From 8da9f8b978fede028233c7411a68b46ca31be832 Mon Sep 17 00:00:00 2001
From: "bbruns@gmail.com"
 <bbruns@gmail.com@e5899ace-8841-11de-95b9-8f387cfb8bc3>
Date: Sat, 29 Mar 2014 17:51:58 +0000
Subject: [PATCH] These indirect variables are annoying the crap out of me. 
 Removing them for now until I've had time to make them actually work.  For
 now, no easily custom names for custom injection files.

---
 etc/ipv4/custom.conf                               | 14 --------------
 .../custom/prerules.sh => ipv4/custom/prerun.sh}   |  0
 etc/ipv6/custom.conf                               | 14 --------------
 etc/ipv6/custom/prerun.sh                          |  6 ++++++
 lib/iptables.inc                                   | 14 +++++++-------
 5 files changed, 13 insertions(+), 35 deletions(-)
 delete mode 100644 etc/ipv4/custom.conf
 rename etc/{ipv6/custom/prerules.sh => ipv4/custom/prerun.sh} (100%)
 delete mode 100644 etc/ipv6/custom.conf
 create mode 100644 etc/ipv6/custom/prerun.sh

diff --git a/etc/ipv4/custom.conf b/etc/ipv4/custom.conf
deleted file mode 100644
index 6993b55..0000000
--- a/etc/ipv4/custom.conf
+++ /dev/null
@@ -1,14 +0,0 @@
-# These are the custom files that can be used to inject rules during loading.  Please don't change them
-# unless you have a good reason.
-# To allow variable propagation/change and some creative changes of rules that I haven't tought of,
-# these files are sourced into the main file during setup of the order of chains.
-
-$V4CUSTPREFIX="${FWPREFIX}/ipv4/"
-
-$v4_Custom_Pre="$V4CUSTPREFIX/prerun.sh"
-$v4_Custom_Trust="$V4CUSTPREFIX/trusted.sh"
-$v4_Custom_EasyBlock="$V4CUSTPREFIX/easyblock.sh"
-$v4_Custom_Filter="$V4CUSTPREFIX/filter.sh"
-$v4_Custom_NAT="$V4CUSTPREFIX/nat.sh"
-$v4_Custom_PortFw="$V4CUSTPREFIX/portfw.sh"
-$v4_Custom_Post="$V4CUSTPREFIX/postrun.sh"
\ No newline at end of file
diff --git a/etc/ipv6/custom/prerules.sh b/etc/ipv4/custom/prerun.sh
similarity index 100%
rename from etc/ipv6/custom/prerules.sh
rename to etc/ipv4/custom/prerun.sh
diff --git a/etc/ipv6/custom.conf b/etc/ipv6/custom.conf
deleted file mode 100644
index 209ab1f..0000000
--- a/etc/ipv6/custom.conf
+++ /dev/null
@@ -1,14 +0,0 @@
-# These are the custom files that can be used to inject rules during loading.  Please don't change them
-# unless you have a good reason.
-# To allow variable propagation/change and some creative changes of rules that I haven't tought of,
-# these files are sourced into the main file during setup of the order of chains.
-
-$V6CUSTPREFIX="${FWPREFIX}/ipv6/"
-
-$v6_Custom_Pre="$V6CUSTPREFIX/prerun.sh"
-$v6_Custom_Trust="$V6CUSTPREFIX/trusted.sh"
-$v6_Custom_EasyBlock="$V6CUSTPREFIX/easyblock.sh"
-$v6_Custom_Filter="$V6CUSTPREFIX/filter.sh"
-$v6_Custom_NAT="$V6CUSTPREFIX/nat.sh"
-$v6_Custom_PortFw="$V6CUSTPREFIX/portfw.sh"
-$v6_Custom_Post="$V6CUSTPREFIX/postrun.sh"
\ No newline at end of file
diff --git a/etc/ipv6/custom/prerun.sh b/etc/ipv6/custom/prerun.sh
new file mode 100644
index 0000000..2f73c36
--- /dev/null
+++ b/etc/ipv6/custom/prerun.sh
@@ -0,0 +1,6 @@
+# This file is sourced by the main srfirewall program to inject
+# custom commands/rules during specific moments of the firewall
+# setup.
+#
+# In particular this file injects/commands rules:
+# Before the main chains are setup.
diff --git a/lib/iptables.inc b/lib/iptables.inc
index b6fd39c..a2825ed 100644
--- a/lib/iptables.inc
+++ b/lib/iptables.inc
@@ -83,23 +83,23 @@ function setup_iptables_chains {
 	
