_MAINTAINER_MODE" = xno; then
|
||||
@ -316,6 +313,7 @@ AC_SUBST(AUTOCONF_RUN)
|
||||
AC_CONFIG_FILES([
|
||||
Makefile
|
||||
sbin/Makefile
|
||||
sbin/commands.sed
|
||||
m4/Makefile
|
||||
doc/Makefile
|
||||
doc/firehol/Makefile
|
||||
@ -329,10 +327,4 @@ AC_CONFIG_FILES([
|
||||
packaging/Makefile
|
||||
])
|
||||
|
||||
AC_CONFIG_FILES([sbin/firehol], [chmod +x sbin/firehol])
|
||||
AC_CONFIG_FILES([sbin/fireqos], [chmod +x sbin/fireqos])
|
||||
AC_CONFIG_FILES([sbin/link-balancer], [chmod +x sbin/link-balancer])
|
||||
AC_CONFIG_FILES([sbin/update-ipsets], [chmod +x sbin/update-ipsets])
|
||||
AC_CONFIG_FILES([sbin/vnetbuild], [chmod +x sbin/vnetbuild])
|
||||
|
||||
AC_OUTPUT
|
||||
|
@ -19,6 +19,7 @@ MANUALMAN_GENERATED = \
|
||||
man/man1/fireqos.1 \
|
||||
man/man5/fireqos-class.5 \
|
||||
man/man5/fireqos-conf.5 \
|
||||
man/man5/fireqos-dscp.5 \
|
||||
man/man5/fireqos-interface.5 \
|
||||
man/man5/fireqos-match.5 \
|
||||
man/man5/fireqos-params.5 \
|
||||
|
@ -24,5 +24,5 @@ EXTRA_DIST = \
|
||||
$(ipsetsweb_DATA)
|
||||
|
||||
uninstall-local:
|
||||
@-rmdir --ignore-fail-on-non-empty $(DESTDIR)$(webdir)
|
||||
@-rmdir --ignore-fail-on-non-empty $(DESTDIR)$(ipsetswebdir)
|
||||
@-rmdir --ignore-fail-on-non-empty $(DESTDIR)$(ipsetsdir)
|
||||
|
@ -46,4 +46,4 @@ diff -r "$1" $MYTMP/unpack/* | grep "^Only" | sed \
|
||||
-e '/: firehol.*\.tar\.\(gz\|bz2\|xz\)$/d' \
|
||||
-e '/: unittest$/d' \
|
||||
-e '/sbin: \(firehol\|fireqos\|link-balancer\)$/d' \
|
||||
-e '/sbin: \(update-ipsets\|vnetbuild\)$/d'
|
||||
-e '/sbin: \(update-ipsets\|vnetbuild\|commands.sed\)$/d'
|
||||
|
@ -96,6 +96,13 @@ do
|
||||
sbin/Makefile.in)
|
||||
:
|
||||
;;
|
||||
configure.ac|sbin/commands.sed.in)
|
||||
check_commands sbin/firehol.in || status=1
|
||||
check_commands sbin/fireqos.in || status=1
|
||||
check_commands sbin/link-balancer.in || status=1
|
||||
check_commands sbin/update-ipsets.in || status=1
|
||||
check_commands sbin/vnetbuild.in || status=1
|
||||
;;
|
||||
sbin/*.in)
|
||||
check_commands $filename || status=1
|
||||
;;
|
||||
|
@ -46,8 +46,19 @@ check_version_matches() {
|
||||
check_commands() {
|
||||
local status=0
|
||||
|
||||
touch $MYTMP/commands-checked
|
||||
if grep -q -F -z "$1" $MYTMP/commands-checked
|
||||
then
|
||||
# Only check a file once - an edit to some files checks multiple
|
||||
return 0
|
||||
else
|
||||
echo "$1" >> $MYTMP/commands-checked
|
||||
fi
|
||||
|
||||
get_staged_file $1
|
||||
get_staged_file configure.ac
|
||||
get_staged_file sbin/commands.sed.in
|
||||
get_staged_file sbin/functions.common.sh
|
||||
|
||||
# Find commands that have been enclosed in quotes and remove anything after
|
||||
# if nothing matched the substitution, proceed to the next line
|
||||
@ -79,7 +90,7 @@ check_commands() {
|
||||
# proceed to next line if command starts with a dollar
|
||||
# proceed to next line if command ends with equals (assignment)
|
||||
# print line number
|
||||
sed -n -e '/^[YN]|/b' -e '/require_cmd/b' \
|
||||
sed -n -e '/^ *[YN]|/b' -e '/require_cmd/b' \
|
||||
-e 's/^/ /' -e 's/$/ /' -e T \
|
||||
-e 's/.*\(..\<[A-Z0-9_]*_CMD..\).*/\1/' -e T \
|
||||
-e 's/[{}]//' \
|
||||
@ -94,11 +105,11 @@ check_commands() {
|
||||
cat $MYTMP/errors
|
||||
fi
|
||||
|
||||
grep "^[YN]|" $MYTMP/files/$1 > $MYTMP/commands-defined
|
||||
sed -n -e "s/^ *[YN]|//p" $MYTMP/files/$1 > $MYTMP/commands-defined
|
||||
for cmd in $(tr " " "\n" < $MYTMP/files/$1 |
|
||||
sed -n -e 's/.*\(\<[A-Z0-9_]*\)_CMD.*/\1/p' | sort | uniq)
|
||||
do
|
||||
if ! grep -q "^[YN]|${cmd}_CMD|" $MYTMP/commands-defined
|
||||
if ! grep -q "^${cmd}_CMD|" $MYTMP/commands-defined
|
||||
then
|
||||
status=1
|
||||
echo "Missing definition of $cmd in $1 detection table."
|
||||
@ -114,12 +125,17 @@ check_commands() {
|
||||
fi
|
||||
done
|
||||
|
||||
while IFS="|" read yn cmd rest
|
||||
while IFS="|" read cmd subst defaults
|
||||
do
|
||||
if ! grep -q "\${*$cmd" $MYTMP/files/$1
|
||||
if ! grep -q "\${*$cmd" $MYTMP/files/$1 $MYTMP/files/sbin/*.sh
|
||||
then
|
||||
status=1
|
||||
echo "$cmd detected but never used in $1"
|
||||
echo "$cmd detected but never used in $1 or function libraries"
|
||||
fi
|
||||
if ! grep -q "#$subst#" $MYTMP/files/sbin/commands.sed.in
|
||||
then
|
||||
status=1
|
||||
echo "$cmd detected but $subst never substituted by sbin/commands.sed.in"
|
||||
fi
|
||||
done < $MYTMP/commands-defined
|
||||
|
||||
|
@ -39,7 +39,7 @@ sub printit {
|
||||
my $case = 0;
|
||||
my $case_start = 0;
|
||||
while (<>) {
|
||||
next if (/^[YN]\|/); # Skip command tables
|
||||
next if (/^\t*[YN]\|/); # Skip command tables
|
||||
next if (/^[[:space:]]*$/); # Skip blank lines
|
||||
next if (/^[[:space:]]#/); # Skip pure comments for efficiency
|
||||
next if (/`which .*head/); # Skip special case - initial command detection
|
||||
|
@ -22,7 +22,7 @@ while (<>) {
|
||||
my $required;
|
||||
my $conf_cmd;
|
||||
my $options;
|
||||
if (/^([YN])[|][^|]+[|]@([^|]+)@[|](.*)/) {
|
||||
if (/^\t*([YN])[|][^|]+[|]@([^|]+)@[|](.*)/) {
|
||||
$required = $1;
|
||||
$conf_cmd = $2;
|
||||
$options = $3;
|
||||
|
@ -1,5 +1,37 @@
|
||||
# Process this file with automake to produce Makefile.in
|
||||
|
||||
scriptsin = \
|
||||
firehol.in \
|
||||
fireqos.in \
|
||||
link-balancer.in \
|
||||
update-ipsets.in \
|
||||
vnetbuild.in
|
||||
|
||||
inclibdir = $(libdir)/firehol
|
||||
|
||||
SUFFIXES = .in
|
||||
.in:
|
||||
if [ "$@" = "commands.sed.in" ]; then \
|
||||
true; \
|
||||
elif sed \
|
||||
-e '/^# Start defaults before configure/,/^# End/d' \
|
||||
-e 's#[$$]prefix_POST#$(prefix)#g' \
|
||||
-e 's#[$$]bindir_POST#$(bindir)#g' \
|
||||
-e 's#[$$]libdir_POST#$(libdir)/firehol#g' \
|
||||
-e 's#[$$]localstatedir_POST#$(localstatedir)#g' \
|
||||
-e 's#[$$]sysconfdir_POST#$(sysconfdir)#g' \
|
||||
-f commands.sed \
|
||||
$< > $@.tmp; then \
|
||||
mv "$@.tmp" "$@"; \
|
||||
chmod 755 "$@"; \
|
||||
else \
|
||||
rm -f "$@.tmp"; \
|
||||
false; \
|
||||
fi
|
||||
|
||||
inclib_DATA = \
|
||||
functions.common.sh
|
||||
|
||||
scripts =
|
||||
if ENABLE_FIREHOL
|
||||
scripts += firehol
|
||||
@ -22,3 +54,11 @@ scripts += vnetbuild
|
||||
endif
|
||||
|
||||
sbin_SCRIPTS = $(scripts)
|
||||
|
||||
EXTRA_DIST = \
|
||||
commands.sed.in \
|
||||
$(scriptsin) \
|
||||
$(inclib_DATA)
|
||||
|
||||
uninstall-local:
|
||||
@-rmdir --ignore-fail-on-non-empty $(DESTDIR)$(inclibdir)
|
||||
|
72
sbin/commands.sed.in
Normal file
72
sbin/commands.sed.in
Normal file
@ -0,0 +1,72 @@
|
||||
s#[@]BRIDGE@#@BRIDGE@#g
|
||||
s#[@]CAT@#@CAT@#g
|
||||
s#[@]CHMOD@#@CHMOD@#g
|
||||
s#[@]CHOWN@#@CHOWN@#g
|
||||
s#[@]CP@#@CP@#g
|
||||
s#[@]CURL@#@CURL@#g
|
||||
s#[@]CUT@#@CUT@#g
|
||||
s#[@]DATE@#@DATE@#g
|
||||
s#[@]DIFF@#@DIFF@#g
|
||||
s#[@]DIRNAME@#@DIRNAME@#g
|
||||
s#[@]EGREP@#@EGREP@#g
