Execute dir scripts ready

Makefile

@@ -12,12 +12,15 @@ SYSTEMD_SERVICE_FILE=$(SYSTEMD_INSTALL_DIR)/$(SERVICE_FILE)
 #SysVinit installation dir
 #INSTALL_DIR=/etc/init.d
 
-install: $(INSTALL_DIR)/lfirewall $(FIREWALL_ETC_DIR)/setup $(FIREWALL_ETC_DIR)/execute_dir config $(SYSTEMD_SERVICE_FILE)
+install: config $(INSTALL_DIR)/lfirewall $(FIREWALL_ETC_DIR)/setup $(FIREWALL_ETC_DIR)/execute_dir $(SYSTEMD_SERVICE_FILE) examples
 
 config:
-	$(MKDIR) -p $(FIREWALL_ETC_DIR)
+	$(MKDIR) -p $(FIREWALL_ETC_DIR) $(FIREWALL_ETC_DIR)/post-start-stop.d $(FIREWALL_ETC_DIR)/post-up-down.d
 	@if [ ! -f $(FIREWALL_ETC_DIR)/$(FIREWALL_CONF) ] ; then $(CP) etc/$(FIREWALL_CONF) $(FIREWALL_ETC_DIR)/ ; else echo "The file $(FIREWALL_ETC_DIR)/$(FIREWALL_CONF) already exists" ; fi
 
+examples: $(FIREWALL_ETC_DIR)/post-start-stop.d/post-start-stop.example $(FIREWALL_ETC_DIR)/post-up-down.d/post-up-down-routing.example
+
+
 $(INSTALL_DIR)/lfirewall: scripts/lfirewall
 	$(CP) $< $@
 
@@ -27,4 +30,10 @@ $(FIREWALL_ETC_DIR)/%: scripts/%
 $(SYSTEMD_SERVICE_FILE): systemd/$(SERVICE_FILE)
 	$(CP) $< $@
 
-.PHONY: config install
+$(FIREWALL_ETC_DIR)/post-start-stop.d/post-start-stop.example: etc/post-start-stop.example
+	$(CP) $< $@
+	
+$(FIREWALL_ETC_DIR)/post-up-down.d/post-up-down-routing.example: etc/post-up-down-routing.example
+	$(CP) $< $@
+
+.PHONY: config install examples

scripts/execute_dir

@@ -6,3 +6,75 @@ then
     . ${CONFIGURATION_DIR}/setup
 
 fi
+
+options=$(getopt -l "firewall-action,verbose" -o "fv" -- "$@")
+if [ $? != 0 ] ; then
+	echo "Error while checking options ($0)">&2
+	exit 1
+fi
+eval set -- "$options"
+set -eu
+
+firewall_action=no
+verbose=0
+
+while :
+do
+	if [ ${verbose} = "1" ] ; then
+		echo "$@"
+	fi
+
+	case "$1" in
+		-f|--firewall-action)
+			firewall_action=yes
+			;;
+		-v|--verbose)
+			verbose=$(( verbose + 1 ))
+			if [ ${verbose} -gt 1 ] ; then
+				set -x
+			fi
+			if [ ${verbose} -gt 2 ] ; then
+				set -v
+			fi
+			;;
+		--)
+			shift
+			break
+			;;
+	esac
+	shift
+done
+do_action=${1:-}
+script_dir=${2:-}
+
+if [ -z "${do_action}" ] ; then
+    echo "ERROR: missing action" > &2
+    exit 2
+fi
+if [ -z "${script_dir}" ] ; then
+    echo "ERROR: missing script directory" > &2
+    exit 2
+fi
+
+if [ ${do_action} = "do_delete" && ${firewall_action} = "yes" ]
+then
+    # We do nothing in that specific case
+    # (post-up-down)
+    # just leave the script
+    # because we let post-down directive
+    # from /etc/network/interfaces
+    # do the job
+    exit
+fi
+
+cd ${script_dir}
+for script_file in $(ls)
+do
+    if [ -x ${scritp_file} ]
+    then
+        # If file is executable
+        ./${scritp_file} ${do_action}
+    fi
+done
+
+cd -

scripts/lfirewall

@@ -344,6 +344,9 @@ fw_execute () {
 	#**************************************************************************#
 	fw_blacklist $do_action
 
+	fw_execute_post_up_down $do_action
+	fw_execute_post_start_stop $do_action
+
 	#**************************************************************************#
 	# whitelist action
 	#**************************************************************************#
@@ -351,6 +354,24 @@ fw_execute () {
 }
 
 
+fw_execute_post_up_down(){
+	local do_action
+	do_action=$1
+	set +eu
+	${CONFIGURATION_DIR}/execute_dir -f ${do_action} ${POST_UP_DOWN_SCRIPTS_DIR}
+	set -eu
+}
+
+
+fw_execute_post_start_stop(){
+	local do_action
+	do_action=$1
+	set +eu
+	${CONFIGURATION_DIR}/execute_dir ${do_action} ${POST_UP_DOWN_SCRIPTS_DIR}
+	set -eu
+}
+
+
 warn_user_missing_ban_list() {
 	local ban_list_name
 	ban_list_name=$1

scripts/setup

@@ -58,7 +58,8 @@ CONFIGURATION_FILE=${CONFIGURATION_DIR}/lfirewall.conf
 CONFIGURATION_LOCAL_FILE=${CONFIGURATION_DIR}/lfirewall.conf.local
 USER_RULES_IPTABLES=${CONFIGURATION_DIR}/iptables-user.v4
 USER_RULES_IPTABLES_6=${CONFIGURATION_DIR}/iptables-user.v6
-
+POST_UP_DOWN_SCRIPTS_DIR==${CONFIGURATION_DIR}/post-up-down.d
+POST_START_STOP_SCRIPTS_DIR==${CONFIGURATION_DIR}/post-up-down.d