 	# Set up rules - the order matters - we do it separately here
 	# for easy viewing of order
-	if [ -x ${v${IPVER}_Custom_Pre} ]; then . ${v${IPVER}_Custom_Pre}; fi
+	if [ -x ${FWCONFIGDIR}/ipv${IPVER}/custom/prerun.sh ]; then . ${FWCONFIGDIR}/ipv${IPVER}/custom/prerun.sh; fi
 	${VER_IPTABLES} -A INPUT -j ${InPreRules}
 	${VER_IPTABLES} -A OUTPUT -j ${OutPreRules}
-	if [ -x ${v${IPVER}_Custom_Trust} ]; then . ${v${IPVER}_Custom_Trust}; fi
+	if [ -x ${FWCONFIGDIR}/ipv${IPVER}/custom/trusted.sh ]; then . ${FWCONFIGDIR}/ipv${IPVER}/custom/trusted.sh; fi
 	${VER_IPTABLES} -A INPUT -j ${Trusted}
-	if [ -x ${v${IPVER}_Custom_EasyBlock} ]; then . ${v${IPVER}_Custom_EasyBlock}; fi
+	if [ -x ${FWCONFIGDIR}/ipv${IPVER}/custom/easyblock.sh ]; then . ${FWCONFIGDIR}/ipv${IPVER}/custom/easyblock.sh; fi
 	${VER_IPTABLES} -A INPUT -j ${InEasyBlock}
 	${VER_IPTABLES} -A OUTPUT -j ${OutEasyBlock}
-	if [ -x ${v${IPVER}_Custom_Filter} ]; then . ${v${IPVER}_Custom_Filter}; fi
+	if [ -x ${FWCONFIGDIR}/ipv${IPVER}/custom/filter.sh ]; then . ${FWCONFIGDIR}/ipv${IPVER}/custom/filter.sh; fi
 	${VER_IPTABLES} -A INPUT -j ${InFilter}
 	${VER_IPTABLES} -A OUTPUT -j ${OutFilter}
 	${VER_IPTABLES} -A FORWARD -j ${FwdFilter}
-	if [ -x ${v${IPVER}_Custom_NAT} ]; then . ${v${IPVER}_Custom_NAT}; fi
+	if [ -x ${FWCONFIGDIR}/ipv${IPVER}/custom/nat.sh ]; then . ${FWCONFIGDIR}/ipv${IPVER}/custom/nat.sh; fi
 	${VER_IPTABLES} -A POSTROUTING -j ${NAT}
-	if [ -x ${v${IPVER}_Custom_PortFw} ]; then . ${v${IPVER}_Custom_PortFw}; fi
+	if [ -x ${FWCONFIGDIR}/ipv${IPVER}/custom/portfw.sh ]; then . ${FWCONFIGDIR}/ipv${IPVER}/custom/portfw.sh; fi
 	${VER_IPTABLES} -A PREROUTING -j ${PortForward}
-	if [ -x ${v${IPVER}_Custom_Post} ]; then . ${v${IPVER}_Custom_Post}; fi
+	if [ -x ${FWCONFIGDIR}/ipv${IPVER}/custom/postrun.sh ]; then . ${FWCONFIGDIR}/ipv${IPVER}/custom/postrun.sh; fi
 	${VER_IPTABLES} -A INPUT -j ${InPostRules}
 	${VER_IPTABLES} -A OUTPUT -j ${OutPostRules}
 }
\ No newline at end of file