|
||||
s#[@]ENV@#@ENV@#g
|
||||
s#[@]EXPR@#@EXPR@#g
|
||||
s#[@]FIND@#@FIND@#g
|
||||
s#[@]FLOCK@#@FLOCK@#g
|
||||
s#[@]FOLD@#@FOLD@#g
|
||||
s#[@]FUNZIP@#@FUNZIP@#g
|
||||
s#[@]GAWK@#@GAWK@#g
|
||||
s#[@]GIT@#@GIT@#g
|
||||
s#[@]GREP@#@GREP@#g
|
||||
s#[@]HEAD@#@HEAD@#g
|
||||
s#[@]HOSTNAMECMD@#@HOSTNAMECMD@#g
|
||||
s#[@]IP6TABLES@#@IP6TABLES@#g
|
||||
s#[@]IP6TABLES_RESTORE@#@IP6TABLES_RESTORE@#g
|
||||
s#[@]IP6TABLES_SAVE@#@IP6TABLES_SAVE@#g
|
||||
s#[@]IP@#@IP@#g
|
||||
s#[@]IPRANGE@#@IPRANGE@#g
|
||||
s#[@]IPSET@#@IPSET@#g
|
||||
s#[@]IPTABLES@#@IPTABLES@#g
|
||||
s#[@]IPTABLES_RESTORE@#@IPTABLES_RESTORE@#g
|
||||
s#[@]IPTABLES_SAVE@#@IPTABLES_SAVE@#g
|
||||
s#[@]JQ@#@JQ@#g
|
||||
s#[@]LN@#@LN@#g
|
||||
s#[@]LOGGER@#@LOGGER@#g
|
||||
s#[@]LS@#@LS@#g
|
||||
s#[@]LSMOD@#@LSMOD@#g
|
||||
s#[@]MKDIR@#@MKDIR@#g
|
||||
s#[@]MKTEMP@#@MKTEMP@#g
|
||||
s#[@]MODPROBE@#@MODPROBE@#g
|
||||
s#[@]MORE@#@MORE@#g
|
||||
s#[@]MV@#@MV@#g
|
||||
s#[@]NEATO@#@NEATO@#g
|
||||
s#[@]NFACCT@#@NFACCT@#g
|
||||
s#[@]PING6@#@PING6@#g
|
||||
s#[@]PING@#@PING@#g
|
||||
s#[@]RENICE@#@RENICE@#g
|
||||
s#[@]RMMOD@#@RMMOD@#g
|
||||
s#[@]RM@#@RM@#g
|
||||
s#[@]SCREEN@#@SCREEN@#g
|
||||
s#[@]SED@#@SED@#g
|
||||
s#[@]SEQ@#@SEQ@#g
|
||||
s#[@]SH@#@SH@#g
|
||||
s#[@]SLEEP@#@SLEEP@#g
|
||||
s#[@]SORT@#@SORT@#g
|
||||
s#[@]SS@#@SS@#g
|
||||
s#[@]STTY@#@STTY@#g
|
||||
s#[@]SYSCTL@#@SYSCTL@#g
|
||||
s#[@]TAIL@#@TAIL@#g
|
||||
s#[@]TAR@#@TAR@#g
|
||||
s#[@]TCPDUMP@#@TCPDUMP@#g
|
||||
s#[@]TC@#@TC@#g
|
||||
s#[@]TOUCH@#@TOUCH@#g
|
||||
s#[@]TPUT@#@TPUT@#g
|
||||
s#[@]TRACEROUTE@#@TRACEROUTE@#g
|
||||
s#[@]TR@#@TR@#g
|
||||
s#[@]UNAME@#@UNAME@#g
|
||||
s#[@]UNIQ@#@UNIQ@#g
|
||||
s#[@]UNZIP@#@UNZIP@#g
|
||||
s#[@]WC@#@WC@#g
|
||||
s#[@]WGET@#@WGET@#g
|
||||
s#[@]WHOIS@#@WHOIS@#g
|
||||
s#[@]ZCAT@#@ZCAT@#g
|
302
sbin/firehol.in
302
sbin/firehol.in
@ -25,8 +25,6 @@
|
||||
# See the file COPYING for details.
|
||||
#
|
||||
|
||||
#set -x -v
|
||||
|
||||
if [ $(( ${BASH_VERSINFO[0]} )) -lt 4 ]
|
||||
then
|
||||
echo >&2
|
||||
@ -38,61 +36,33 @@ then
|
||||
exit 1
|
||||
fi
|
||||
|
||||
get_version() {
|
||||
GIT_REF='$Format:%d,commit-%h$'
|
||||
local IFS=":(), "
|
||||
set -- "$GIT_REF"
|
||||
ver='$Id$'
|
||||
for i in ${@}
|
||||
do
|
||||
case "$i" in
|
||||
*[0-9].[0-9]*)
|
||||
echo "$i" | $SED_CMD -e 's/^v//'
|
||||
return 0
|
||||
;;
|
||||
commit-[0-9a-zA-Z]*)
|
||||
ver="$i"
|
||||
;;
|
||||
esac
|
||||
done
|
||||
echo "$ver"
|
||||
return 0
|
||||
}
|
||||
|
||||
emit_version() {
|
||||
${CAT_CMD} <<EOF
|
||||
|
||||
FireHOL $VERSION
|
||||
(C) Copyright 2003-2015 Costa Tsaousis <costa@tsaousis.gr>
|
||||
(C) Copyright 2012-2015 Phil Whineray <phil@firehol.org>
|
||||
FireHOL is distributed under the GPL v2+.
|
||||
Home Page: http://firehol.org
|
||||
|
||||
-------------------------------------------------------------------------
|
||||
Get notified of new FireHOL releases by subscribing to the mailing list:
|
||||
http://lists.firehol.org/mailman/listinfo/firehol-support/
|
||||
-------------------------------------------------------------------------
|
||||
|
||||
EOF
|
||||
}
|
||||
|
||||
# Make sure only root can run us.
|
||||
if [ ! "${UID}" = 0 ]
|
||||
then
|
||||
echo >&2
|
||||
echo >&2 "ERROR:"
|
||||
echo >&2 "Only user root can run FireHOL."
|
||||
echo >&2
|
||||
exit 1
|
||||
fi
|
||||
|
||||
# Remember who you are.
|
||||
PROGRAM_FILE="${0}"
|
||||
declare -a FIREHOL_ORIGINAL_ARGS=("${@}")
|
||||
FIREHOL_DEFAULT_WORKING_DIRECTORY="${PWD}"
|
||||
PROGRAM_DIR="${0%/*}"
|
||||
if [ "$PROGRAM_DIR" = "$0" ]; then PROGRAM_DIR="."; fi
|
||||
PROGRAM_PWD="${PWD}"
|
||||
declare -a PROGRAM_ORIGINAL_ARGS=("${@}")
|
||||
|
||||
# Make sure we don't get localized results
|
||||
export LC_ALL=C
|
||||
# Start defaults before configure
|
||||
prefix_POST=/usr
|
||||
sysconfdir_POST=/etc
|
||||
localstatedir_POST=/var
|
||||
libdir_POST=$PROGRAM_DIR
|
||||
# End defaults before configure
|
||||
for functions_file in $libdir_POST/functions.common.sh
|
||||
do
|
||||
if [ -r $functions_file ]
|
||||
then
|
||||
source $functions_file
|
||||
else
|
||||
1>&2 echo "Cannot access $functions_file"
|
||||
exit 1
|
||||
fi
|
||||
done
|
||||
|
||||
FIREHOL_CONFIG_DIR="$sysconfdir_POST/firehol"
|
||||
common_disable_localization || exit
|
||||
common_private_umask || exit
|
||||
common_require_root || exit
|
||||
|
||||
# ------------------------------------------------------------------------------
|
||||
# XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
|
||||
@ -856,150 +826,7 @@ fi
|
||||
# XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
|
||||
# ------------------------------------------------------------------------------
|
||||
|
||||
# Load commands FireHOL will need.
|
||||
|
||||
which_cmd() {
|
||||
local name="$1"
|
||||
shift
|
||||
|
||||
if [ "$1" = ":" ]
|
||||
then
|
||||
eval $name=":"
|
||||
return 0
|
||||
fi
|
||||
|
||||
unalias $1 >/dev/null 2>&1
|
||||
local cmd=`which $1 2>/dev/null | head -n 1`
|
||||
if [ $? -gt 0 -o ! -x "${cmd}" ]
|
||||
then
|
||||
return 1
|
||||
fi
|
||||
shift
|
||||
|
||||
if [ $# -eq 0 ]
|
||||
then
|
||||
eval $name="'${cmd}'"
|
||||
else
|
||||
eval $name="'${cmd} ${@}'"
|
||||
fi
|
||||
return 0
|
||||
}
|
||||
|
||||
require_cmd() {
|
||||
local var= val= block=1
|
||||
|
||||
if [ "$1" = "-n" ]
|
||||
then
|
||||
block=0
|
||||
shift
|
||||
fi
|
||||
|
||||
var="$1"
|
||||
shift
|
||||
|
||||
eval val=\$\{${var}\}
|
||||
if [ "${val}" ]
|
||||
then
|
||||
local cmd="${val/ */}"
|
||||
if [ ! -x "$cmd" ]
|
||||
then
|
||||
echo >&2
|
||||
if [ $block -eq 0 ]
|
||||
then
|
||||
echo >&2 "WARNING: optional command does not exist or is not executable ($cmd)"
|
||||
echo >&2 "please add or correct $var in firehol-defaults.conf"
|
||||
val=""
|
||||
else
|
||||
echo >&2 "ERROR: required command does not exist or is not executable ($cmd)"
|
||||
echo >&2 "please add or correct $var in firehol-defaults.conf"
|
||||
exit 1
|
||||
fi
|
||||
fi
|
||||
return 0
|
||||
elif [ $block -eq 0 ]
|
||||
then
|
||||
eval set -- "$@"
|
||||
for cmd in "$@"
|
||||
do
|
||||
eval "NEED_${var}"="\$NEED_${var}' ${cmd/ */}'"
|
||||
done
|
||||
return 0
|
||||
fi
|
||||
|
||||
if [ $# -eq 0 ]
|
||||
then
|
||||
eval set -- "\$NEED_${var}"
|
||||
fi
|
||||
|
||||
echo >&2
|
||||
echo >&2 "ERROR: FIREHOL REQUIRES ONE OF THESE COMMANDS:"
|
||||
echo >&2
|
||||
echo >&2 " ${@}"
|
||||
echo >&2
|
||||
echo >&2 " You have requested the use of a FireHOL"
|
||||
echo >&2 " feature that requires certain external programs"
|
||||
echo >&2 " to be installed in the running system."
|
||||
echo >&2
|
||||
echo >&2 " Please consult your Linux distribution manual to"
|
||||
echo >&2 " install the package(s) that provide these external"
|
||||
echo >&2 " programs and retry."
