more comments
This commit is contained in:
parent
0b3ed7ae25
commit
be023616a5
19
minifirewall
19
minifirewall
|
@ -137,6 +137,8 @@ source_configuration() {
|
|||
if ! test -f ${config_file}; then
|
||||
echo "${config_file} does not exist" >&2
|
||||
|
||||
## We still want to deal with this really old configuration file
|
||||
## even if it has been deprecated since Debian 8
|
||||
old_config_file="/etc/firewall.rc"
|
||||
if test -f ${old_config_file}; then
|
||||
echo "${old_config_file} is deprecated. Rename it to ${config_file}" >&2
|
||||
|
@ -146,17 +148,30 @@ source_configuration() {
|
|||
fi
|
||||
|
||||
if grep -e "iptables" -e "ip6tables" "${config_file}" | grep -qvE "^#"; then
|
||||
## Backward compatible mode
|
||||
# Backward compatible mode
|
||||
###########################
|
||||
|
||||
echo "Legacy config detected"
|
||||
LEGACY_CONFIG='on'
|
||||
|
||||
## Non-backward compatible mode
|
||||
# Non-backward compatible mode
|
||||
###############################
|
||||
|
||||
# If we ever want to remove the backward compatible mode
|
||||
# we can remove the two lines above and uncomment the lines below.
|
||||
# They break if any iptables/ip6tables command is found in the configuration file
|
||||
|
||||
# echo "iptables/ip6tables commands found in ${config_file}." >&2
|
||||
# echo "Move them in included files (in ${includes_dir})." >&2
|
||||
# exit 1
|
||||
fi
|
||||
|
||||
if is_legacy_config; then
|
||||
# In this mode, we extract all variable definitions
|
||||
# to a temporary file that we can source.
|
||||
# It allow iptables/ip6tables commands to remain in the configuration file
|
||||
# and not interfere with the configuration step.
|
||||
|
||||
tmp_config_file=$(mktemp --tmpdir=/tmp minifirewall.XXX)
|
||||
grep -E "^\s*[_a-zA-Z0-9]+=" "${config_file}" > "${tmp_config_file}"
|
||||
|
||||
|
|
Loading…
Reference in a new issue