Re: [Shorewall-users] Conditional in parms

Bill Shirley Sun, 17 Dec 2017 21:22:05 -0800

Thanks Tom and Matt.  Works like a charm:
#      -------------
if [ ."$STAGING" == '.' ] ; then
  echo "------- NOT staging -------"
    SFN_VPN1_IF=$INET1_IF          # Zimbabwe Comcast
    SFN_VPN1_SRC_MARK=$INET1_MARK6
    SFN_VPN1_SRC_IP=$INET1_IP6
    SFN_VPN1_THIS_ENDPOINT=$ZIM_IP1
else
  echo "--------- staging ---------"
    SFN_VPN1_IF=$SFNINET_IF        # Comcast staging
    SFN_VPN1_SRC_MARK=$SFNINET_MARK6
    SFN_VPN1_SRC_IP=$SFNINET_IP6
    SFN_VPN1_THIS_ENDPOINT=$SFNLAN_IP1
fi
#      -------------


shorewall check:
------- NOT staging -------
Checking...
Processing /etc/shorewall6/params ...
------- NOT staging -------
Processing /etc/shorewall6/shorewall6.conf...
Loading Modules...

See the light bulb over my head?  What possibilities.
Wow, I could calculate the value of pi in Shorewall params!!
Probably can't make pie here, though.  :-)

Bill

On 12/17/2017 11:38 PM, Tom Eastep wrote:

On 12/17/2017 04:32 PM, Bill Shirley wrote:

[0:root@yoda filter.d]$ rpm -q shorewall6
shorewall6-5.0.14.1-3.fc25.noarch

In params I'm trying conditional execution:

STAGING=yes                # empty = No
#      -------------
?if $STAGING
     SFN_VPN1_IF=$SFNINET_IF        # Comcast staging
     SFN_VPN1_SRC_MARK=$SFNINET_MARK6
     SFN_VPN1_SRC_IP=$SFNINET_IP6
     SFN_VPN1_THIS_ENDPOINT=$SFNLAN_IP1
?else
     SFN_VPN1_IF=$INET1_IF          # Zimbabwe Comcast
     SFN_VPN1_SRC_MARK=$INET1_MARK6
     SFN_VPN1_SRC_IP=$INET1_IP6
     SFN_VPN1_THIS_ENDPOINT=$ZIM_IP1
?endif
#      -------------

?if, ?else, and ?endif work fine in mangle.

but Shorewall6's not happy:

[0:root@yoda filter.d]$ shorewall6 check
/etc/shorewall6/params: line 231: ?if: command not found
/etc/shorewall6/params: line 236: ?else: command not found
/etc/shorewall6/params: line 241: ?endif: command not found
Checking using Shorewall 5.0.14.1...
Processing /etc/shorewall6/params ...
/etc/shorewall6/params: line 231: ?if: command not found
/etc/shorewall6/params: line 236: ?else: command not found
/etc/shorewall6/params: line 241: ?endif: command not found

I tried uppercase in params too; doesn't work.

Is there another way to do conditionals?

In all contexts, params is processed soley by the shell. So just use
shell syntax.

-Tom


------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot


_______________________________________________
Shorewall-users mailing list
Shorewall-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/shorewall-users



------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Shorewall-users mailing list
Shorewall-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/shorewall-users

Re: [Shorewall-users] Conditional in parms

Reply via email to