|
||||
echo >&2
|
||||
echo >&2 " Note that you need an operational 'which' command"
|
||||
echo >&2 " for FireHOL to find all the external programs it"
|
||||
echo >&2 " needs. Check it yourself. Run:"
|
||||
echo >&2
|
||||
for x in "${@}"
|
||||
do
|
||||
echo >&2 " which $x"
|
||||
done
|
||||
|
||||
exit 1
|
||||
}
|
||||
|
||||
which_all() {
|
||||
local cmd_var="$1"
|
||||
|
||||
eval set -- "$2"
|
||||
for cmd in "$@"
|
||||
do
|
||||
which_cmd $cmd_var $cmd && break
|
||||
done
|
||||
}
|
||||
|
||||
# Where required = Y, if a command is not found, FireHOL will refuse to run.
|
||||
# Where required = N, the command only required when it is actually used
|
||||
#
|
||||
# If a command is specified in /etc/firehol/firehol-defaults.conf it will
|
||||
# be used. Otherwise, if the script has been configured with ./configure
|
||||
# the detected versions will be used. If the script has not been configured
|
||||
# then the list of possible commands is autodetected.
|
||||
while IFS="|" read required cmd_var autoconf possibles
|
||||
do
|
||||
if [ "@AUTOCONF_RUN@" = "Y" ]
|
||||
then
|
||||
case "$autoconf" in
|
||||
"@"*) autoconf=""; ;;
|
||||
esac
|
||||
fi
|
||||
eval set_in_defaults=\"\$$cmd_var\"
|
||||
if [ "$set_in_defaults" ]
|
||||
then
|
||||
:
|
||||
elif [ "@AUTOCONF_RUN@" = "Y" -a ! -z "$autoconf" ]
|
||||
then
|
||||
eval $cmd_var=\"$autoconf\"
|
||||
else
|
||||
dirname="${0%/*}"
|
||||
if [ "$dirname" = "$0" ]; then dirname="."; fi
|
||||
PATH="/bin:/usr/bin:/sbin:/usr/sbin:$PATH:$dirname" which_all $cmd_var "$possibles"
|
||||
fi
|
||||
if [ "$required" = "Y" ]
|
||||
then
|
||||
require_cmd $cmd_var $possibles
|
||||
else
|
||||
require_cmd -n $cmd_var $possibles
|
||||
fi
|
||||
done <<-!
|
||||
common_load_commands $PROGRAM_FILE @AUTOCONF_RUN@ <<-!
|
||||
Y|CAT_CMD|@CAT@|cat
|
||||
Y|CUT_CMD|@CUT@|cut
|
||||
Y|CHOWN_CMD|@CHOWN@|chown
|
||||
@ -1049,42 +876,34 @@ Y|WC_CMD|@WC@|wc
|
||||
Y|CP_CMD|@CP@|cp
|
||||
Y|SLEEP_CMD|@SLEEP@|sleep
|
||||
!
|
||||
status=$?
|
||||
test $status -eq 0 || exit $status
|
||||
|
||||
VERSION=$(get_version)
|
||||
VERSION=$(common_get_version '$Id$')
|
||||
|
||||
emit_version() {
|
||||
${CAT_CMD} <<EOF
|
||||
|
||||
FireHOL $VERSION
|
||||
(C) Copyright 2003-2015 Costa Tsaousis <costa@tsaousis.gr>
|
||||
(C) Copyright 2012-2015 Phil Whineray <phil@firehol.org>
|
||||
FireHOL is distributed under the GPL v2+.
|
||||
Home Page: http://firehol.org
|
||||
|
||||
-------------------------------------------------------------------------
|
||||
Get notified of new FireHOL releases by subscribing to the mailing list:
|
||||
http://lists.firehol.org/mailman/listinfo/firehol-support/
|
||||
-------------------------------------------------------------------------
|
||||
|
||||
EOF
|
||||
}
|
||||
|
||||
RUNNING_ON_TERMINAL=0
|
||||
if [ "z$1" = "z-nc" ]
|
||||
then
|
||||
shift
|
||||
elif [ ! -z "$TPUT_CMD" ]
|
||||
then
|
||||
test -t 2 && RUNNING_ON_TERMINAL=1
|
||||
if [ -t 2 -a $[$($TPUT_CMD colors 2>/dev/null)] -ge 8 ]
|
||||
then
|
||||
# Enable colors
|
||||
COLOR_RESET="\e[0m"
|
||||
COLOR_BLACK="\e[30m"
|
||||
COLOR_RED="\e[31m"
|
||||
COLOR_GREEN="\e[32m"
|
||||
COLOR_YELLOW="\e[33m"
|
||||
COLOR_BLUE="\e[34m"
|
||||
COLOR_PURPLE="\e[35m"
|
||||
COLOR_CYAN="\e[36m"
|
||||
COLOR_WHITE="\e[37m"
|
||||
COLOR_BGBLACK="\e[40m"
|
||||
COLOR_BGRED="\e[41m"
|
||||
COLOR_BGGREEN="\e[42m"
|
||||
COLOR_BGYELLOW="\e[43m"
|
||||
COLOR_BGBLUE="\e[44m"
|
||||
COLOR_BGPURPLE="\e[45m"
|
||||
COLOR_BGCYAN="\e[46m"
|
||||
COLOR_BGWHITE="\e[47m"
|
||||
COLOR_BOLD="\e[1m"
|
||||
COLOR_DIM="\e[2m"
|
||||
COLOR_UNDERLINED="\e[4m"
|
||||
COLOR_BLINK="\e[5m"
|
||||
COLOR_INVERTED="\e[7m"
|
||||
fi
|
||||
else
|
||||
common_setup_terminal && RUNNING_ON_TERMINAL=1
|
||||
fi
|
||||
|
||||
# disable the spinner when we don't run on a terminal
|
||||
@ -1176,9 +995,6 @@ firehol_concurrent_run_lock() {
|
||||
return 0
|
||||
}
|
||||
|
||||
# Make sure our generated files cannot be accessed by anyone else.
|
||||
umask 077
|
||||
|
||||
# Be nice on production environments
|
||||
${RENICE_CMD} 10 $$ >/dev/null 2>/dev/null
|
||||
|
||||
@ -3365,7 +3181,7 @@ do
|
||||
fi
|
||||
fi
|
||||
done
|
||||
cd "${FIREHOL_DEFAULT_WORKING_DIRECTORY}" || exit 1
|
||||
cd "${PROGRAM_PWD}" || exit 1
|
||||
|
||||
# ------------------------------------------------------------------------------
|
||||
|
||||
@ -4479,7 +4295,7 @@ FIREHOL_TPROXY_IP_ROUTE_TABLE="241"
|
||||
FIREHOL_TPROXY_ROUTE_DEVICE="lo"
|
||||
|
||||
tproxy_setup_ip_route() {
|
||||
require_cmd IP_CMD
|
||||
common_require_cmd $PROGRAM_FILE IP_CMD
|
||||
|
||||
local x=
|
||||
for x in inet inet6
|
||||
@ -6202,7 +6018,7 @@ fi
|
||||
if [ -z "${KERNEL_CONFIG}" -a -f "/proc/config.gz" ]
|
||||
then
|
||||
KERNEL_CONFIG="/proc/config.gz"
|
||||
require_cmd ZCAT_CMD
|
||||
common_require_cmd $PROGRAM_FILE ZCAT_CMD
|
||||
${ZCAT_CMD} /proc/config.gz >"${FIREHOL_DIR}/kcfg" || KERNEL_CONFIG=
|
||||
fi
|
||||
|
||||
@ -6370,7 +6186,7 @@ load_kernel_module() {
|
||||
done
|
||||
LOADED_KERNEL_MODULES="${LOADED_KERNEL_MODULES} ${mod}"
|
||||
|
||||
require_cmd MODPROBE_CMD
|
||||
common_require_cmd $PROGRAM_FILE MODPROBE_CMD
|
||||
${MODPROBE_CMD} ${mod}
|
||||
if [ $? -gt 0 -a $? -ne 17 ] # 17: insmod, already loaded
|
||||
then
|
||||
@ -11253,10 +11069,10 @@ fi
|
||||
if [ "${FIREHOL_MODE}" = "WIZARD" ]
|
||||
then
|
||||
# require commands for wizard mode
|
||||
require_cmd IP_CMD
|
||||
require_cmd SS_CMD
|
||||
require_cmd DATE_CMD
|
||||
require_cmd HOSTNAME_CMD
|
||||
common_require_cmd $PROGRAM_FILE IP_CMD
|
||||
common_require_cmd $PROGRAM_FILE SS_CMD
|
||||
common_require_cmd $PROGRAM_FILE DATE_CMD
|
||||
common_require_cmd $PROGRAM_FILE HOSTNAME_CMD
|
||||
|
||||
wizard_ask() {
|
||||
local prompt="${1}" def="${2}" ans= c= t=
|
||||
@ -12233,8 +12049,8 @@ fi
|
||||
|
||||
if [ -n "$WAIT_FOR_IFACE" ]
|
||||
then
|
||||
require_cmd DATE_CMD
|
||||
require_cmd IP_CMD
|
||||
common_require_cmd $PROGRAM_FILE DATE_CMD
|
||||
common_require_cmd $PROGRAM_FILE IP_CMD
|
||||
for i in "$WAIT_FOR_IFACE"
|
||||
do
|
||||
wait_for_interface $i
|
||||
@ -12468,7 +12284,7 @@ then
|
||||
echo >&2 "activation disabled, like this:"
|
||||
echo >&2
|
||||
printf >&2 "${PROGRAM_FILE} nofast "
|
||||
printf >&2 "%q " "${FIREHOL_ORIGINAL_ARGS[@]}"
|
||||
printf >&2 "%q " "${PROGRAM_ORIGINAL_ARGS[@]}"
|
||||
printf >&2 "\n"
|
||||
fi
|
||||
|
||||
|
248
sbin/fireqos.in
248
sbin/fireqos.in
@ -35,49 +35,41 @@ then
|
||||
exit 1
|
||||
fi
|
||||
|
||||
PROGRAM_FILE="${0}"
|
||||
PROGRAM_DIR="${0%/*}"
|
||||
if [ "$PROGRAM_DIR" = "$0" ]; then PROGRAM_DIR="."; fi
|
||||
PROGRAM_PWD="${PWD}"
|
||||
declare -a PROGRAM_ORIGINAL_ARGS=("${@}")
|
||||
|
||||
# Start defaults before configure
|
||||
prefix_POST=/usr
|
||||
sysconfdir_POST=/etc
|
||||
localstatedir_POST=/var
|
||||
libdir_POST=$PROGRAM_DIR
|
||||
# End defaults before configure
|
||||
for functions_file in $libdir_POST/functions.common.sh
|
||||
do
|
||||
if [ -r $functions_file ]
|
||||
then
|
||||
source $functions_file
|
||||
else
|
||||
1>&2 echo "Cannot access $functions_file"
|
||||
exit 1
|
||||
fi
|
||||
done
|
||||
|
||||
FIREHOL_CONFIG_DIR="$sysconfdir_POST/firehol"
|
||||
common_disable_localization || exit
|
||||
common_public_umask || exit
|
||||
common_require_root || exit
|
||||
|
||||
# make sure sbin is included in the path
|
||||
# it seems that pppd ip-up.d script need this
|
||||
export PATH="$PATH:/sbin:/usr/sbin:/usr/local/sbin"
|
||||
|
||||
get_version() {
|
||||
GIT_REF='$Format:%d,commit-%h$'
|
||||
local IFS=":(), "
|
||||
set -- "$GIT_REF"
|
||||
ver='$Id$'
|
||||
for i in $@
|
||||
do
|
||||
case "$i" in
|
||||
*[0-9].[0-9]*)
|
||||
echo "$i" | $SED_CMD -e 's/^v//'
|
||||
return 0
|
||||
;;
|
||||
commit-[0-9a-zA-Z]*)
|
||||
ver="$i"
|
||||
;;
|
||||
esac
|
||||
done
|
||||
echo "$ver"
|
||||
return 0
|
||||
}
|
||||
|
||||
# Make sure we don't get localized results
|
||||
export LC_ALL=C
|
||||
|
||||
# let everyone read our status info
|
||||
umask 022
|
||||
|
||||
PROGRAM_FILE="$0"
|
||||
|
||||
# enabled extended pattern matching in bash
|
||||
shopt -s extglob
|
||||
|
||||
if [ "@AUTOCONF_RUN@" = "Y" ]
|
||||
then
|
||||
FIREHOL_CONFIG_DIR="@FIREHOL_CONFIG_DIR@"
|
||||
else
|
||||
FIREHOL_CONFIG_DIR="/etc/firehol"
|
||||
fi
|
||||
|
||||
FIREQOS_SYSLOG_FACILITY="daemon"
