firewall: Move scripts from /var/ipfire/firewall/bin to /usr/lib/firewall.
authorMichael Tremer <michael.tremer@ipfire.org>
Tue, 28 Jan 2014 19:48:24 +0000 (20:48 +0100)
committerMichael Tremer <michael.tremer@ipfire.org>
Tue, 28 Jan 2014 19:48:24 +0000 (20:48 +0100)
config/firewall/rules.pl
config/rootfiles/common/configroot
config/rootfiles/common/stage2
lfs/configroot
lfs/stage2
src/misc-progs/firewallctrl.c

index f26ae5f..4380764 100755 (executable)
@@ -45,7 +45,7 @@ my @DPROT=();
 my @p2ps=();
 require '/var/ipfire/general-functions.pl';
 require "${General::swroot}/lang.pl";
 my @p2ps=();
 require '/var/ipfire/general-functions.pl';
 require "${General::swroot}/lang.pl";
-require "${General::swroot}/firewall/bin/firewall-lib.pl";
+require "/usr/lib/firewall/firewall-lib.pl";
 
 my $configfwdfw                = "${General::swroot}/firewall/config";
 my $configinput            = "${General::swroot}/firewall/input";
 
 my $configfwdfw                = "${General::swroot}/firewall/config";
 my $configinput            = "${General::swroot}/firewall/input";
index b1097cd..f509370 100644 (file)
@@ -50,9 +50,6 @@ var/ipfire/extrahd
 #var/ipfire/extrahd/scan
 #var/ipfire/extrahd/settings
 var/ipfire/firewall
 #var/ipfire/extrahd/scan
 #var/ipfire/extrahd/settings
 var/ipfire/firewall
-#var/ipfire/firewall/bin
-#var/ipfire/firewall/bin/firewall-lib.pl
-#var/ipfire/firewall/bin/rules.pl
 #var/ipfire/firewall/config
 #var/ipfire/firewall/dmz
 #var/ipfire/firewall/input
 #var/ipfire/firewall/config
 #var/ipfire/firewall/dmz
 #var/ipfire/firewall/input
index 4286cec..a796624 100644 (file)
@@ -66,6 +66,9 @@ root/ipfire
 #usr/bin/perl
 #usr/include
 #usr/lib
 #usr/bin/perl
 #usr/include
 #usr/lib
+usr/lib/firewall
+usr/lib/firewall/firewall-lib.pl
+usr/lib/firewall/rules.pl
 #usr/lib/libgcc_s.so
 usr/lib/libgcc_s.so.1
 #usr/lib/libstdc++.la
 #usr/lib/libgcc_s.so
 usr/lib/libgcc_s.so.1
 #usr/lib/libstdc++.la
index 98e7af3..8250a77 100644 (file)
@@ -51,7 +51,7 @@ $(TARGET) :
 
        # Create all directories
        for i in addon-lang auth backup ca certs connscheduler crls ddns dhcp dhcpc dns dnsforward \
 
