firewall: Re-unity firewall6/4 configuration again.

diff --git a/Makefile b/Makefile
index 0111ad1b731814d8254914d93126117e9eeb6d75..ff79ad8c48e9dfc0e9bcd7d97637b1841df771b2 100644 (file)
--- a/Makefile
+++ b/Makefile
@@ -104,6 +104,7 @@ install: $(MAN_PAGES)
        -mkdir -pv $(DESTDIR)$(tmpfilesdir)
        -mkdir -pv $(DESTDIR)$(datadir)/firewall
 
+       install -m 755 -v firewall-config $(DESTDIR)$(sbindir)
        install -m 755 -v firewall6 $(DESTDIR)$(sbindir)
        install -m 755 -v firewall4 $(DESTDIR)$(sbindir)
        install -m 755 -v network $(DESTDIR)$(sbindir)

diff --git a/firewall-config b/firewall-config
new file mode 100755 (executable)
index 0000000..d8d8d4f
--- /dev/null
+++ b/firewall-config
@@ -0,0 +1,29 @@
+#!/bin/bash
+###############################################################################
+#                                                                             #
+# IPFire.org - A linux based firewall                                         #
+# Copyright (C) 2012  IPFire Network Development Team                         #
+#                                                                             #
+# This program is free software: you can redistribute it and/or modify        #
+# it under the terms of the GNU General Public License as published by        #
+# the Free Software Foundation, either version 3 of the License, or           #
+# (at your option) any later version.                                         #
+#                                                                             #
+# This program is distributed in the hope that it will be useful,             #
+# but WITHOUT ANY WARRANTY; without even the implied warranty of              #
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the               #
+# GNU General Public License for more details.                                #
+#                                                                             #
+# You should have received a copy of the GNU General Public License           #
+# along with this program.  If not, see <http://www.gnu.org/licenses/>.       #
+#                                                                             #
+###############################################################################
+
+. /usr/lib/network/functions
+
+# Read firewall configuration.
+firewall_config_read
+
+firewall_cli_config "$@"
+
+exit ${EXIT_ERROR}

diff --git a/firewall4 b/firewall4
index 68fa8aeafad3f421935c7bd65b2b70cd9b3e283a..5de6bfa963d143c4504978709cfb0a237632a572 100755 (executable)
--- a/firewall4
+++ b/firewall4
@@ -22,7 +22,7 @@
 . /usr/lib/network/functions
 
 # Read firewall configuration.
-firewall_config_read "ipv4"
+firewall_config_read
 
 firewall_cli "ipv4" "$@"
 

diff --git a/firewall6 b/firewall6
index 74afeef652b78eb365b6cf081e2663efaa7a9232..70ae2ffe85ca4f24d5520943bd4439d0936019fa 100755 (executable)
--- a/firewall6
+++ b/firewall6
@@ -22,7 +22,7 @@
 . /usr/lib/network/functions
 
 # Read firewall configuration.
-firewall_config_read "ipv6"
+firewall_config_read
 
 firewall_cli "ipv6" "$@"
 

diff --git a/functions.cli.firewall b/functions.cli.firewall
index 39f0a4345b168c4e9b114b7c499d79b221f98396..7d3557d22104d42231dae81c5f050fe560354301 100755 (executable)
--- a/functions.cli.firewall
+++ b/functions.cli.firewall
@@ -57,10 +57,6 @@ function firewall_cli() {
                        firewall_cli_panic "${protocol}" "$@"
                        ;;
 
-               config)
-                       firewall_cli_config "${protocol}" $@
-                       ;;
-
                zone)
                        firewall_cli_zone $@
                        ;;
@@ -108,20 +104,16 @@ function firewall_cli_panic() {
 }
 
 function firewall_cli_config() {
-       local protocol="${1}"
-       assert isset protocol
-       shift
-
        if cli_help_requested $@; then
-               cli_usage root-config
+               cli_show_man firewall-config
                exit ${EXIT_OK}
        fi
 
        if [ -n "${1}" ]; then
                config_set "$@"
-               firewall_config_write "${protocol}"
+               firewall_config_write
        else
-               firewall_config_print "${protocol}"
+               firewall_config_print
        fi
 }
 

diff --git a/functions.config b/functions.config
index 11e924669331c792b701c6a9ed643ea61da155c2..f0023580edaf4eb1f8d509955c6472cfb6294bea 100644 (file)
--- a/functions.config
+++ b/functions.config
@@ -218,60 +218,14 @@ function network_config_print() {
        config_print ${NETWORK_CONFIG_FILE_PARAMS}
 }
 