|
||||
FIREQOS_CONFIG=/etc/firehol/fireqos.conf
|
||||
FIREQOS_LOCK_FILE=/var/run/fireqos.lock
|
||||
@ -126,150 +118,7 @@ then
|
||||
source "${FIREHOL_CONFIG_DIR}/firehol-defaults.conf" || exit 1
|
||||
fi
|
||||
|
||||
# Load commands FireQOS will need.
|
||||
|
||||
which_cmd() {
|
||||
local name="$1"
|
||||
shift
|
||||
|
||||
if [ "$1" = ":" ]
|
||||
then
|
||||
eval $name=":"
|
||||
return 0
|
||||
fi
|
||||
|
||||
unalias $1 >/dev/null 2>&1
|
||||
local cmd=`which $1 2>/dev/null | head -n 1`
|
||||
if [ $? -gt 0 -o ! -x "${cmd}" ]
|
||||
then
|
||||
return 1
|
||||
fi
|
||||
shift
|
||||
|
||||
if [ $# -eq 0 ]
|
||||
then
|
||||
eval $name="'${cmd}'"
|
||||
else
|
||||
eval $name="'${cmd} ${@}'"
|
||||
fi
|
||||
return 0
|
||||
}
|
||||
|
||||
require_cmd() {
|
||||
local var= val= block=1
|
||||
|
||||
if [ "$1" = "-n" ]
|
||||
then
|
||||
block=0
|
||||
shift
|
||||
fi
|
||||
|
||||
var="$1"
|
||||
shift
|
||||
|
||||
eval val=\$\{${var}\}
|
||||
if [ "${val}" ]
|
||||
then
|
||||
local cmd="${val/ */}"
|
||||
if [ ! -x "$cmd" ]
|
||||
then
|
||||
echo >&2
|
||||
if [ $block -eq 0 ]
|
||||
then
|
||||
echo >&2 "WARNING: optional command does not exist or is not executable ($cmd)"
|
||||
echo >&2 "please add or correct $var in firehol-defaults.conf"
|
||||
val=""
|
||||
else
|
||||
echo >&2 "ERROR: required command does not exist or is not executable ($cmd)"
|
||||
echo >&2 "please add or correct $var in firehol-defaults.conf"
|
||||
exit 1
|
||||
fi
|
||||
fi
|
||||
return 0
|
||||
elif [ $block -eq 0 ]
|
||||
then
|
||||
eval set -- "$@"
|
||||
for cmd in "$@"
|
||||
do
|
||||
eval "NEED_${var}"="\$NEED_${var}' ${cmd/ */}'"
|
||||
done
|
||||
return 0
|
||||
fi
|
||||
|
||||
if [ $# -eq 0 ]
|
||||
then
|
||||
eval set -- "\$NEED_${var}"
|
||||
fi
|
||||
|
||||
echo >&2
|
||||
echo >&2 "ERROR: FIREQOS REQUIRES ONE OF THESE COMMANDS:"
|
||||
echo >&2
|
||||
echo >&2 " ${@}"
|
||||
echo >&2
|
||||
echo >&2 " You have requested the use of a FireQOS"
|
||||
echo >&2 " feature that requires certain external programs"
|
||||
echo >&2 " to be installed in the running system."
|
||||
echo >&2
|
||||
echo >&2 " Please consult your Linux distribution manual to"
|
||||
echo >&2 " install the package(s) that provide these external"
|
||||
echo >&2 " programs and retry."
|
||||
echo >&2
|
||||
echo >&2 " Note that you need an operational 'which' command"
|
||||
echo >&2 " for FireQOS to find all the external programs it"
|
||||
echo >&2 " needs. Check it yourself. Run:"
|
||||
echo >&2
|
||||
for x in "${@}"
|
||||
do
|
||||
echo >&2 " which $x"
|
||||
done
|
||||
|
||||
exit 1
|
||||
}
|
||||
|
||||
which_all() {
|
||||
local cmd_var="$1"
|
||||
|
||||
eval set -- "$2"
|
||||
for cmd in "$@"
|
||||
do
|
||||
which_cmd $cmd_var $cmd && break
|
||||
done
|
||||
}
|
||||
|
||||
# Where required = Y, if a command is not found, FireHOL will refuse to run.
|
||||
# Where required = N, the command only required when it is actually used
|
||||
#
|
||||
# If a command is specified in /etc/firehol/firehol-defaults.conf it will
|
||||
# be used. Otherwise, if the script has been configured with ./configure
|
||||
# the detected versions will be used. If the script has not been configured
|
||||
# then the list of possible commands is autodetected.
|
||||
while IFS="|" read required cmd_var autoconf possibles
|
||||
do
|
||||
if [ "@AUTOCONF_RUN@" = "Y" ]
|
||||
then
|
||||
case "$autoconf" in
|
||||
"@"*) autoconf=""; ;;
|
||||
esac
|
||||
fi
|
||||
eval set_in_defaults=\"\$$cmd_var\"
|
||||
if [ "$set_in_defaults" ]
|
||||
then
|
||||
:
|
||||
elif [ "@AUTOCONF_RUN@" = "Y" -a ! -z "$autoconf" ]
|
||||
then
|
||||
eval $cmd_var=\"$autoconf\"
|
||||
else
|
||||
dirname="${0%/*}"
|
||||
if [ "$dirname" = "$0" ]; then dirname="."; fi
|
||||
PATH="/bin:/usr/bin:/sbin:/usr/sbin:$PATH:$dirname" which_all $cmd_var "$possibles"
|
||||
fi
|
||||
if [ "$required" = "Y" ]
|
||||
then
|
||||
require_cmd $cmd_var $possibles
|
||||
else
|
||||
require_cmd -n $cmd_var $possibles
|
||||
fi
|
||||
done <<-!
|
||||
common_load_commands $PROGRAM_FILE @AUTOCONF_RUN@ <<-!
|
||||
N|TPUT_CMD|@TPUT@|tput
|
||||
Y|IP_CMD|@IP@|ip
|
||||
Y|MODPROBE_CMD|@MODPROBE@|'modprobe -q' insmod
|
||||
@ -295,42 +144,17 @@ Y|LS_CMD|@LS@|ls
|
||||
Y|DATE_CMD|@DATE@|date
|
||||
Y|TAIL_CMD|@TAIL@|tail
|
||||
!
|
||||
status=$?
|
||||
test $status -eq 0 || exit $status
|
||||
|
||||
VERSION=$(get_version)
|
||||
VERSION=$(common_get_version '$Id$')
|
||||
|
||||
RUNNING_ON_TERMINAL=0
|
||||
if [ "z$1" = "z-nc" ]
|
||||
then
|
||||
shift
|
||||
elif [ ! -z "$TPUT_CMD" ]
|
||||
then
|
||||
test -t 2 && RUNNING_ON_TERMINAL=1
|
||||
if [ -t 2 -a $[$($TPUT_CMD colors 2>/dev/null)] -ge 8 ]
|
||||
then
|
||||
# Enable colors
|
||||
COLOR_RESET="\e[0m"
|
||||
COLOR_BLACK="\e[30m"
|
||||
COLOR_RED="\e[31m"
|
||||
COLOR_GREEN="\e[32m"
|
||||
COLOR_YELLOW="\e[33m"
|
||||
COLOR_BLUE="\e[34m"
|
||||
COLOR_PURPLE="\e[35m"
|
||||
COLOR_CYAN="\e[36m"
|
||||
COLOR_WHITE="\e[37m"
|
||||
COLOR_BGBLACK="\e[40m"
|
||||
COLOR_BGRED="\e[41m"
|
||||
COLOR_BGGREEN="\e[42m"
|
||||
COLOR_BGYELLOW="\e[43m"
|
||||
COLOR_BGBLUE="\e[44m"
|
||||
COLOR_BGPURPLE="\e[45m"
|
||||
COLOR_BGCYAN="\e[46m"
|
||||
COLOR_BGWHITE="\e[47m"
|
||||
COLOR_BOLD="\e[1m"
|
||||
COLOR_DIM="\e[2m"
|
||||
COLOR_UNDERLINED="\e[4m"
|
||||
COLOR_BLINK="\e[5m"
|
||||
COLOR_INVERTED="\e[7m"
|
||||
fi
|
||||
else
|
||||
common_setup_terminal && RUNNING_ON_TERMINAL=1
|
||||
fi
|
||||
|
||||
# service definitions
|
||||
@ -3195,7 +3019,7 @@ stats_colors() {
|
||||
htb_stats() {
|
||||
local x=
|
||||
|
||||
require_cmd GAWK_CMD
|
||||
common_require_cmd $PROGRAM_FILE GAWK_CMD
|
||||
|
||||
trap cleanup_stats EXIT
|
||||
trap cleanup_stats SIGHUP
|
||||
@ -3583,7 +3407,7 @@ add_monitor() {
|
||||
}
|
||||
|
||||
monitor() {
|
||||
require_cmd TCPDUMP_CMD
|
||||
common_require_cmd $PROGRAM_FILE TCPDUMP_CMD
|
||||
|
||||
if [ -z "$1" -o ! -f "${FIREQOS_DIR}/$1.conf" ]
