From ac9400aa8c7394c9efc5a0b7b2116c9f57071fe1 Mon Sep 17 00:00:00 2001
From: Thomas Martin <tmartin@optiplex.evolix.net>
Date: Wed, 9 Jun 2010 19:27:19 +0200
Subject: [PATCH] check correct sourcing of configuration file, and exit if it
 fails

---
 minifirewall | 16 +++++++++++++++-
 1 file changed, 15 insertions(+), 1 deletion(-)

diff --git a/minifirewall b/minifirewall
index 8741bfd..9ee7865 100644
--- a/minifirewall
+++ b/minifirewall
@@ -91,7 +91,21 @@ $IPT -A LOG_ACCEPT -j LOG  --log-prefix '[IPTABLES ACCEPT] : '
 $IPT -A LOG_ACCEPT -j ACCEPT
 
 # Configuration
-test -f /etc/firewall.rc && . /etc/firewall.rc
+configfile="/etc/firewall.rc"
+
+if ! test -f $configfile; then
+	echo "$configfile does not exist" >&2
+	exit 1
+fi
+
+tmpfile=`mktemp`
+. $configfile 2>$tmpfile >&2
+if [ -s $tmpfile ]; then
+	echo "$configfile returns standard or error output (see below). Stopping."
+	cat $tmpfile
+	exit 1
+fi
+rm $tmpfile
 
 # trusted ip addresses
 $IPT -N ONLYTRUSTED