diff options
author | Florin Grad <florin@mandriva.com> | 2004-03-04 10:43:05 +0000 |
---|---|---|
committer | Florin Grad <florin@mandriva.com> | 2004-03-04 10:43:05 +0000 |
commit | f0179c1e4973d7f185f05de667b06d662461f605 (patch) | |
tree | f81e547687438816437f2e90549d53bd144e3104 | |
parent | bf2e17b32e37a0d1b41fe4993b8dbc1b61d89236 (diff) | |
download | drakx-backup-do-not-use-f0179c1e4973d7f185f05de667b06d662461f605.tar drakx-backup-do-not-use-f0179c1e4973d7f185f05de667b06d662461f605.tar.gz drakx-backup-do-not-use-f0179c1e4973d7f185f05de667b06d662461f605.tar.bz2 drakx-backup-do-not-use-f0179c1e4973d7f185f05de667b06d662461f605.tar.xz drakx-backup-do-not-use-f0179c1e4973d7f185f05de667b06d662461f605.zip |
really enable the proxy squid, fix the proxy REDIRECT shorewall rule, fis the shorewall interfaces configuration
-rwxr-xr-x | perl-install/standalone/drakgw | 18 |
1 files changed, 10 insertions, 8 deletions
diff --git a/perl-install/standalone/drakgw b/perl-install/standalone/drakgw index 36cfb4d33..60292c597 100755 --- a/perl-install/standalone/drakgw +++ b/perl-install/standalone/drakgw @@ -20,7 +20,6 @@ # Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. # -use strict; use lib qw(/usr/lib/libDrakX); use standalone; #- warning, standalone must be loaded very first, for 'explanations' @@ -45,9 +44,6 @@ my $direct = /-direct/; my $sysconf_network = "/etc/sysconfig/network"; my $sysconf_dhcpd = "/etc/sysconfig/dhcpd"; -#my $rc_firewall_generic = "/etc/rc.d/rc.firewall"; -#my $rc_firewall_drakgw = "/etc/rc.d/rc.firewall.inet_sharing"; -#my $rc_firewall_24 = "/etc/rc.d/rc.firewall.inet_sharing-2.4"; my $masq_file = "/etc/shorewall/masq"; my $dhcpd_conf = "/etc/dhcpd.conf"; my $squid_conf = "/etc/squid/squid.conf"; @@ -143,6 +139,7 @@ What would you like to do?"), print "remove rules entries\n"; substInFile { s/REDIRECT\tmasq\t$squid_port\ttcp\twww\t\-\n//; + s/REDIRECT\tloc\t$squid_port\ttcp\twww\t\-\n//; s/ACCEPT\tfw\tnet\ttcp\twww\n//; } "/etc/shorewall/rules"; sys("/etc/init.d/shorewall restart >/dev/null"); @@ -208,6 +205,9 @@ my %aliased_devices; my $card_netconnect = network::netconnect::get_net_device() || "eth0"; defined $card_netconnect and log::l("[drakgw] Information from netconnect: ignore card $card_netconnect"); +my @all_cards = network::ethernet::get_eth_cards(); +my %net_devices = network::ethernet::get_eth_cards_names(@all_cards); + $in->ask_from('', N("Please enter the name of the interface connected to the internet. @@ -273,6 +273,7 @@ my $max_lease = network::network::read_dhcpd_conf()->{default_lease_time}[0] ||= my $internal_domain_name = network::network::read_dhcpd_conf()->{domain_name}[0] ||= network::network::read_resolv_conf_raw()->{search}[0] ||= "homeland.net"; my $squid_cache_size = network::network::read_squid_conf()->{cache_size}[1] ||= "100"; my $squid_admin_mail = network::network::read_squid_conf()->{admin_mail}[0] ||= 'admin@mydomain.com'; +my $squid_visible_hostname = network::network::read_squid_conf()->{visible_hostname}[0] ||= 'myfirewall@mydomain.com'; my $reconf_dhcp_server_intf = 1; @@ -396,14 +397,14 @@ if (!$::testing && any { !-e $rpm2file{$_} } keys %rpm2file) { put_in_hash($shorewall ||= {}, { disabled => 0, net_interface => $card_netconnect, - loc_interface => [ grep { $_ ne $device } @cards ], - masquerade => { interface => $device, subnet => "$lan_address.0/$netmask" }, + loc_interface => [ grep { $_ ne $card_netconnect } @cards ], + masquerade => { subnet => "$lan_address.0/$netmask" }, }); network::shorewall::write($shorewall); print "add rules entries\n"; substInFile { - s/#LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE/REDIRECT\tmasq\t$squid_port\ttcp\twww\t-\nACCEPT\tfw\tnet\ttcp\twww\n#LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE/; + s/#LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE/REDIRECT\tloc\t$squid_port\ttcp\twww\t-\nACCEPT\tfw\tnet\ttcp\twww\n#LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE/; } "/etc/shorewall/rules"; #- be sure that FORWARD_IPV4 is enabled in /etc/sysconfig/network @@ -485,6 +486,7 @@ http_access allow mynetwork http_access allow localhost http_reply_access allow all icp_access allow all +visible_hostname $squid_visible_hostname httpd_accel_host virtual httpd_accel_with_proxy on httpd_accel_uses_host_header on @@ -494,7 +496,7 @@ deny_info ERR_CUSTOM_ACCESS_DENIED all memory_pools off coredump_dir /var/spool/squid ie_refresh on -)) if $::testing; +)) if !$::testing; #- Set up /etc/cups/cupsd.conf to make the broadcasting of the printer info #- working correctly: |