diff options
Diffstat (limited to 'net-firewall/shorewall/files/4.6/shorewall.initd')
| -rw-r--r-- | net-firewall/shorewall/files/4.6/shorewall.initd | 99 |
1 files changed, 99 insertions, 0 deletions
diff --git a/net-firewall/shorewall/files/4.6/shorewall.initd b/net-firewall/shorewall/files/4.6/shorewall.initd new file mode 100644 index 000000000000..76d7741a1ecd --- /dev/null +++ b/net-firewall/shorewall/files/4.6/shorewall.initd @@ -0,0 +1,99 @@ +#!/sbin/runscript +# Copyright 1999-2015 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +description='The Shoreline Firewall, more commonly known as "Shorewall", is' +description="${description} a high-level tool for configuring Netfilter." + +extra_commands="check clear" +extra_started_commands="refresh reset" + +description_check="Checks if the configuration will compile or not." + +description_clear="Clear will remove all rules and chains installed by" +description_clear="${description_clear} Shorewall. The firewall is then" +description_clear="${description_clear} wide open and unprotected." + +description_refresh="The mangle table will be refreshed along with the" +description_refresh="${description_refresh} blacklist chain (if any)." + +description_reset="All the packet and byte counters in the firewall are reset." + +command="/usr/sbin/shorewall" + +depend() { + need net + provide firewall + after ulogd +} + +status() { + local _retval + ${command} status 1>/dev/null + _retval=$? + if [ ${_retval} = '0' ]; then + einfo 'status: started' + mark_service_started "${SVCNAME}" + return 0 + else + einfo 'status: stopped' + mark_service_stopped "${SVCNAME}" + return 3 + fi +} + +start() { + ebegin "Starting shorewall" + ${command} ${OPTIONS} start ${STARTOPTIONS} 1>/dev/null + eend $? +} + +stop() { + ebegin "Stopping shorewall" + ${command} ${OPTIONS} stop ${STOPOPTIONS} 1>/dev/null + eend $? +} + +restart() { + ebegin "Restarting shorewall" + ${command} status 1>/dev/null + if [ $? != 0 ] ; then + svc_start + else + ${command} ${OPTIONS} restart ${RESTARTOPTIONS} 1>/dev/null + fi + eend $? +} + +clear() { + ebegin "Clearing all shorewall rules and setting policy to ACCEPT" + ${command} ${OPTIONS} clear 1>/dev/null + eend $? +} + +reset() { + ebegin "Resetting the packet and byte counters in shorewall" + ${command} ${OPTIONS} reset 1>/dev/null + eend $? +} + +refresh() { + # refresh the rules involving the broadcast addresses of firewall + # interfaces, the black list, traffic control rules and + # ECN control rules + + ebegin "Refreshing shorewall rules" + ${command} ${OPTIONS} refresh 1>/dev/null + eend $? +} + +check() { + # perform cursory validation of the zones, interfaces, hosts, rules + # and policy files. CAUTION: does not parse and validate the generated + # iptables commands. + + ebegin "Checking shorewall configuration" + ${command} ${OPTIONS} check 1>/dev/null + eend $? +} |