|
||||
then
|
||||
|
261
sbin/functions.common.sh
Executable file
261
sbin/functions.common.sh
Executable file
@ -0,0 +1,261 @@
|
||||
#
|
||||
# Copyright
|
||||
#
|
||||
# Copyright (C) 2003-2014 Costa Tsaousis <costa@tsaousis.gr>
|
||||
# Copyright (C) 2012-2014 Phil Whineray <phil@sanewall.org>
|
||||
#
|
||||
# See sbin/firehol.in for details
|
||||
#
|
||||
# This file contains functions used by the firehol suite.
|
||||
# To keep the namespace clean, functions defined in functions.x.sh
|
||||
# should be of the form x_whatever() if they are intended for general
|
||||
# use or int_x_whatever() if they are intended as helpers to the other
|
||||
# functions in the file.
|
||||
#
|
||||
|
||||
common_get_version() {
|
||||
local ver="$1"
|
||||
shift
|
||||
GIT_REF='$Format:%d,commit-%h$'
|
||||
local IFS=":(), "
|
||||
set -- "$GIT_REF"
|
||||
for i in $@
|
||||
do
|
||||
case "$i" in
|
||||
*[0-9].[0-9]*)
|
||||
echo "$i" | $SED_CMD -e 's/^v//'
|
||||
return 0
|
||||
;;
|
||||
commit-[0-9a-zA-Z]*)
|
||||
ver="$i"
|
||||
;;
|
||||
esac
|
||||
done
|
||||
echo "$ver"
|
||||
return 0
|
||||
}
|
||||
|
||||
which_cmd() {
|
||||
local name="$1"
|
||||
shift
|
||||
|
||||
if [ "$1" = ":" ]
|
||||
then
|
||||
eval $name=":"
|
||||
return 0
|
||||
fi
|
||||
|
||||
unalias $1 >/dev/null 2>&1
|
||||
local cmd=
|
||||
IFS= read cmd <<-EOF
|
||||
$(which $1 2> /dev/null)
|
||||
EOF
|
||||
|
||||
if [ $? -gt 0 -o ! -x "${cmd}" ]
|
||||
then
|
||||
return 1
|
||||
fi
|
||||
shift
|
||||
|
||||
if [ $# -eq 0 ]
|
||||
then
|
||||
eval $name="'${cmd}'"
|
||||
else
|
||||
eval $name="'${cmd} ${@}'"
|
||||
fi
|
||||
return 0
|
||||
}
|
||||
|
||||
common_require_cmd() {
|
||||
local progname= var= val= block=1
|
||||
|
||||
progname="$1"
|
||||
shift
|
||||
|
||||
if [ "$1" = "-n" ]
|
||||
then
|
||||
block=0
|
||||
shift
|
||||
fi
|
||||
|
||||
var="$1"
|
||||
shift
|
||||
|
||||
eval val=\$\{${var}\} || return 2
|
||||
if [ "${val}" ]
|
||||
then
|
||||
local cmd="${val/ */}"
|
||||
if [ ! -x "$cmd" ]
|
||||
then
|
||||
echo >&2
|
||||
if [ $block -eq 0 ]
|
||||
then
|
||||
echo >&2 "WARNING: optional command does not exist or is not executable ($cmd)"
|
||||
echo >&2 "please add or correct $var in firehol-defaults.conf"
|
||||
val=""
|
||||
else
|
||||
echo >&2 "ERROR: required command does not exist or is not executable ($cmd)"
|
||||
echo >&2 "please add or correct $var in firehol-defaults.conf"
|
||||
return 2
|
||||
fi
|
||||
fi
|
||||
|
||||
# link-balancer calls itself; export our findings so
|
||||
# we do not repeat all of the lookups
|
||||
eval export "$var"
|
||||
return 0
|
||||
elif [ $block -eq 0 ]
|
||||
then
|
||||
eval set -- "$@"
|
||||
for cmd in "$@"
|
||||
do
|
||||
eval "NEED_${var}"="\$NEED_${var}' ${cmd/ */}'"
|
||||
done
|
||||
return 0
|
||||
fi
|
||||
|
||||
if [ $# -eq 0 ]
|
||||
then
|
||||
eval set -- "\$NEED_${var}"
|
||||
fi
|
||||
|
||||
echo >&2
|
||||
echo >&2 "ERROR: $progname REQUIRES ONE OF THESE COMMANDS:"
|
||||
echo >&2
|
||||
echo >&2 " ${@}"
|
||||
echo >&2
|
||||
echo >&2 " You have requested the use of a $progname"
|
||||
echo >&2 " feature that requires certain external programs"
|
||||
echo >&2 " to be installed in the running system."
|
||||
echo >&2
|
||||
echo >&2 " Please consult your Linux distribution manual to"
|
||||
echo >&2 " install the package(s) that provide these external"
|
||||
echo >&2 " programs and retry."
|
||||
echo >&2
|
||||
echo >&2 " Note that you need an operational 'which' command"
|
||||
echo >&2 " for $progname to find all the external programs it"
|
||||
echo >&2 " needs. Check it yourself. Run:"
|
||||
echo >&2
|
||||
for x in "${@}"
|
||||
do
|
||||
echo >&2 " which $x"
|
||||
done
|
||||
|
||||
return 2
|
||||
}
|
||||
|
||||
int_common_which_all() {
|
||||
local cmd_var="$1"
|
||||
|
||||
eval set -- "$2"
|
||||
for cmd in "$@"
|
||||
do
|
||||
which_cmd $cmd_var $cmd && break
|
||||
done
|
||||
}
|
||||
|
||||
# Where required = Y, if a command is not found, FireHOL will refuse to run.
|
||||
# Where required = N, the command only required when it is actually used
|
||||
#
|
||||
# If a command is specified in /etc/firehol/firehol-defaults.conf it will
|
||||
# be used. Otherwise, if the script has been configured with ./configure
|
||||
# the detected versions will be used. If the script has not been configured
|
||||
# then the list of possible commands is autodetected.
|
||||
common_load_commands() {
|
||||
local progname="$1"
|
||||
shift
|
||||
local AUTOCONF_RUN="$1"
|
||||
shift
|
||||
|
||||
while IFS="|" read required cmd_var autoconf possibles
|
||||
do
|
||||
if [ "$AUTOCONF_RUN" = "Y" ]
|
||||
then
|
||||
case "$autoconf" in
|
||||
"@"*) autoconf=""; ;;
|
||||
esac
|
||||
fi
|
||||
eval set_in_defaults=\"\$$cmd_var\"
|
||||
if [ "$set_in_defaults" ]
|
||||
then
|
||||
:
|
||||
elif [ "$AUTOCONF_RUN" = "Y" -a ! -z "$autoconf" ]
|
||||
then
|
||||
eval $cmd_var=\"$autoconf\"
|
||||
else
|
||||
dirname="${0%/*}"
|
||||
if [ "$dirname" = "$0" ]; then dirname="."; fi
|
||||
PATH="/bin:/usr/bin:/sbin:/usr/sbin:/usr/local/bin:/usr/local/sbin:$PATH:$dirname" int_common_which_all $cmd_var "$possibles"
|
||||
fi
|
||||
if [ "$required" = "Y" ]
|
||||
then
|
||||
common_require_cmd $progname $cmd_var $possibles || return
|
||||
else
|
||||
common_require_cmd $progname -n $cmd_var $possibles || return
|
||||
fi
|
||||
done
|
||||
}
|
||||
|
||||
common_require_root() {
|
||||
if [ "${UID}" != 0 ]
|
||||
then
|
||||
echo >&2
|
||||
echo >&2 "ERROR:"
|
||||
echo >&2 "Only user root can run ${1}"
|
||||
echo >&2
|
||||
return 1
|
||||
fi
|
||||
return 0
|
||||
}
|
||||
|
||||
common_disable_localization() {
|
||||
export LC_ALL=C
|
||||
}
|
||||
|
||||
common_private_umask() {
|
||||
# Make sure our generated files cannot be accessed by anyone else.
|
||||
umask 077
|
||||
}
|
||||
|
||||
common_public_umask() {
|
||||
# let everyone read our status info
|
||||
umask 022
|
||||
}
|
||||
|
||||
common_setup_terminal() {
|
||||
# Are stdout/stderr on the terminal? If not, then fail
|
||||
test -t 2 || return 1
|
||||
test -t 1 || return 1
|
||||
|
||||
if [ ! -z "$TPUT_CMD" ]
|
||||
then
|
||||
if [ $[$($TPUT_CMD colors 2>/dev/null)] -ge 8 ]
|
||||
then
|
||||
# Enable colors
|
||||
COLOR_RESET="\e[0m"
|
||||
COLOR_BLACK="\e[30m"
|
||||
COLOR_RED="\e[31m"
|
||||
COLOR_GREEN="\e[32m"
|
||||
COLOR_YELLOW="\e[33m"
|
||||
COLOR_BLUE="\e[34m"
|
||||
COLOR_PURPLE="\e[35m"
|
||||
COLOR_CYAN="\e[36m"
|
||||
COLOR_WHITE="\e[37m"
|
||||
COLOR_BGBLACK="\e[40m"
|
||||
COLOR_BGRED="\e[41m"
|
||||
COLOR_BGGREEN="\e[42m"
|
||||
COLOR_BGYELLOW="\e[43m"
|
||||
COLOR_BGBLUE="\e[44m"
|
||||
COLOR_BGPURPLE="\e[45m"
|
||||
COLOR_BGCYAN="\e[46m"
|
||||
COLOR_BGWHITE="\e[47m"
|
||||
COLOR_BOLD="\e[1m"
|
||||
COLOR_DIM="\e[2m"
|
||||
COLOR_UNDERLINED="\e[4m"
|
||||
COLOR_BLINK="\e[5m"
|
||||
COLOR_INVERTED="\e[7m"
|
||||
fi
|
||||
fi
|
||||
|
||||
return 0
|
||||
}
|
@ -35,61 +35,40 @@ then
|
||||
exit 1
|
||||
fi
|
||||
|
||||
PROGRAM_FILE="${0}"
|
||||
PROGRAM_DIR="${0%/*}"
|
||||
if [ "$PROGRAM_DIR" = "$0" ]; then PROGRAM_DIR="."; fi
|
||||
PROGRAM_PWD="${PWD}"
|
||||
declare -a PROGRAM_ORIGINAL_ARGS=("${@}")
|
||||
|
||||
# Start defaults before configure
|
||||
prefix_POST=/usr
|
||||
sysconfdir_POST=/etc
|
||||
localstatedir_POST=/var
|
||||
libdir_POST=$PROGRAM_DIR
|
||||
# End defaults before configure
|
||||
for functions_file in $libdir_POST/functions.common.sh
|
||||
do
|
||||
if [ -r $functions_file ]
|
||||
then
|
||||
source $functions_file
|
||||
else
|
||||
1>&2 echo "Cannot access $functions_file"
|
||||
exit 1
|
||||
fi
|
||||
done
|
||||
|
||||
FIREHOL_CONFIG_DIR="$sysconfdir_POST/firehol"
|
||||
common_disable_localization || exit
|
||||
common_private_umask || exit
|
||||
common_require_root || exit
|
||||
|
||||
# make sure sbin is included in the path
|
||||
# it seems that pppd ip-up.d script need this
|
||||
export PATH="$PATH:/sbin:/usr/sbin:/usr/local/sbin"
|
||||
|
||||
PROGRAM_FILE="${0}"
|
||||
|
||||
get_version() {
|
||||
GIT_REF='$Format:%d,commit-%h$'
|
||||
local IFS=":(), "
|
||||
set -- "$GIT_REF"
|
||||
ver='$Id$'
|
||||
for i in $@
|
||||
do
|
||||
case "$i" in
|
||||
*[0-9].[0-9]*)
|
||||
echo "$i" | $SED_CMD -e 's/^v//'
|
||||
return 0
|
||||
;;
|
||||
commit-[0-9a-zA-Z]*)
|
||||
ver="$i"
|
||||
;;
|
||||
esac
|
||||
done
|
||||
echo "$ver"
|
||||
return 0
|
||||
}
|
||||
|
||||
# Make sure only root can run us.
|
||||
if [ ! "${UID}" = 0 ]
|
||||
then
|
||||
echo >&2
|
||||
echo >&2
|
||||
echo >&2 "Only user root can run Link Balancer."
