📄 install.sh
字号:
#!/bin/sh## Script to install Shoreline Firewall## This program is under GPL [http://www.gnu.org/licenses/old-licenses/gpl-2.0.txt]## (c) 2000,2001,2002,2003,2004,2005 - Tom Eastep (teastep@shorewall.net)## Shorewall documentation is available at http://shorewall.net## This program is free software; you can redistribute it and/or modify# it under the terms of Version 2 of the GNU General Public License# as published by the Free Software Foundation.## This program is distributed in the hope that it will be useful,# but WITHOUT ANY WARRANTY; without even the implied warranty of# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the# GNU General Public License for more details.## You should have received a copy of the GNU General Public License# along with this program; if not, write to the Free Software# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.#VERSION=4.2.7usage() # $1 = exit status{ ME=$(basename $0) echo "usage: $ME" echo " $ME -v" echo " $ME -h" echo " $ME -n" exit $1}split() { local ifs ifs=$IFS IFS=: set -- $1 echo $* IFS=$ifs}qt(){ "$@" >/dev/null 2>&1}mywhich() { local dir for dir in $(split $PATH); do if [ -x $dir/$1 ]; then echo $dir/$1 return 0 fi done return 2}run_install(){ if ! install $*; then echo echo "ERROR: Failed to install $*" >&2 exit 1 fi}cant_autostart(){ echo echo "WARNING: Unable to configure shorewall to start automatically at boot" >&2}backup_directory() # $1 = directory to backup{ if [ -d $1 ]; then if cp -a $1 ${1}-${VERSION}.bkout ; then echo echo "$1 saved to ${1}-${VERSION}.bkout" else exit 1 fi fi}backup_file() # $1 = file to backup, $2 = (optional) Directory in which to create the backup{ if [ -z "${PREFIX}{NOBACKUP}" ]; then if [ -f $1 -a ! -f ${1}-${VERSION}.bkout ]; then if [ -n "$2" ]; then if [ -d $2 ]; then if cp -f $1 $2 ; then echo echo "$1 saved to $2/$(basename $1)" else exit 1 fi fi elif cp $1 ${1}-${VERSION}.bkout; then echo echo "$1 saved to ${1}-${VERSION}.bkout" else exit 1 fi fi fi}delete_file() # $1 = file to delete{ rm -f $1}install_file() # $1 = source $2 = target $3 = mode{ run_install $OWNERSHIP -m $3 $1 ${2}}install_file_with_backup() # $1 = source $2 = target $3 = mode $4 = (optional) backup directory{ backup_file $2 $4 run_install $OWNERSHIP -m $3 $1 ${2}}## Parse the run line## DEST is the SysVInit script directory# INIT is the name of the script in the $DEST directory# RUNLEVELS is the chkconfig parmeters for firewall# ARGS is "yes" if we've already parsed an argument#ARGS=""if [ -z "$DEST" ] ; then DEST="/etc/init.d"fiif [ -z "$INIT" ] ; then INIT="shorewall"fiif [ -z "$RUNLEVELS" ] ; then RUNLEVELS=""fiDEBIAN=CYGWIN=MANDIR=${MANDIR:-"/usr/share/man"}case $(uname) in CYGWIN*) DEST= INIT= OWNER=$(id -un) GROUP=$(id -gn) CYGWIN=Yes ;; *) [ -z "$OWNER" ] && OWNER=root [ -z "$GROUP" ] && GROUP=root ;;esacOWNERSHIP="-o $OWNER -g $GROUP"NOBACKUP=while [ $# -gt 0 ] ; do case "$1" in -h|help|?) usage 0 ;; -v) echo "Shorewall Firewall Installer Version $VERSION" exit 0 ;; -n) NOBACKUP=Yes ;; *) usage 1 ;; esac shift ARGS="yes"donePATH=/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/bin:/usr/local/sbin## Determine where to install the firewall script#if [ -n "$PREFIX" ]; then if [ -z "$CYGWIN" ]; then if [ `id -u` != 0 ] ; then echo "Not setting file owner/group permissions, not