-function firewall_config_file() {
-       local protocol="${1}"
-       assert isset protocol
-
-       local file
-       case "${protocol}" in
-               ipv6)
-                       file="${FIREWALL6_CONFIG_FILE}"
-                       ;;
-               ipv4)
-                       file="${FIREWALL4_CONFIG_FILE}"
-                       ;;
-       esac
-       assert isset file
-
-       print "${file}"
-       return ${EXIT_OK}
-}
-
-function firewall_config_env() {
-       local protocol="${1}"
-       assert isset protocol
-
-       case "${protocol}" in
-               ipv6)
-                       file="${FIREWALL6_CONFIG_FILE}"
-                       params="${FIREWALL6_CONFIG_PARAMS}"
-                       ;;
-               ipv4)
-                       file="${FIREWALL4_CONFIG_FILE}"
-                       params="${FIREWALL4_CONFIG_PARAMS}"
-                       ;;
-       esac
-       assert isset file
-       assert isset params
-}
-
 function firewall_config_read() {
-       local file params
-       firewall_config_env "$@"
-
-       config_read "${file}" "${params}"
+       config_read "${FIREWALL_CONFIG_FILE}" "${FIREWALL_CONFIG_PARAMS}"
 }
 
 function firewall_config_write() {
-       local file params
-       firewall_config_env "$@"
-
-       config_write "${file}" "${params}"
+       config_write "${FIREWALL_CONFIG_FILE}" "${FIREWALL_CONFIG_PARAMS}"
 }
 
 function firewall_config_print() {
-       local file params
-       firewall_config_env "$@"
-
-       config_print "${params}"
+       config_print "${FIREWALL_CONFIG_PARAMS}"
 }

diff --git a/functions.constants-firewall b/functions.constants-firewall
index 365ffd2324948951d4373acb967475982dfa508e..41b1ac20cd3a686e807b4480b575e63e2f86a28c 100644 (file)
--- a/functions.constants-firewall
+++ b/functions.constants-firewall
@@ -25,8 +25,7 @@ IPTABLES_TMPDIR=
 
 FIREWALL_CONFIG_DIR="/etc/firewall"
 FIREWALL_ZONES_DIR="${FIREWALL_CONFIG_DIR}/zones"
-FIREWALL4_CONFIG_FILE="${FIREWALL_CONFIG_DIR}/config4"
-FIREWALL6_CONFIG_FILE="${FIREWALL_CONFIG_DIR}/config6"
+FIREWALL_CONFIG_FILE="${FIREWALL_CONFIG_DIR}/config"
 FIREWALL_CONFIG_RULES="${FIREWALL_CONFIG_DIR}/rules"
 
 FIREWALL_MACROS_DIRS="${FIREWALL_CONFIG_DIR}/macros"
@@ -86,9 +85,6 @@ FIREWALL_CONFIG_PARAMS="${FIREWALL_CONFIG_PARAMS} FIREWALL_PMTU_DISCOVERY"
 FIREWALL_DEFAULT_TTL="64"
 FIREWALL_CONFIG_PARAMS="${FIREWALL_CONFIG_PARAMS} FIREWALL_DEFAULT_TTL"
 
-FIREWALL4_CONFIG_PARAMS="${FIREWALL_CONFIG_PARAMS}"
-FIREWALL6_CONFIG_PARAMS="${FIREWALL_CONFIG_PARAMS}"
-
 FIREWALL_SUPPORTED_PROTOCOLS="tcp udp icmp igmp esp ah gre"
 FIREWALL_PROTOCOLS_SUPPORTING_PORTS="tcp udp"
 

diff --git a/helpers/firewall-kernel-init b/helpers/firewall-kernel-init
index 4cac4a04b6e5315caa971eb620ad7f29e037e92b..dba615d36bde12e0c043a1232b0d5319f07ea7c9 100755 (executable)
--- a/helpers/firewall-kernel-init
+++ b/helpers/firewall-kernel-init
@@ -21,6 +21,9 @@
 
 . /usr/lib/network/functions
 
+# Read firewall configuration.
+firewall_config_read
+
 # Initialize kernel parameters for the firewall.
 firewall_kernel_init