diff options
author | Randy McCaskill <randy@mccaskill.us> | 2020-01-30 03:19:45 +0000 |
---|---|---|
committer | A. Wilcox <awilcox@wilcox-tech.com> | 2020-01-30 03:19:45 +0000 |
commit | 130f6f2ea6b6e76f30df7d27afdbbb475e12b83f (patch) | |
tree | 2c82c43b271da9c4f0a596dbe2adb841efd717c9 /user/ufw/ufw.initd | |
parent | df5a443ceaf56f214c85aed9b2e848e292d1a2f0 (diff) | |
download | packages-130f6f2ea6b6e76f30df7d27afdbbb475e12b83f.tar.gz packages-130f6f2ea6b6e76f30df7d27afdbbb475e12b83f.tar.bz2 packages-130f6f2ea6b6e76f30df7d27afdbbb475e12b83f.tar.xz packages-130f6f2ea6b6e76f30df7d27afdbbb475e12b83f.zip |
Add ufw package
Diffstat (limited to 'user/ufw/ufw.initd')
-rw-r--r-- | user/ufw/ufw.initd | 136 |
1 files changed, 136 insertions, 0 deletions
diff --git a/user/ufw/ufw.initd b/user/ufw/ufw.initd new file mode 100644 index 000000000..bccd83ddb --- /dev/null +++ b/user/ufw/ufw.initd @@ -0,0 +1,136 @@ +#!/sbin/openrc-run +# Copyright 1999-2012 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +depend() { + before net + provide firewall +} + +start() { + ebegin "Starting ufw" + _source_file || { eend $?; return $?; } + + local enabled_in_cfg ret + _check_if_enabled_in_cfg + enabled_in_cfg=$? + + # Avoid "Firewall already started, use 'force-reload'" message that + # appears if `ufw enable' had been run before start(). + if _status_quiet; then + eend 0 + return + fi + + # The ufw_start function does the same: if ufw is disabled using `ufw disable', + # ufw_start would not start ufw and return 0, so let's handle this case. + case $enabled_in_cfg in + 0) + ufw_start + ret=$? + eend $ret "Failed to start ufw." + ;; + 1) + # see /etc/conf.d/<name> + if [ "${ufw_nonfatal_if_disabled:-no}" != "yes" ]; then + ret=1 + eend $ret "Not starting firewall (not enabled), use \"ufw enable\" first." + else + ret=0 + eend 0 + fi + ;; + 2) + ret=1 + eend $ret "Failed to start ufw." + ;; + esac + + return $ret +} + +stop() { + ebegin "Stopping ufw" + _source_file || { eend $?; return $?; } + local enabled_in_cfg ret + _check_if_enabled_in_cfg + enabled_in_cfg=$? + + # Same as above (unless --force is passed to ufw_stop). + case $enabled_in_cfg in + 0) + ufw_stop + ret=$? + ;; + 1) + einfo "INFO: ufw is configured to be disabled" + ufw_stop --force + ret=$? + ;; + 2) + ret=1 + ;; + esac + + eend $ret "Failed to stop ufw." + return $ret +} + +_status_quiet() { + # return values: 0 - started, 1 - stopped, 2 - error + # Does not execute _source_file. + local ret + ufw_status > /dev/null + ret=$? + # Return values for ufw_status come from /usr/share/ufw/ufw-init-functions. + case $ret in + 0) return 0 ;; + 3) return 1 ;; + *) return 2 ;; + esac +} + +_source_file() { + local sourced_f="/usr/share/ufw/ufw-init-functions" + if [ ! -f "$sourced_f" ]; then + eerror "Cannot find file $sourced_f!" + return 1 + fi + + local _path=$PATH + if ! . "$sourced_f"; then + # PATH can be broken here, fix it... + PATH=$_path + eerror "Error sourcing file $sourced_f" + return 1 + fi + + if [ -z "$PATH" ]; then + PATH=$_path + else + PATH="${PATH}:${_path}" + fi + return 0 +} + +_check_if_enabled_in_cfg() { + # Check if user has enabled the firewall with "ufw enable". + # Return 0 if firewall enabled in configuration file, 1 otherwise, 2 on error. + + local sourced_f="/etc/ufw/ufw.conf" + if [ ! -f "$sourced_f" ]; then + eerror "Cannot find file $sourced_f!" + return 2 + fi + + if ! . "$sourced_f"; then + eerror "Error sourcing file $sourced_f" + return 2 + fi + + if [ "$ENABLED" = "yes" ] || [ "$ENABLED" = "YES" ]; then + return 0 + else + return 1 + fi +} |