running as root." OWNERSHIP="" fi install -d $OWNERSHIP -m 755 ${PREFIX}/sbin install -d $OWNERSHIP -m 755 ${PREFIX}${DEST} fielse [ -x /usr/share/shorewall-shell/compiler -o -x /usr/share/shorewall-perl/compiler.pl ] || \ { echo " ERROR: No Shorewall compiler is installed" >&2; exit 1; } if [ -z "$CYGWIN" ]; then if [ -d /etc/apt -a -e /usr/bin/dpkg ]; then DEBIAN=yes elif [ -f /etc/slackware-version ] ; then echo "installing Slackware specific configuration..." DEST="/etc/rc.d" MANDIR="/usr/man" SLACKWARE=yes elif [ -f /etc/arch-release ] ; then DEST="/etc/rc.d" INIT="shorewall" ARCHLINUX=yes fi fifi## Change to the directory containing this script#cd "$(dirname $0)"echo "Installing Shorewall-common Version $VERSION"## Check for /etc/shorewall#if [ -d ${PREFIX}/etc/shorewall ]; then first_install="" if [ -z "$NOBACKUP" ]; then backup_directory ${PREFIX}/etc/shorewall backup_directory ${PREFIX}/usr/share/shorewall backup_directory ${PREFIX}/var/lib/shorewall fielse first_install="Yes"fiif [ -z "$CYGWIN" ]; then install_file_with_backup shorewall ${PREFIX}/sbin/shorewall 0755 ${PREFIX}/var/lib/shorewall-${VERSION}.bkout echo "shorewall control program installed in ${PREFIX}/sbin/shorewall"else install_file_with_backup shorewall ${PREFIX}/bin/shorewall 0755 ${PREFIX}/var/lib/shorewall-${VERSION}.bkout echo "shorewall control program installed in ${PREFIX}/bin/shorewall"fi## Install the Firewall Script#if [ -n "$DEBIAN" ]; then install_file_with_backup init.debian.sh /etc/init.d/shorewall 0544 ${PREFIX}/usr/share/shorewall-${VERSION}.bkoutelif [ -n "$ARCHLINUX" ]; then install_file_with_backup init.archlinux.sh ${PREFIX}${DEST}/$INIT 0544 ${PREFIX}/usr/share/shorewall-${VERSION}.bkoutelif [ -n "$SLACKWARE" ]; then install_file_with_backup init.slackware.firewall.sh ${PREFIX}${DEST}/rc.firewall 0644 ${PREFIX}/usr/share/shorewall-${VERSION}.bkout install_file_with_backup init.slackware.shorewall.sh ${PREFIX}${DEST}/rc.shorewall 0644 ${PREFIX}/usr/share/shorewall-${VERSION}.bkoutelif [ -n "$INIT" ]; then install_file_with_backup init.sh ${PREFIX}${DEST}/$INIT 0544 ${PREFIX}/usr/share/shorewall-${VERSION}.bkoutfi[ -n "$CYGWIN" ] || echo "Shorewall script installed in ${PREFIX}${DEST}/$INIT"## Create /etc/shorewall, /usr/share/shorewall and /var/shorewall if needed#mkdir -p ${PREFIX}/etc/shorewallmkdir -p ${PREFIX}/usr/share/shorewallmkdir -p ${PREFIX}/usr/share/shorewall/configfilesmkdir -p ${PREFIX}/var/lib/shorewallchmod 755 ${PREFIX}/etc/shorewallchmod 755 ${PREFIX}/usr/share/shorewallchmod 755 ${PREFIX}/usr/share/shorewall/configfiles## Install the config file#run_install $OWNERSHIP -m 0644 shorewall.conf ${PREFIX}/usr/share/shorewall/configfiles/shorewall.confqt mywhich perl && perl -p -w -i -e 's|^CONFIG_PATH=.*|CONFIG_PATH=/usr/share/shorewall/configfiles:/usr/share/shorewall|;' ${PREFIX}/usr/share/shorewall/configfiles/shorewall.confif [ ! -f ${PREFIX}/etc/shorewall/shorewall.conf ]; then run_install $OWNERSHIP -m 0644 shorewall.conf ${PREFIX}/etc/shorewall/shorewall.conf echo "Config file installed as ${PREFIX}/etc/shorewall/shorewall.conf"fiif [ -n "$ARCHLINUX" ] ; then sed -e 's!LOGFILE=/var/log/messages!LOGFILE=/var/log/messages.log!' -i ${PREFIX}/etc/shorewall/shorewall.conffi## Install the zones file#run_install $OWNERSHIP -m 0644 zones ${PREFIX}/usr/share/shorewall/configfiles/zonesif [ -z "$CYGWIN" -a ! -f ${PREFIX}/etc/shorewall/zones ]; then run_install $OWNERSHIP -m 0744 zones ${PREFIX}/etc/shorewall/zones echo "Zones file installed as ${PREFIX}/etc/shorewall/zones"fidelete_file ${PREFIX}/usr/share/shorewall/compilerdelete_file ${PREFIX}/usr/share/shorewall/lib.accountingdelete_file ${PREFIX}/usr/share/shorewall/lib.actionsdelete_file ${PREFIX}/usr/share/shorewall/lib.dynamiczonesdelete_file ${PREFIX}/usr/share/shorewall/lib.maclistdelete_file ${PREFIX}/usr/share/shorewall/lib.natdelete_file ${PREFIX}/usr/share/shorewall/lib.providersdelete_file ${PREFIX}/usr/share/shorewall/lib.proxyarpdelete_file ${PREFIX}/usr/share/shorewall/lib.tcdelete_file ${PREFIX}/usr/share/shorewall/lib.tcrulesdelete_file ${PREFIX}/usr/share/shorewall/lib.tunnelsdelete_file ${PREFIX}/usr/share/shorewall/prog.headerdelete_file ${PREFIX}/usr/share/shorewall/prog.footer## Install wait4ifup#install_file wait4ifup ${PREFIX}/usr/share/shorewall/wait4ifup 0755echoecho "wait4ifup installed in ${PREFIX}/usr/share/shorewall/wait4ifup"## Install the policy file#run_install $OWNERSHIP -m 0644 policy ${PREFIX}/usr/share/shorewall/configfiles/policyif [ -z "$CYGWIN" -a ! -f ${PREFIX}/etc/shorewall/policy ]; then run_install $OWNERSHIP -m 0600 policy ${PREFIX}/etc/shorewall/policy echo "Policy file installed as ${PREFIX}/etc/shorewall/policy"fi## Install the interfaces file#run_install $OWNERSHIP -m 0644 interfaces ${PREFIX}/usr/share/shorewall/configfiles/interfacesif [ -z "$CYGWIN" -a ! -f ${PREFIX}/etc/shorewall/interfaces ]; then run_install $OWNERSHIP -m 0600 interfaces ${PREFIX}/etc/shorewall/interfaces echo "Interfaces file installed as ${PREFIX}/etc/shorewall/interfaces"fi## Install the ipsec file#run_install $OWNERSHIP -m 0644 ipsec ${PREFIX}/usr/share/shorewall/configfiles/ipsecif [ -z "$CYGWIN" -a ! -f ${PREFIX}/etc/shorewall/ipsec ]; then run_install $OWNERSHIP -m 0600 ipsec ${PREFIX}/etc/shorewall/ipsec echo "Dummy IPSEC file installed as ${PREFIX}/etc/shorewall/ipsec"fi## Install the hosts file#run_install $OWNERSHIP -m 0644 hosts ${PREFIX}/usr/share/shorewall/configfiles/hostsif [ -z "$CYGWIN" -a ! -f ${PREFIX}/etc/shorewall/hosts ]; then run_install $OWNERSHIP -m 0600 hosts ${PREFIX}/etc/shorewall/hosts echo "Hosts file installed as ${PREFIX}/etc/shorewall/hosts"fi## Install the rules file#run_install $OWNERSHIP -m 0644 rules ${PREFIX}/usr/share/shorewall/configfiles/rulesif [ -z "$CYGWIN" -a ! -f ${PREFIX}/etc/shorewall/rules ]; then run_install $OWNERSHIP -m 0600 rules ${PREFIX}/etc/shorewall/rules echo "Rules file installed as ${PREFIX}/etc/shorewall/rules"fi## Install the NAT file#run_install $OWNERSHIP -m 0644 nat ${PREFIX}/usr/share/shorewall/configfiles/natif [ -z "$CYGWIN" -a ! -f ${PREFIX}/etc/shorewall/nat ]; then run_install $OWNERSHIP -m 0600 nat ${PREFIX}/etc/shorewall/nat echo "NAT file installed as ${PREFIX}/etc/shorewall/nat"fi## Install the NETMAP file#run_install $OWNERSHIP -m 0644 netmap ${PREFIX}/usr/share/shorewall/configfiles/netmapif [ -z "$CYGWIN" -a ! -f ${PREFIX}/etc/shorewall/netmap ]; then run_install $OWNERSHIP -m 0600 netmap ${PREFIX}/etc/shorewall/netmap echo "NETMAP file installed as ${PREFIX}/etc/shorewall/netmap"fi## Install the Parameters file#⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -