firewall: Move scripts from /var/ipfire/firewall/bin to /usr/lib/firewall.

config/firewall/rules.pl

@@ -45,7 +45,7 @@ my @DPROT=();
 my @p2ps=();
 require '/var/ipfire/general-functions.pl';
 require "${General::swroot}/lang.pl";
-require "${General::swroot}/firewall/bin/firewall-lib.pl";
+require "/usr/lib/firewall/firewall-lib.pl";
 
 my $configfwdfw		= "${General::swroot}/firewall/config";
 my $configinput	    = "${General::swroot}/firewall/input";

config/rootfiles/common/configroot

@@ -50,9 +50,6 @@ var/ipfire/extrahd
 #var/ipfire/extrahd/scan
 #var/ipfire/extrahd/settings
 var/ipfire/firewall
-#var/ipfire/firewall/bin
-#var/ipfire/firewall/bin/firewall-lib.pl
-#var/ipfire/firewall/bin/rules.pl
 #var/ipfire/firewall/config
 #var/ipfire/firewall/dmz
 #var/ipfire/firewall/input

config/rootfiles/common/stage2

@@ -66,6 +66,9 @@ root/ipfire
 #usr/bin/perl
 #usr/include
 #usr/lib
+usr/lib/firewall
+usr/lib/firewall/firewall-lib.pl
+usr/lib/firewall/rules.pl
 #usr/lib/libgcc_s.so
 usr/lib/libgcc_s.so.1
 #usr/lib/libstdc++.la

lfs/configroot

@@ -51,7 +51,7 @@ $(TARGET) :
 
 	# Create all directories
 	for i in addon-lang auth backup ca certs connscheduler crls ddns dhcp dhcpc dns dnsforward \
-			ethernet extrahd/bin fwlogs fwhosts firewall firewall/bin isdn key langs logging mac main \
+			ethernet extrahd/bin fwlogs fwhosts firewall isdn key langs logging mac main \
 			menu.d modem net-traffic net-traffic/templates nfs optionsfw \
 			ovpn patches pakfire portfw ppp private proxy/advanced/cre \
 			proxy/calamaris/bin qos/bin red remote sensors snort time tripwire/report \
@@ -99,13 +99,11 @@ $(TARGET) :
 	cp $(DIR_SRC)/config/cfgroot/useragents			$(CONFIG_ROOT)/proxy/advanced
 	cp $(DIR_SRC)/config/cfgroot/ethernet-vlans		$(CONFIG_ROOT)/ethernet/vlans
 	cp $(DIR_SRC)/langs/list						$(CONFIG_ROOT)/langs/
-	cp $(DIR_SRC)/config/firewall/rules.pl			$(CONFIG_ROOT)/firewall/bin/rules.pl
 	cp $(DIR_SRC)/config/firewall/convert-xtaccess	/usr/sbin/convert-xtaccess
 	cp $(DIR_SRC)/config/firewall/convert-outgoingfw	/usr/sbin/convert-outgoingfw
 	cp $(DIR_SRC)/config/firewall/convert-dmz	/usr/sbin/convert-dmz
 	cp $(DIR_SRC)/config/firewall/convert-portfw	/usr/sbin/convert-portfw
 	cp $(DIR_SRC)/config/firewall/p2protocols		$(CONFIG_ROOT)/firewall/p2protocols
-	cp $(DIR_SRC)/config/firewall/firewall-lib.pl	$(CONFIG_ROOT)/firewall/bin/firewall-lib.pl
 	cp $(DIR_SRC)/config/firewall/firewall-policy	/usr/sbin/firewall-policy
 	cp $(DIR_SRC)/config/fwhosts/icmp-types			$(CONFIG_ROOT)/fwhosts/icmp-types
 	cp $(DIR_SRC)/config/fwhosts/customservices		$(CONFIG_ROOT)/fwhosts/customservices
@@ -132,13 +130,10 @@ $(TARGET) :
 	echo  "DROPWIRELESSFORWARD=on"	>> $(CONFIG_ROOT)/optionsfw/settings
 	echo  "POLICY=MODE2"		>> $(CONFIG_ROOT)/firewall/settings
 	echo  "POLICY1=MODE2"		>> $(CONFIG_ROOT)/firewall/settings
-	
-	# set rules.pl executable
-	chmod 755 $(CONFIG_ROOT)/firewall/bin/rules.pl
-		
+
 	# set converters executable
 	chmod 755 /usr/sbin/convert-*
-	
+
 	# Modify variables in header.pl
 	sed -i -e "s+CONFIG_ROOT+$(CONFIG_ROOT)+g" \
 	    -e "s+VERSION+$(VERSION)+g" \

lfs/stage2

@@ -101,6 +101,13 @@ $(TARGET) :
 	# Move script to correct place.
 	mv -vf /usr/local/bin/ovpn-ccd-convert /usr/sbin/
 
+	# Install firewall scripts.
+	mkdir -pv /usr/lib/firewall
+	install -m 755 $(DIR_SRC)/config/firewall/rules.pl \
+		/usr/lib/firewall/rules.pl
+	install -m 644 $(DIR_SRC)/config/firewall/firewall-lib.pl \
+		/usr/lib/firewall/firewall-lib.pl
+
 	# Nobody user
 	-mkdir -p /home/nobody
 	chown -R nobody:nobody /home/nobody

src/misc-progs/firewallctrl.c

@@ -13,7 +13,7 @@ int main(int argc, char *argv[]) {
 	if (!(initsetuid()))
 		exit(1);
 
-	int retval = safe_system("/var/ipfire/firewall/bin/rules.pl");
+	int retval = safe_system("/usr/lib/firewall/rules.pl");
 
 	/* If rules.pl has been successfully executed, the indicator
 	 * file is removed. */