This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "IPFire 2.x development tree".
The branch, master has been updated
via 3d947e6e6b9f492fa0a12b40db0495b6eac6d967 (commit)
from 2e94953dd40134d05d3dd93c9c3e125f5ec427f9 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 3d947e6e6b9f492fa0a12b40db0495b6eac6d967
Author: Adolf Belka <adolf.belka(a)ipfire.org>
Date: Mon Mar 25 18:44:56 2024 +0100
CU185-update.sh: Add drop hostile in & out logging entries if not already present
- This v2 patch corrects that the previous script was looking for =on. If a user had
modified the preferences to change it to =off then the script would have resulted in
both =on and =off versions being in the settings file.
- This patch ensures that those people who updated to CU184 before the CU184-update.sh
patch fix to add the logging entries was added will get their optionsfw settings file
correctly updated with CU185
- This only adds the LOGDROPHOSTILEIN & LOGDROPHOSTILEOUT entries if they do not already
exist in the optionsfw settings file.
- This change also does the check for LOGDROPHOSTILEIN and LOGDROPHOSTILEOUT as two
separate checks and then runs the firewall update command
Tested-by: Adolf Belka <adolf.belka(a)ipfire.org>
Signed-off-by: Adolf Belka <adolf.belka(a)ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org>
-----------------------------------------------------------------------
Summary of changes:
config/rootfiles/core/185/update.sh | 16 +++++++++++-----
1 file changed, 11 insertions(+), 5 deletions(-)
Difference in files:
diff --git a/config/rootfiles/core/185/update.sh b/config/rootfiles/core/185/update.sh
index ec4d8ab82..002f92bbb 100644
--- a/config/rootfiles/core/185/update.sh
+++ b/config/rootfiles/core/185/update.sh
@@ -117,11 +117,17 @@ chown nobody:nobody /var/ipfire/ovpn/ovpnconfig
# Check if the drop hostile in and out logging options need to be added
# into the optionsfw settings file and apply to firewall
-if ! [ $(grep "LOGDROPHOSTILEIN=on" /var/ipfire/optionsfw/settings) ] && \
- ! [ $(grep "LOGDROPHOSTILEOUT=on" /var/ipfire/optionsfw/settings) ]; then
- sed -i '$ a\LOGDROPHOSTILEIN=on' /var/ipfire/optionsfw/settings
- sed -i '$ a\LOGDROPHOSTILEOUT=on' /var/ipfire/optionsfw/settings
- /usr/local/bin/firewallctrl
+optionsfw=""
+if ! [ $(grep "^LOGDROPHOSTILEIN=" /var/ipfire/optionsfw/settings) ]; then
+ sed -i '$ a\LOGDROPHOSTILEIN=on' /var/ipfire/optionsfw/settings
+ optionsfw="updated"
+fi
+if ! [ $(grep "^LOGDROPHOSTILEOUT=" /var/ipfire/optionsfw/settings) ]; then
+ sed -i '$ a\LOGDROPHOSTILEOUT=on' /var/ipfire/optionsfw/settings
+ optionsfw="updated"
+fi
+if ! [ -z "$optionsfw" ]; then
+ /usr/local/bin/firewallctrl
fi
# Rebuild initial ramdisks
hooks/post-receive
--
IPFire 2.x development tree