|
||||
echo >&2
|
||||
exit 1
|
||||
fi
|
||||
|
||||
if [ "@AUTOCONF_RUN@" = "Y" ]
|
||||
then
|
||||
FIREHOL_CONFIG_DIR="@FIREHOL_CONFIG_DIR@"
|
||||
else
|
||||
FIREHOL_CONFIG_DIR="/etc/firehol"
|
||||
fi
|
||||
|
||||
declare -a LB_ORIGINAL_ARGS=("${@}")
|
||||
LB_DEFAULT_WORKING_DIRECTORY="${PWD}"
|
||||
|
||||
if [ "$LB_DEBUGGING" ]; then set -v; set -x; fi
|
||||
|
||||
# Make sure we don't get localized results
|
||||
export LC_ALL=C
|
||||
|
||||
# Make sure our generated files cannot be accessed by anyone else.
|
||||
umask 077
|
||||
|
||||
# link-balancer temporary directory.
|
||||
# every instance of link-balancer creates a random directory
|
||||
# within this one.
|
||||
@ -144,156 +123,7 @@ LB_IPV=
|
||||
|
||||
# Load commands link-balancer will need.
|
||||
|
||||
which_cmd() {
|
||||
local name="$1"
|
||||
shift
|
||||
|
||||
if [ "$1" = ":" ]
|
||||
then
|
||||
eval $name=":"
|
||||
return 0
|
||||
fi
|
||||
|
||||
unalias $1 >/dev/null 2>&1
|
||||
local cmd=
|
||||
IFS= read cmd <<-EOF
|
||||
$(which $1 2> /dev/null)
|
||||
EOF
|
||||
|
||||
if [ $? -gt 0 -o ! -x "${cmd}" ]
|
||||
then
|
||||
return 1
|
||||
fi
|
||||
shift
|
||||
|
||||
if [ $# -eq 0 ]
|
||||
then
|
||||
eval $name="'${cmd}'"
|
||||
else
|
||||
eval $name="'${cmd} ${@}'"
|
||||
fi
|
||||
return 0
|
||||
}
|
||||
|
||||
require_cmd() {
|
||||
local var= val= block=1
|
||||
|
||||
if [ "$1" = "-n" ]
|
||||
then
|
||||
block=0
|
||||
shift
|
||||
fi
|
||||
|
||||
var="$1"
|
||||
shift
|
||||
|
||||
eval val=\$\{${var}\}
|
||||
if [ "${val}" ]
|
||||
then
|
||||
local cmd="${val/ */}"
|
||||
if [ ! -x "$cmd" ]
|
||||
then
|
||||
echo >&2
|
||||
if [ $block -eq 0 ]
|
||||
then
|
||||
echo >&2 "WARNING: optional command does not exist or is not executable ($cmd)"
|
||||
echo >&2 "please add or correct $var in firehol-defaults.conf"
|
||||
val=""
|
||||
else
|
||||
echo >&2 "ERROR: required command does not exist or is not executable ($cmd)"
|
||||
echo >&2 "please add or correct $var in firehol-defaults.conf"
|
||||
exit 1
|
||||
fi
|
||||
fi
|
||||
|
||||
# link-balancer calls itself; export our findings so
|
||||
# we do not repeat all of the lookups
|
||||
eval export "$var"
|
||||
return 0
|
||||
elif [ $block -eq 0 ]
|
||||
then
|
||||
eval set -- "$@"
|
||||
for cmd in "$@"
|
||||
do
|
||||
eval "NEED_${var}"="\$NEED_${var}' ${cmd/ */}'"
|
||||
done
|
||||
return 0
|
||||
fi
|
||||
|
||||
if [ $# -eq 0 ]
|
||||
then
|
||||
eval set -- "\$NEED_${var}"
|
||||
fi
|
||||
|
||||
echo >&2
|
||||
echo >&2 "ERROR: LINK-BALANCER REQUIRES ONE OF THESE COMMANDS:"
|
||||
echo >&2
|
||||
echo >&2 " ${@}"
|
||||
echo >&2
|
||||
echo >&2 " You have requested the use of a link-balancer"
|
||||
echo >&2 " feature that requires certain external programs"
|
||||
echo >&2 " to be installed in the running system."
|
||||
echo >&2
|
||||
echo >&2 " Please consult your Linux distribution manual to"
|
||||
echo >&2 " install the package(s) that provide these external"
|
||||
echo >&2 " programs and retry."
|
||||
echo >&2
|
||||
echo >&2 " Note that you need an operational 'which' command"
|
||||
echo >&2 " for link-balancer to find all the external programs it"
|
||||
echo >&2 " needs. Check it yourself. Run:"
|
||||
echo >&2
|
||||
for x in "${@}"
|
||||
do
|
||||
echo >&2 " which $x"
|
||||
done
|
||||
|
||||
exit 1
|
||||
}
|
||||
|
||||
which_all() {
|
||||
local cmd_var="$1"
|
||||
|
||||
eval set -- "$2"
|
||||
for cmd in "$@"
|
||||
do
|
||||
which_cmd $cmd_var $cmd && break
|
||||
done
|
||||
}
|
||||
|
||||
# Where required = Y, if a command is not found, FireHOL will refuse to run.
|
||||
# Where required = N, the command only required when it is actually used
|
||||
#
|
||||
# If a command is specified in /etc/firehol/firehol-defaults.conf it will
|
||||
# be used. Otherwise, if the script has been configured with ./configure
|
||||
# the detected versions will be used. If the script has not been configured
|
||||
# then the list of possible commands is autodetected.
|
||||
while IFS="|" read required cmd_var autoconf possibles
|
||||
do
|
||||
if [ "@AUTOCONF_RUN@" = "Y" ]
|
||||
then
|
||||
case "$autoconf" in
|
||||
"@"*) autoconf=""; ;;
|
||||
esac
|
||||
fi
|
||||
eval set_in_defaults=\"\$$cmd_var\"
|
||||
if [ "$set_in_defaults" ]
|
||||
then
|
||||
:
|
||||
elif [ "@AUTOCONF_RUN@" = "Y" -a ! -z "$autoconf" ]
|
||||
then
|
||||
eval $cmd_var=\"$autoconf\"
|
||||
else
|
||||
dirname="${0%/*}"
|
||||
if [ "$dirname" = "$0" ]; then dirname="."; fi
|
||||
PATH="/bin:/usr/bin:/sbin:/usr/sbin:/usr/local/sbin:$PATH:$dirname" which_all $cmd_var "$possibles"
|
||||
fi
|
||||
if [ "$required" = "Y" ]
|
||||
then
|
||||
require_cmd $cmd_var $possibles
|
||||
else
|
||||
require_cmd -n $cmd_var $possibles
|
||||
fi
|
||||
done <<-!
|
||||
common_load_commands $PROGRAM_FILE @AUTOCONF_RUN@ <<-!
|
||||
Y|IP_CMD|@IP@|ip
|
||||
Y|DIFF_CMD|@DIFF@|diff
|
||||
Y|FLOCK_CMD|@FLOCK@|flock
|
||||
@ -326,42 +156,17 @@ N|WGET_CMD|@WGET@|wget
|
||||
N|SCREEN_CMD|@SCREEN@|screen
|
||||
Y|IPRANGE_CMD|@IPRANGE@|iprange
|
||||
!
|
||||
status=$?
|
||||
test $status -eq 0 || exit $status
|
||||
|
||||
VERSION=$(get_version)
|
||||
VERSION=$(common_get_version '$Id$')
|
||||
|
||||
RUNNING_ON_TERMINAL=0
|
||||
if [ "z$1" = "z-nc" ]
|
||||
then
|
||||
shift
|
||||
elif [ ! -z "$TPUT_CMD" ]
|
||||
then
|
||||
test -t 2 && RUNNING_ON_TERMINAL=1
|
||||
if [ -t 2 -a $[$($TPUT_CMD colors 2>/dev/null)] -ge 8 ]
|
||||
then
|
||||
# Enable colors
|
||||
COLOR_RESET="\e[0m"
|
||||
COLOR_BLACK="\e[30m"
|
||||
COLOR_RED="\e[31m"
|
||||
COLOR_GREEN="\e[32m"
|
||||
COLOR_YELLOW="\e[33m"
|
||||
COLOR_BLUE="\e[34m"
|
||||
COLOR_PURPLE="\e[35m"
|
||||
COLOR_CYAN="\e[36m"
|
||||
COLOR_WHITE="\e[37m"
|
||||
COLOR_BGBLACK="\e[40m"
|
||||
COLOR_BGRED="\e[41m"
|
||||
COLOR_BGGREEN="\e[42m"
|
||||
COLOR_BGYELLOW="\e[43m"
|
||||
COLOR_BGBLUE="\e[44m"
|
||||
COLOR_BGPURPLE="\e[45m"
|
||||
COLOR_BGCYAN="\e[46m"
|
||||
COLOR_BGWHITE="\e[47m"
|
||||
COLOR_BOLD="\e[1m"
|
||||
COLOR_DIM="\e[2m"
|
||||
COLOR_UNDERLINED="\e[4m"
|
||||
COLOR_BLINK="\e[5m"
|
||||
COLOR_INVERTED="\e[7m"
|
||||
fi
|
||||
else
|
||||
common_setup_terminal && RUNNING_ON_TERMINAL=1
|
||||
fi
|
||||
|
||||
# if called with the parameter 'boot', create a new screen that
|
||||
@ -369,7 +174,7 @@ fi
|
||||
if [ "$1" = "boot" ]
|
||||
then
|
||||
shift
|
||||
require_cmd SCREEN_CMD
|
||||
common_require_cmd $PROGRAM_FILE SCREEN_CMD
|
||||
$SCREEN_CMD -S 'link-balancer' -d -m "$0" loop "${@}"
