From mboxrd@z Thu Jan 1 00:00:00 1970 From: Adolf Belka To: development@lists.ipfire.org Subject: [PATCH v2] CU185-update.sh: Add drop hostile in & out logging entries if not already present Date: Mon, 25 Mar 2024 18:44:56 +0100 Message-ID: <20240325174456.35715-1-adolf.belka@ipfire.org> MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="===============6041585146473400825==" List-Id: --===============6041585146473400825== Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable - This v2 patch corrects that the previous script was looking for =3Don. If a= user had modified the preferences to change it to =3Doff then the script would have= resulted in both =3Don and =3Doff versions being in the settings file. - This patch ensures that those people who updated to CU184 before the CU184-= update.sh patch fix to add the logging entries was added will get their optionsfw se= ttings file correctly updated with CU185 - This only adds the LOGDROPHOSTILEIN & LOGDROPHOSTILEOUT entries if they do = not already exist in the optionsfw settings file. - This change also does the check for LOGDROPHOSTILEIN and LOGDROPHOSTILEOUT = as two separate checks and then runs the firewall update command Tested-by: Adolf Belka Signed-off-by: Adolf Belka --- config/rootfiles/core/185/update.sh | 16 +++++++++++----- 1 file changed, 11 insertions(+), 5 deletions(-) diff --git a/config/rootfiles/core/185/update.sh b/config/rootfiles/core/185/= update.sh index ec4d8ab82..002f92bbb 100644 --- a/config/rootfiles/core/185/update.sh +++ b/config/rootfiles/core/185/update.sh @@ -117,11 +117,17 @@ chown nobody:nobody /var/ipfire/ovpn/ovpnconfig =20 # Check if the drop hostile in and out logging options need to be added # into the optionsfw settings file and apply to firewall -if ! [ $(grep "LOGDROPHOSTILEIN=3Don" /var/ipfire/optionsfw/settings) ] && \ - ! [ $(grep "LOGDROPHOSTILEOUT=3Don" /var/ipfire/optionsfw/settings) ]; th= en - sed -i '$ a\LOGDROPHOSTILEIN=3Don' /var/ipfire/optionsfw/settings - sed -i '$ a\LOGDROPHOSTILEOUT=3Don' /var/ipfire/optionsfw/settings - /usr/local/bin/firewallctrl +optionsfw=3D"" +if ! [ $(grep "^LOGDROPHOSTILEIN=3D" /var/ipfire/optionsfw/settings) ]; then + sed -i '$ a\LOGDROPHOSTILEIN=3Don' /var/ipfire/optionsfw/settings + optionsfw=3D"updated" +fi +if ! [ $(grep "^LOGDROPHOSTILEOUT=3D" /var/ipfire/optionsfw/settings) ]; then + sed -i '$ a\LOGDROPHOSTILEOUT=3Don' /var/ipfire/optionsfw/settings + optionsfw=3D"updated" +fi +if ! [ -z "$optionsfw" ]; then + /usr/local/bin/firewallctrl fi =20 # Rebuild initial ramdisks --=20 2.44.0 --===============6041585146473400825==--