blob: bccd83ddb3a2d9dcaa115317df673a060c1595d0 (
plain) (
tree)
|
|
#!/sbin/openrc-run
# Copyright 1999-2012 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
depend() {
before net
provide firewall
}
start() {
ebegin "Starting ufw"
_source_file || { eend $?; return $?; }
local enabled_in_cfg ret
_check_if_enabled_in_cfg
enabled_in_cfg=$?
# Avoid "Firewall already started, use 'force-reload'" message that
# appears if `ufw enable' had been run before start().
if _status_quiet; then
eend 0
return
fi
# The ufw_start function does the same: if ufw is disabled using `ufw disable',
# ufw_start would not start ufw and return 0, so let's handle this case.
case $enabled_in_cfg in
0)
ufw_start
ret=$?
eend $ret "Failed to start ufw."
;;
1)
# see /etc/conf.d/<name>
if [ "${ufw_nonfatal_if_disabled:-no}" != "yes" ]; then
ret=1
eend $ret "Not starting firewall (not enabled), use \"ufw enable\" first."
else
ret=0
eend 0
fi
;;
2)
ret=1
eend $ret "Failed to start ufw."
;;
esac
return $ret
}
stop() {
ebegin "Stopping ufw"
_source_file || { eend $?; return $?; }
local enabled_in_cfg ret
_check_if_enabled_in_cfg
enabled_in_cfg=$?
# Same as above (unless --force is passed to ufw_stop).
case $enabled_in_cfg in
0)
ufw_stop
ret=$?
;;
1)
einfo "INFO: ufw is configured to be disabled"
ufw_stop --force
ret=$?
;;
2)
ret=1
;;
esac
eend $ret "Failed to stop ufw."
return $ret
}
_status_quiet() {
# return values: 0 - started, 1 - stopped, 2 - error
# Does not execute _source_file.
local ret
ufw_status > /dev/null
ret=$?
# Return values for ufw_status come from /usr/share/ufw/ufw-init-functions.
case $ret in
0) return 0 ;;
3) return 1 ;;
*) return 2 ;;
esac
}
_source_file() {
local sourced_f="/usr/share/ufw/ufw-init-functions"
if [ ! -f "$sourced_f" ]; then
eerror "Cannot find file $sourced_f!"
return 1
fi
local _path=$PATH
if ! . "$sourced_f"; then
# PATH can be broken here, fix it...
PATH=$_path
eerror "Error sourcing file $sourced_f"
return 1
fi
if [ -z "$PATH" ]; then
PATH=$_path
else
PATH="${PATH}:${_path}"
fi
return 0
}
_check_if_enabled_in_cfg() {
# Check if user has enabled the firewall with "ufw enable".
# Return 0 if firewall enabled in configuration file, 1 otherwise, 2 on error.
local sourced_f="/etc/ufw/ufw.conf"
if [ ! -f "$sourced_f" ]; then
eerror "Cannot find file $sourced_f!"
return 2
fi
if ! . "$sourced_f"; then
eerror "Error sourcing file $sourced_f"
return 2
fi
if [ "$ENABLED" = "yes" ] || [ "$ENABLED" = "YES" ]; then
return 0
else
return 1
fi
}
|