|
||||
exit 0
|
||||
fi
|
||||
@ -1833,10 +1638,10 @@ updated_rules() {
|
||||
# 2. it queries whois for this IP to find its AS.
|
||||
# 3. it queries RIPE to get all the IP address space for this AS.
|
||||
asips() {
|
||||
require_cmd WHOIS_CMD
|
||||
require_cmd JQ_CMD
|
||||
require_cmd HEAD_CMD
|
||||
require_cmd WGET_CMD
|
||||
common_require_cmd $PROGRAM_FILE WHOIS_CMD
|
||||
common_require_cmd $PROGRAM_FILE JQ_CMD
|
||||
common_require_cmd $PROGRAM_FILE HEAD_CMD
|
||||
common_require_cmd $PROGRAM_FILE WGET_CMD
|
||||
|
||||
local ip="${1}"
|
||||
|
||||
|
@ -80,35 +80,32 @@
|
||||
|
||||
# -----------------------------------------------------------------------------
|
||||
|
||||
get_version() {
|
||||
GIT_REF='$Format:%d,commit-%h$'
|
||||
local IFS=":(), "
|
||||
set -- "$GIT_REF"
|
||||
ver='$Id$'
|
||||
for i in $@
|
||||
do
|
||||
case "$i" in
|
||||
*[0-9].[0-9]*)
|
||||
echo "$i" | $SED_CMD -e 's/^v//'
|
||||
return 0
|
||||
;;
|
||||
commit-[0-9a-zA-Z]*)
|
||||
ver="$i"
|
||||
;;
|
||||
esac
|
||||
done
|
||||
echo "$ver"
|
||||
return 0
|
||||
}
|
||||
|
||||
PROGRAM_FILE="${0}"
|
||||
PROGRAM_DIR="${0%/*}"
|
||||
if [ "$PROGRAM_DIR" = "$0" ]; then PROGRAM_DIR="."; fi
|
||||
PROGRAM_PWD="${PWD}"
|
||||
declare -a PROGRAM_ORIGINAL_ARGS=("${@}")
|
||||
|
||||
if [ "@AUTOCONF_RUN@" = "Y" ]
|
||||
then
|
||||
FIREHOL_CONFIG_DIR="@FIREHOL_CONFIG_DIR@"
|
||||
else
|
||||
FIREHOL_CONFIG_DIR="/etc/firehol"
|
||||
fi
|
||||
# Start defaults before configure
|
||||
prefix_POST=/usr
|
||||
sysconfdir_POST=/etc
|
||||
localstatedir_POST=/var
|
||||
libdir_POST=$PROGRAM_DIR
|
||||
# End defaults before configure
|
||||
for functions_file in $libdir_POST/functions.common.sh
|
||||
do
|
||||
if [ -r $functions_file ]
|
||||
then
|
||||
source $functions_file
|
||||
else
|
||||
1>&2 echo "Cannot access $functions_file"
|
||||
exit 1
|
||||
fi
|
||||
done
|
||||
|
||||
FIREHOL_CONFIG_DIR="$sysconfdir_POST/firehol"
|
||||
common_disable_localization || exit
|
||||
common_private_umask || exit
|
||||
|
||||
marksreset() { :; }
|
||||
markdef() { :; }
|
||||
@ -117,165 +114,7 @@ then
|
||||
source "${FIREHOL_CONFIG_DIR}/firehol-defaults.conf" || exit 1
|
||||
fi
|
||||
|
||||
PATH="${PATH}:/sbin:/usr/sbin"
|
||||
|
||||
LC_ALL=C
|
||||
umask 077
|
||||
|
||||
|
||||
# -----------------------------------------------------------------------------
|
||||
# Load commands update-ipsets will need.
|
||||
|
||||
which_cmd() {
|
||||
local name="$1"
|
||||
shift
|
||||
|
||||
if [ "$1" = ":" ]
|
||||
then
|
||||
eval $name=":"
|
||||
return 0
|
||||
fi
|
||||
|
||||
unalias $1 >/dev/null 2>&1
|
||||
local cmd=
|
||||
IFS= read cmd <<-EOF
|
||||
$(which $1 2> /dev/null)
|
||||
EOF
|
||||
|
||||
if [ $? -gt 0 -o ! -x "${cmd}" ]
|
||||
then
|
||||
return 1
|
||||
fi
|
||||
shift
|
||||
|
||||
if [ $# -eq 0 ]
|
||||
then
|
||||
eval $name="'${cmd}'"
|
||||
else
|
||||
eval $name="'${cmd} ${@}'"
|
||||
fi
|
||||
return 0
|
||||
}
|
||||
|
||||
require_cmd() {
|
||||
local var= val= block=1
|
||||
|
||||
if [ "$1" = "-n" ]
|
||||
then
|
||||
block=0
|
||||
shift
|
||||
fi
|
||||
|
||||
var="$1"
|
||||
shift
|
||||
|
||||
eval val=\$\{${var}\}
|
||||
if [ "${val}" ]
|
||||
then
|
||||
local cmd="${val/ */}"
|
||||
if [ ! -x "$cmd" ]
|
||||
then
|
||||
echo >&2
|
||||
if [ $block -eq 0 ]
|
||||
then
|
||||
echo >&2 "WARNING: optional command does not exist or is not executable ($cmd)"
|
||||
echo >&2 "please add or correct $var in firehol-defaults.conf"
|
||||
val=""
|
||||
else
|
||||
echo >&2 "ERROR: required command does not exist or is not executable ($cmd)"
|
||||
echo >&2 "please add or correct $var in firehol-defaults.conf"
|
||||
exit 1
|
||||
fi
|
||||
fi
|
||||
|
||||
# link-balancer calls itself; export our findings so
|
||||
# we do not repeat all of the lookups
|
||||
eval export "$var"
|
||||
return 0
|
||||
elif [ $block -eq 0 ]
|
||||
then
|
||||
eval set -- "$@"
|
||||
for cmd in "$@"
|
||||
do
|
||||
eval "NEED_${var}"="\$NEED_${var}' ${cmd/ */}'"
|
||||
done
|
||||
return 0
|
||||
fi
|
||||
|
||||
if [ $# -eq 0 ]
|
||||
then
|
||||
eval set -- "\$NEED_${var}"
|
||||
fi
|
||||
|
||||
echo >&2
|
||||
echo >&2 "ERROR: UPDATE-IPSETS REQUIRES ONE OF THESE COMMANDS:"
|
||||
echo >&2
|
||||
echo >&2 " ${@}"
|
||||
echo >&2
|
||||
echo >&2 " You have requested the use of a update-ipsets"
|
||||
echo >&2 " feature that requires certain external programs"
|
||||
echo >&2 " to be installed in the running system."
|
||||
echo >&2
|
||||
echo >&2 " Please consult your Linux distribution manual to"
|
||||
echo >&2 " install the package(s) that provide these external"
|
||||
echo >&2 " programs and retry."
|
||||
echo >&2
|
||||
echo >&2 " Note that you need an operational 'which' command"
|
||||
echo >&2 " for update-ipsets to find all the external programs it"
|
||||
echo >&2 " needs. Check it yourself. Run:"
|
||||
echo >&2
|
||||
for x in "${@}"
|
||||
do
|
||||
echo >&2 " which $x"
|
||||
done
|
||||
|
||||
exit 1
|
||||
}
|
||||
|
||||
which_all() {
|
||||
local cmd_var="$1"
|
||||
|
||||
eval set -- "$2"
|
||||
for cmd in "$@"
|
||||
do
|
||||
which_cmd $cmd_var $cmd && break
|
||||
done
|
||||
}
|
||||
|
||||
# Where required = Y, if a command is not found, FireHOL will refuse to run.
|
||||
# Where required = N, the command only required when it is actually used
|
||||
#
|
||||
# If a command is specified in /etc/firehol/firehol-defaults.conf it will
|
||||
# be used. Otherwise, if the script has been configured with ./configure
|
||||
# the detected versions will be used. If the script has not been configured
|
||||
# then the list of possible commands is autodetected.
|
||||
while IFS="|" read required cmd_var autoconf possibles
|
||||
do
|
||||
if [ "@AUTOCONF_RUN@" = "Y" ]
|
||||
then
|
||||
case "$autoconf" in
|
||||
"@"*) autoconf=""; ;;
|
||||
esac
|
||||
fi
|
||||
eval set_in_defaults=\"\$$cmd_var\"
|
||||
if [ "$set_in_defaults" ]
|
||||
then
|
||||
:
|
||||
elif [ "@AUTOCONF_RUN@" = "Y" -a ! -z "$autoconf" ]
|
||||
then
|
||||
eval $cmd_var=\"$autoconf\"
|
||||
else
|
||||
dirname="${0%/*}"
|
||||
if [ "$dirname" = "$0" ]; then dirname="."; fi
|
||||
PATH="/bin:/usr/bin:/sbin:/usr/sbin:$PATH:$dirname" which_all $cmd_var "$possibles"
|
||||
fi
|
||||
if [ "$required" = "Y" ]
|
||||
then
|
||||
require_cmd $cmd_var $possibles
|
||||
else
|
||||
require_cmd -n $cmd_var $possibles
|
||||
fi
|
||||
done <<-!
|
||||
common_load_commands $PROGRAM_FILE @AUTOCONF_RUN@ <<-!
|
||||
Y|IPRANGE_CMD|@IPRANGE@|iprange
|
||||
Y|DIRNAME_CMD|@DIRNAME@|dirname
|
||||
Y|TAIL_CMD|@TAIL@|tail
|
||||
@ -314,47 +153,17 @@ N|UNZIP_CMD|@UNZIP@|unzip
|
||||
N|FUNZIP_CMD|@FUNZIP@|funzip
|
||||
N|GIT_CMD|@GIT@|git
|
||||
!
|
||||
status=$?
|
||||
test $status -eq 0 || exit $status
|
||||
|
||||
VERSION=$(get_version)
|
||||
PROGRAM_PWD="${PWD}"
|
||||
PROGRAM_DIR="`$DIRNAME_CMD ${0}`"
|
||||
|
||||
# -----------------------------------------------------------------------------
|
||||
# terminal
|
||||
VERSION=$(common_get_version '$Id$')
|
||||
|
||||
RUNNING_ON_TERMINAL=0
|
||||
if [ "z$1" = "z-nc" ]
|
||||
then
|
||||
shift
|
||||
elif [ ! -z "$TPUT_CMD" ]
|
||||
then
|
||||
test -t 2 && RUNNING_ON_TERMINAL=1
|
||||
if [ -t 2 -a $[$($TPUT_CMD colors 2>/dev/null)] -ge 8 ]
|
||||
then
|
||||
# Enable colors
|
||||
COLOR_RESET="\e[0m"
|
||||
COLOR_BLACK="\e[30m"
|
||||
COLOR_RED="\e[31m"
|
||||
COLOR_GREEN="\e[32m"
|
||||
COLOR_YELLOW="\e[33m"
|
||||
COLOR_BLUE="\e[34m"
|
||||
COLOR_PURPLE="\e[35m"
|
||||
COLOR_CYAN="\e[36m"
|
||||
COLOR_WHITE="\e[37m"
|
||||
COLOR_BGBLACK="\e[40m"
|
||||
COLOR_BGRED="\e[41m"
|
||||
COLOR_BGGREEN="\e[42m"
|
||||
COLOR_BGYELLOW="\e[43m"
|
||||
COLOR_BGBLUE="\e[44m"
|
||||
COLOR_BGPURPLE="\e[45m"
|
||||
COLOR_BGCYAN="\e[46m"
|
||||
COLOR_BGWHITE="\e[47m"
|
||||
COLOR_BOLD="\e[1m"
|
||||
COLOR_DIM="\e[2m"
|
||||
COLOR_UNDERLINED="\e[4m"
|
||||
COLOR_BLINK="\e[5m"
|
||||
COLOR_INVERTED="\e[7m"
