Prevent direct call to minifirewall script in favor of systemctl or /etc/init.d/minifirewall stub

init.sh

@@ -22,16 +22,16 @@ fi
 
 case "$1" in
   start)
-        ${minifirewall_bin} start
+        systemctl start minifirewall
         ;;
   stop)
-        ${minifirewall_bin} stop
+        systemctl stop minifirewall
         ;;
   status)
-        ${minifirewall_bin} status
+        systemctl status minifirewall
         ;;
   restart|reload|condrestart)
-        ${minifirewall_bin} restart
+        systemctl restart minifirewall
         ;;
   reset)
         ${minifirewall_bin} reset

minifirewall

@@ -27,11 +27,12 @@ show_help() {
     cat <<END
 minifirewall is wrapper around netfilter/iptables for easy local firewalling on Linux.
 
-Usage: minifirewall start
+Usage: systemctl start minifirewall
-  or   minifirewall stop
+  or   systemctl stop minifirewall
-  or   minifirewall restart
+  or   systemctl restart minifirewall
-  or   minifirewall reset
+  or   systemctl status minifirewall
   or   minifirewall status
+  or   minifirewall reset
   or   minifirewall {version|--version|-V}
   or   minifirewall {help|--help|-h|-?}
 END
@@ -149,6 +150,13 @@ source_includes() {
         done
     fi
 }
+exit_if_not_systemd() {
+    if [ $PPID -ne 1 ]; then
+        echo "Error: Please use minifirewall systemd service instead of direct call." 1>&2
+        show_help
+        exit 1
+    fi
+}
 check_unpersisted_state() {
     cmp_bin=$(command -v cmp)
     diff_bin=$(command -v diff)
@@ -930,6 +938,7 @@ reset() {
 main() {
     case "${1:-''}" in
         start)
+            exit_if_not_systemd
             source_configuration
             check_unpersisted_state
 
@@ -937,6 +946,7 @@ main() {
             ;;
 
         stop)
+            exit_if_not_systemd
             source_configuration
             check_unpersisted_state
 
@@ -958,6 +968,7 @@ main() {
             ;;
 
         restart)
+            exit_if_not_systemd
             source_configuration
             check_unpersisted_state