diff --git a/CREDITS b/CREDITS index 52092595..f0f2a5c9 100644 --- a/CREDITS +++ b/CREDITS @@ -28,3 +28,7 @@ Andy Rowland C Anthony Risinger - Caught a bug where the default PCAP_LOOP_SLEEP value was 1/100th of a second instead of the intended default of 1/10th of a second. + +Franck Joncourt + - fwknop Debian package maintainer. + - Contributed a new Debian init script. diff --git a/ChangeLog b/ChangeLog index c2f1ba2b..e8e3e1fd 100644 --- a/ChangeLog +++ b/ChangeLog @@ -27,6 +27,8 @@ fwknop-2.0.1 (07//2012): - [client] Fixed several minor memory leaks caught by valgrind. - [libfko] Minor gcc warning fix: fko_decode.c:43:17: warning: variable ‘edata_size’ set but not used [-Wunused-but-set-variable]. + - Updated fwknopd init script for Debian systems (contributed by Franck + Joncourt). fwknop-2.0 (01/02/2012): - This is the first production release that has been completely re-written diff --git a/extras/fwknop.init.debian b/extras/fwknop.init.debian old mode 100755 new mode 100644 index db4928fe..264b8958 --- a/extras/fwknop.init.debian +++ b/extras/fwknop.init.debian @@ -1,11 +1,15 @@ #! /bin/sh + ### BEGIN INIT INFO -# Provides: fwknop-c-server -# Required-Start: $remote_fs -# Required-Stop: $remote_fs +# Provides: fwknop-server +# Required-Start: $local_fs $remote_fs $syslog $network +# Required-Stop: $local_fs $remote_fs $syslog $network # Default-Start: 2 3 4 5 # Default-Stop: 0 1 6 -# Short-Description: FireWall KNock OPerator (fwknop) +# Short-Description: start and stop fwknopd +# Description: Fwknop implements an authorization scheme known as \ +# Single Packet Authorization (SPA) for Linux systems \ +# running iptables. ### END INIT INFO # Author: Franck Joncourt @@ -15,11 +19,19 @@ DESC="FireWall KNock OPerator" NAME=fwknopd DAEMON=/usr/sbin/$NAME PIDDIR=/var/run/fwknop -SCRIPTNAME=/etc/init.d/fwknop-c-server +SCRIPTNAME=/etc/init.d/fwknop-server # Exit if the package is not installed [ -x "$DAEMON" ] || exit 0 +# Load user options to pass to fwknopd daemon +START_DAEMON="no" +DAEMON_ARGS="" +[ -r /etc/default/fwknop-server ] && . /etc/default/fwknop-server + +# Exit if the dameon must not be started +[ "$START_DAEMON" = "yes" ] || exit 0 + # Load the VERBOSE setting and other rcS variables . /lib/init/vars.sh @@ -66,8 +78,6 @@ do_start() { local retval - echo -n "Starting $DESC: $NAME " - mkdir -p $PIDDIR chmod 755 $PIDDIR @@ -77,27 +87,29 @@ do_start() # Try to start fwknopd if [ "$retval" = "0" ]; then - start-stop-daemon --start --quiet --pidfile $PIDDIR/$NAME --exec $DAEMON + start-stop-daemon --start --quiet --pidfile $PIDDIR/$NAME --exec $DAEMON -- $DAEMON_ARGS retval="$?" fi # Handle return status codes case "$retval" in 0) - log_success_msg ;; 6) - log_failure_msg "You are missing the configuration file $ConfFile." + log_action_msg "You are missing the configuration file $ConfFile." || true ;; 9) retval=0 ;; *) retval=1 - log_failure_msg "Unable to start the daemon." + log_action_msg "Unable to start the daemon." || true ;; esac + log_daemon_msg "Starting $DESC" "$NAME" || true + log_end_msg $retval || true + return $retval } @@ -116,8 +128,6 @@ do_stop() local pid pidfile local process_list="fwknopd" - echo -n "Stopping $DESC:" - # For each process for process in $process_list; do @@ -125,8 +135,6 @@ do_stop() status="0" kill_status="1" - echo -n " $process" - # Try to kill the process associated to the pid if [ -r "$pidfile" ]; then pid=`cat "$pidfile" 2>/dev/null` @@ -151,13 +159,13 @@ do_stop() done - if [ "$retval" = "0" ]; then - log_success_msg - else - echo -n " " - log_failure_msg "One or more process could not be stopped." + if [ "$retval" != "0" ]; then + log_action_msg "The process could not be stopped" || true fi + log_daemon_msg "Stopping $DESC" "$NAME" || true + log_end_msg $retval || true + return $retval }