        # Create all directories
        for i in addon-lang auth backup ca certs connscheduler crls ddns dhcp dhcpc dns dnsforward \
-                       ethernet extrahd/bin fwlogs fwhosts firewall firewall/bin isdn key langs logging mac main \
+                       ethernet extrahd/bin fwlogs fwhosts firewall isdn key langs logging mac main \
                        menu.d modem net-traffic net-traffic/templates nfs optionsfw \
                        ovpn patches pakfire portfw ppp private proxy/advanced/cre \
                        proxy/calamaris/bin qos/bin red remote sensors snort time tripwire/report \
                        menu.d modem net-traffic net-traffic/templates nfs optionsfw \
                        ovpn patches pakfire portfw ppp private proxy/advanced/cre \
                        proxy/calamaris/bin qos/bin red remote sensors snort time tripwire/report \
@@ -99,13 +99,11 @@ $(TARGET) :
        cp $(DIR_SRC)/config/cfgroot/useragents                 $(CONFIG_ROOT)/proxy/advanced
        cp $(DIR_SRC)/config/cfgroot/ethernet-vlans             $(CONFIG_ROOT)/ethernet/vlans
        cp $(DIR_SRC)/langs/list                                                $(CONFIG_ROOT)/langs/
        cp $(DIR_SRC)/config/cfgroot/useragents                 $(CONFIG_ROOT)/proxy/advanced
        cp $(DIR_SRC)/config/cfgroot/ethernet-vlans             $(CONFIG_ROOT)/ethernet/vlans
        cp $(DIR_SRC)/langs/list                                                $(CONFIG_ROOT)/langs/
-       cp $(DIR_SRC)/config/firewall/rules.pl                  $(CONFIG_ROOT)/firewall/bin/rules.pl
        cp $(DIR_SRC)/config/firewall/convert-xtaccess  /usr/sbin/convert-xtaccess
        cp $(DIR_SRC)/config/firewall/convert-outgoingfw        /usr/sbin/convert-outgoingfw
        cp $(DIR_SRC)/config/firewall/convert-dmz       /usr/sbin/convert-dmz
        cp $(DIR_SRC)/config/firewall/convert-portfw    /usr/sbin/convert-portfw
        cp $(DIR_SRC)/config/firewall/p2protocols               $(CONFIG_ROOT)/firewall/p2protocols
        cp $(DIR_SRC)/config/firewall/convert-xtaccess  /usr/sbin/convert-xtaccess
        cp $(DIR_SRC)/config/firewall/convert-outgoingfw        /usr/sbin/convert-outgoingfw
        cp $(DIR_SRC)/config/firewall/convert-dmz       /usr/sbin/convert-dmz
        cp $(DIR_SRC)/config/firewall/convert-portfw    /usr/sbin/convert-portfw
        cp $(DIR_SRC)/config/firewall/p2protocols               $(CONFIG_ROOT)/firewall/p2protocols
-       cp $(DIR_SRC)/config/firewall/firewall-lib.pl   $(CONFIG_ROOT)/firewall/bin/firewall-lib.pl
        cp $(DIR_SRC)/config/firewall/firewall-policy   /usr/sbin/firewall-policy
        cp $(DIR_SRC)/config/fwhosts/icmp-types                 $(CONFIG_ROOT)/fwhosts/icmp-types
        cp $(DIR_SRC)/config/fwhosts/customservices             $(CONFIG_ROOT)/fwhosts/customservices
        cp $(DIR_SRC)/config/firewall/firewall-policy   /usr/sbin/firewall-policy
        cp $(DIR_SRC)/config/fwhosts/icmp-types                 $(CONFIG_ROOT)/fwhosts/icmp-types
        cp $(DIR_SRC)/config/fwhosts/customservices             $(CONFIG_ROOT)/fwhosts/customservices
@@ -132,13 +130,10 @@ $(TARGET) :
        echo  "DROPWIRELESSFORWARD=on"  >> $(CONFIG_ROOT)/optionsfw/settings
        echo  "POLICY=MODE2"            >> $(CONFIG_ROOT)/firewall/settings
        echo  "POLICY1=MODE2"           >> $(CONFIG_ROOT)/firewall/settings
        echo  "DROPWIRELESSFORWARD=on"  >> $(CONFIG_ROOT)/optionsfw/settings
        echo  "POLICY=MODE2"            >> $(CONFIG_ROOT)/firewall/settings
        echo  "POLICY1=MODE2"           >> $(CONFIG_ROOT)/firewall/settings
-       
-       # set rules.pl executable
-       chmod 755 $(CONFIG_ROOT)/firewall/bin/rules.pl
-               
+
        # set converters executable
        chmod 755 /usr/sbin/convert-*
        # set converters executable
        chmod 755 /usr/sbin/convert-*
-       
+
        # Modify variables in header.pl
        sed -i -e "s+CONFIG_ROOT+$(CONFIG_ROOT)+g" \
            -e "s+VERSION+$(VERSION)+g" \
        # Modify variables in header.pl
        sed -i -e "s+CONFIG_ROOT+$(CONFIG_ROOT)+g" \
            -e "s+VERSION+$(VERSION)+g" \
index 3d64f68..956f589 100644 (file)
@@ -101,6 +101,13 @@ $(TARGET) :
        # Move script to correct place.
        mv -vf /usr/local/bin/ovpn-ccd-convert /usr/sbin/
 
        # Move script to correct place.
        mv -vf /usr/local/bin/ovpn-ccd-convert /usr/sbin/
 
+       # Install firewall scripts.
+       mkdir -pv /usr/lib/firewall
+       install -m 755 $(DIR_SRC)/config/firewall/rules.pl \
+               /usr/lib/firewall/rules.pl
+       install -m 644 $(DIR_SRC)/config/firewall/firewall-lib.pl \
+               /usr/lib/firewall/firewall-lib.pl
+
        # Nobody user
        -mkdir -p /home/nobody
        chown -R nobody:nobody /home/nobody
        # Nobody user
        -mkdir -p /home/nobody
        chown -R nobody:nobody /home/nobody
index 97de271..0f17659 100644 (file)
@@ -13,7 +13,7 @@ int main(int argc, char *argv[]) {
        if (!(initsetuid()))
                exit(1);
 
        if (!(initsetuid()))
                exit(1);
 
-       int retval = safe_system("/var/ipfire/firewall/bin/rules.pl");
+       int retval = safe_system("/usr/lib/firewall/rules.pl");
 
        /* If rules.pl has been successfully executed, the indicator
         * file is removed. */
 
        /* If rules.pl has been successfully executed, the indicator
         * file is removed. */