|
||||
fi
|
||||
else
|
||||
common_setup_terminal && RUNNING_ON_TERMINAL=1
|
||||
fi
|
||||
|
||||
$RENICE_CMD 10 $$ >/dev/null 2>/dev/null
|
||||
|
@ -25,37 +25,31 @@
|
||||
# See the file COPYING for details.
|
||||
#
|
||||
|
||||
# make sure sbin is included in the path
|
||||
# it seems that pppd ip-up.d script need this
|
||||
export PATH="$PATH:/sbin:/usr/sbin:/usr/local/sbin"
|
||||
PROGRAM_FILE="${0}"
|
||||
PROGRAM_DIR="${0%/*}"
|
||||
if [ "$PROGRAM_DIR" = "$0" ]; then PROGRAM_DIR="."; fi
|
||||
PROGRAM_PWD="${PWD}"
|
||||
declare -a PROGRAM_ORIGINAL_ARGS=("${@}")
|
||||
|
||||
get_version() {
|
||||
GIT_REF='$Format:%d,commit-%h$'
|
||||
local IFS=":(), "
|
||||
set -- "$GIT_REF"
|
||||
ver='$Id$'
|
||||
for i in $@
|
||||
do
|
||||
case "$i" in
|
||||
*[0-9].[0-9]*)
|
||||
echo "$i" | $SED_CMD -e 's/^v//'
|
||||
return 0
|
||||
;;
|
||||
commit-[0-9a-zA-Z]*)
|
||||
ver="$i"
|
||||
;;
|
||||
esac
|
||||
done
|
||||
echo "$ver"
|
||||
return 0
|
||||
}
|
||||
# Start defaults before configure
|
||||
prefix_POST=/usr
|
||||
sysconfdir_POST=/etc
|
||||
localstatedir_POST=/var
|
||||
libdir_POST=$PROGRAM_DIR
|
||||
# End defaults before configure
|
||||
for functions_file in $libdir_POST/functions.common.sh
|
||||
do
|
||||
if [ -r $functions_file ]
|
||||
then
|
||||
source $functions_file
|
||||
else
|
||||
1>&2 echo "Cannot access $functions_file"
|
||||
exit 1
|
||||
fi
|
||||
done
|
||||
|
||||
if [ "@AUTOCONF_RUN@" = "Y" ]
|
||||
then
|
||||
FIREHOL_CONFIG_DIR="@FIREHOL_CONFIG_DIR@"
|
||||
else
|
||||
FIREHOL_CONFIG_DIR="/etc/firehol"
|
||||
fi
|
||||
FIREHOL_CONFIG_DIR="$sysconfdir_POST/firehol"
|
||||
common_disable_localization || exit
|
||||
|
||||
marksreset() { :; }
|
||||
markdef() { :; }
|
||||
@ -64,158 +58,7 @@ then
|
||||
source "${FIREHOL_CONFIG_DIR}/firehol-defaults.conf" || exit 1
|
||||
fi
|
||||
|
||||
# Load commands vnetbuild will need.
|
||||
|
||||
which_cmd() {
|
||||
local name="$1"
|
||||
shift
|
||||
|
||||
if [ "$1" = ":" ]
|
||||
then
|
||||
eval $name=":"
|
||||
return 0
|
||||
fi
|
||||
|
||||
unalias $1 >/dev/null 2>&1
|
||||
local cmd=
|
||||
IFS= read cmd <<-EOF
|
||||
$(which $1 2> /dev/null)
|
||||
EOF
|
||||
|
||||
if [ $? -gt 0 -o ! -x "${cmd}" ]
|
||||
then
|
||||
return 1
|
||||
fi
|
||||
shift
|
||||
|
||||
if [ $# -eq 0 ]
|
||||
then
|
||||
eval $name="'${cmd}'"
|
||||
else
|
||||
eval $name="'${cmd} ${@}'"
|
||||
fi
|
||||
return 0
|
||||
}
|
||||
|
||||
require_cmd() {
|
||||
local var= val= block=1
|
||||
|
||||
if [ "$1" = "-n" ]
|
||||
then
|
||||
block=0
|
||||
shift
|
||||
fi
|
||||
|
||||
var="$1"
|
||||
shift
|
||||
|
||||
eval val=\$\{${var}\}
|
||||
if [ "${val}" ]
|
||||
then
|
||||
local cmd="${val/ */}"
|
||||
if [ ! -x "$cmd" ]
|
||||
then
|
||||
echo >&2
|
||||
if [ $block -eq 0 ]
|
||||
then
|
||||
echo >&2 "WARNING: optional command does not exist or is not executable ($cmd)"
|
||||
echo >&2 "please add or correct $var in firehol-defaults.conf"
|
||||
val=""
|
||||
else
|
||||
echo >&2 "ERROR: required command does not exist or is not executable ($cmd)"
|
||||
echo >&2 "please add or correct $var in firehol-defaults.conf"
|
||||
exit 1
|
||||
fi
|
||||
fi
|
||||
|
||||
# link-balancer calls itself; export our findings so
|
||||
# we do not repeat all of the lookups
|
||||
eval export "$var"
|
||||
return 0
|
||||
elif [ $block -eq 0 ]
|
||||
then
|
||||
eval set -- "$@"
|
||||
for cmd in "$@"
|
||||
do
|
||||
eval "NEED_${var}"="\$NEED_${var}' ${cmd/ */}'"
|
||||
done
|
||||
return 0
|
||||
fi
|
||||
|
||||
if [ $# -eq 0 ]
|
||||
then
|
||||
eval set -- "\$NEED_${var}"
|
||||
fi
|
||||
|
||||
echo >&2
|
||||
echo >&2 "ERROR: LINK-BALANCER REQUIRES ONE OF THESE COMMANDS:"
|
||||
echo >&2
|
||||
echo >&2 " ${@}"
|
||||
echo >&2
|
||||
echo >&2 " You have requested the use of a link-balancer"
|
||||
echo >&2 " feature that requires certain external programs"
|
||||
echo >&2 " to be installed in the running system."
|
||||
echo >&2
|
||||
echo >&2 " Please consult your Linux distribution manual to"
|
||||
echo >&2 " install the package(s) that provide these external"
|
||||
echo >&2 " programs and retry."
|
||||
echo >&2
|
||||
echo >&2 " Note that you need an operational 'which' command"
|
||||
echo >&2 " for link-balancer to find all the external programs it"
|
||||
echo >&2 " needs. Check it yourself. Run:"
|
||||
echo >&2
|
||||
for x in "${@}"
|
||||
do
|
||||
echo >&2 " which $x"
|
||||
done
|
||||
|
||||
exit 1
|
||||
}
|
||||
|
||||
which_all() {
|
||||
local cmd_var="$1"
|
||||
|
||||
eval set -- "$2"
|
||||
for cmd in "$@"
|
||||
do
|
||||
which_cmd $cmd_var $cmd && break
|
||||
done
|
||||
}
|
||||
|
||||
# Where required = Y, if a command is not found, FireHOL will refuse to run.
|
||||
# Where required = N, the command only required when it is actually used
|
||||
#
|
||||
# If a command is specified in /etc/firehol/firehol-defaults.conf it will
|
||||
# be used. Otherwise, if the script has been configured with ./configure
|
||||
# the detected versions will be used. If the script has not been configured
|
||||
# then the list of possible commands is autodetected.
|
||||
while IFS="|" read required cmd_var autoconf possibles
|
||||
do
|
||||
if [ "@AUTOCONF_RUN@" = "Y" ]
|
||||
then
|
||||
case "$autoconf" in
|
||||
"@"*) autoconf=""; ;;
|
||||
esac
|
||||
fi
|
||||
eval set_in_defaults=\"\$$cmd_var\"
|
||||
if [ "$set_in_defaults" ]
|
||||
then
|
||||
:
|
||||
elif [ "@AUTOCONF_RUN@" = "Y" -a ! -z "$autoconf" ]
|
||||
then
|
||||
eval $cmd_var=\"$autoconf\"
|
||||
else
|
||||
dirname="${0%/*}"
|
||||
if [ "$dirname" = "$0" ]; then dirname="."; fi
|
||||
PATH="/bin:/usr/bin:/sbin:/usr/sbin:$PATH:$dirname" which_all $cmd_var "$possibles"
|
||||
fi
|
||||
if [ "$required" = "Y" ]
|
||||
then
|
||||
require_cmd $cmd_var $possibles
|
||||
else
|
||||
require_cmd -n $cmd_var $possibles
|
||||
fi
|
||||
done <<-!
|
||||
common_load_commands $PROGRAM_FILE @AUTOCONF_RUN@ <<-!
|
||||
Y|IP_CMD|@IP@|ip
|
||||
Y|BRIDGE_CMD|@BRIDGE@|bridge
|
||||
Y|GREP_CMD|@GREP@|grep
|
||||
@ -231,23 +74,10 @@ Y|RM_CMD|@RM@|rm
|
||||
Y|MKTEMP_CMD|@MKTEMP@|mktemp
|
||||
N|NEATO_CMD|@NEATO@|neato
|
||||
!
|
||||
status=$?
|
||||
test $status -eq 0 || exit $status
|
||||
|
||||
VERSION=$(get_version)
|
||||
|
||||
emit_version() {
|
||||
$CAT_CMD <<EOF
|
||||
FireHOL vnetbuild $VERSION
|
||||
(C) Copyright 2015 Phil Whineray <phil@firehol.org>
|
||||
(C) Copyright 2015 Costa Tsaousis <costa@tsaousis.gr>
|
||||
FireHOL is distributed under the GPL v2+.
|
||||
Home Page: http://firehol.org
|
||||
|
||||
-------------------------------------------------------------------------
|
||||
Get notified of new FireHOL releases by subscribing to the mailing list:
|
||||
http://lists.firehol.org/mailman/listinfo/firehol-support/
|
||||
-------------------------------------------------------------------------
|
||||
EOF
|
||||
}
|
||||
VERSION=$(common_get_version '$Id$')
|
||||
|
||||
needroot=Y
|
||||
haderror=""
|
||||
@ -269,7 +99,7 @@ case "$mode" in
|
||||
:
|
||||
;;
|
||||
graphviz)
|
||||
require_cmd NEATO_CMD
|
||||
common_require_cmd $PROGRAM_FILE NEATO_CMD
|
||||
needroot=
|
||||
case "$outfile" in
|
||||
*.gv|"")
|
||||
@ -302,7 +132,18 @@ esac
|
||||
|
||||
if [ "$mode" = "" ]
|
||||
then
|
||||
emit_version
|
||||
$CAT_CMD <<-EOF
|
||||
FireHOL vnetbuild $VERSION
|
||||
(C) Copyright 2015 Phil Whineray <phil@firehol.org>
|
||||
(C) Copyright 2015 Costa Tsaousis <costa@tsaousis.gr>
|
||||
FireHOL is distributed under the GPL v2+.
|
||||
Home Page: http://firehol.org
|
||||
|
||||
------------------------------------------------------------------------
|
||||
Get notified of new FireHOL releases by subscribing to the mailing list:
|
||||
http://lists.firehol.org/mailman/listinfo/firehol-support/
|
||||
------------------------------------------------------------------------
|
||||
EOF
|
||||
fi
|
||||
|
||||
if [ "$needroot" -a "${UID}" != "0" ]
|
||||
|
@ -1,5 +1,6 @@
|
||||
#!/bin/sh
|
||||
|
||||
export SSH_CLIENT=
|
||||
$kcov $script panic
|
||||
status=$?
|
||||
if [ $status -eq 1 ]
|
||||
|
Loading…
Reference in New Issue
Block a user