From: Michael Tremer <michael.tremer@ipfire.org>
Date: Tue, 28 Jan 2014 19:49:32 +0000 (+0100)
Subject: Merge remote-tracking branch 'stevee/core-76-update' into next
X-Git-Url: http://git.ipfire.org/?p=people%2Fteissler%2Fipfire-2.x.git;a=commitdiff_plain;h=7ab6a8536cb653b8c096ac67b87eaa3ddf228e12;hp=73372ed4e6b573c4a1078b771df4f6623fc79927

Merge remote-tracking branch 'stevee/core-76-update' into next
---

diff --git a/config/rootfiles/core/76/filelists/firewall b/config/rootfiles/core/76/filelists/firewall
index 3edde8eb3..0d6a2ee7d 100644
--- a/config/rootfiles/core/76/filelists/firewall
+++ b/config/rootfiles/core/76/filelists/firewall
@@ -9,19 +9,19 @@ usr/sbin/convert-outgoingfw
 usr/sbin/convert-portfw
 usr/sbin/convert-xtaccess
 usr/sbin/firewall-policy
-var/ipfire/firewall
+#var/ipfire/firewall
 var/ipfire/firewall/bin/firewall-lib.pl
 var/ipfire/firewall/bin/rules.pl
-var/ipfire/firewall/config
-var/ipfire/firewall/input
-var/ipfire/firewall/outgoing
-var/ipfire/firewall/p2protocols
-var/ipfire/firewall/settings
-var/ipfire/fwhosts
-var/ipfire/fwhosts/customhosts
-var/ipfire/fwhosts/customnetworks
-var/ipfire/fwhosts/customgroups
-var/ipfire/fwhosts/customservices
-var/ipfire/fwhosts/customservicegrp
+#var/ipfire/firewall/config
+#var/ipfire/firewall/input
+#var/ipfire/firewall/outgoing
+#var/ipfire/firewall/p2protocols
+#var/ipfire/firewall/settings
+#var/ipfire/fwhosts
+#var/ipfire/fwhosts/customhosts
+#var/ipfire/fwhosts/customnetworks
+#var/ipfire/fwhosts/customgroups
+#var/ipfire/fwhosts/customservices
+#var/ipfire/fwhosts/customservicegrp
 var/ipfire/fwhosts/icmp-types
 var/ipfire/menu.d/50-firewall.menu
diff --git a/config/rootfiles/core/76/update.sh b/config/rootfiles/core/76/update.sh
index a8f726a6b..1f7bcfa57 100644
--- a/config/rootfiles/core/76/update.sh
+++ b/config/rootfiles/core/76/update.sh
@@ -192,6 +192,10 @@ fi
 
 ln -svf ../run /var/run
 
+# Creating directories for new firewall.
+mkdir -p /var/ipfire/firewall
+mkdir -p /var/ipfire/fwhosts
+
 #
 #Extract files
 tar xavf /opt/pakfire/tmp/files* --no-overwrite-dir -p --numeric-owner -C /
@@ -253,6 +257,22 @@ rm -f /srv/web/ipfire/cgi-bin/{dmzholes,outgoingfw,portfw,xtaccess}.cgi
 /sbin/iptables -t nat -N NAT_SOURCE 2>/dev/null
 /sbin/iptables -t nat -N NAT_DESTINATION 2>/dev/null
 
+# Create config files for firewall and fix permissions.
+touch /var/ipfire/firewall/config
+touch /var/ipfire/firewall/input
+touch /var/ipfire/firewall/outgoing
+touch /var/ipfire/firewall/p2protocols
+touch /var/ipfire/firewall/settings
+touch /var/ipfire/fwhosts/customhosts
+touch /var/ipfire/fwhosts/customnetworks
+touch /var/ipfire/fwhosts/customgroups
+touch /var/ipfire/fwhosts/customservices
+touch /var/ipfire/fwhosts/customservicegrp
+
+# Fix ownership.
+chown -R nobody:nobody /var/ipfire/firewall
+chown -R nobody:nobody /var/ipfire/fwhosts
+
 # Convert firewall configuration
 /usr/sbin/convert-xtaccess
 /usr/sbin/convert-outgoingfw