postinst is in ufw 0.31.1-1.
This file is a maintainer script. It is executed when installing (*inst) or removing (*rm) the package.
The actual contents of the file can be viewed below.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 | #!/bin/sh -e
# Only source /usr/share/debconf/confmodule when not called with 'triggered'
# to avoid LP: #618410.
if [ "$1" != "triggered" ]; then
. /usr/share/debconf/confmodule
fi
RULES_PATH="/etc/ufw"
USER_PATH="/lib/ufw"
TEMPLATE_PATH="/usr/share/ufw"
enable_ufw() {
ans=""
if [ "$1" = "true" ]; then
ans="yes"
elif [ "$1" = "false" ]; then
ans="no"
else
return 1
fi
test -f /etc/ufw/ufw.conf && sed -i "s/^ENABLED=.*/ENABLED=$ans/" /etc/ufw/ufw.conf
}
allow_port() {
ufw allow "$@" >/dev/null || true
}
allow_service() {
service=`echo "$@" | sed 's/#/ /g'`
if [ "$service" = "CUPS" ]; then
allow_port 631
elif [ "$service" = "DNS" ]; then
allow_port 53
elif [ "$service" = "IMAPS" ]; then
allow_port 993/tcp
elif [ "$service" = "POP3S" ]; then
allow_port 995/tcp
elif [ "$service" = "SSH" ]; then
allow_port 22/tcp
elif [ "$service" = "CIFS (Samba)" ]; then
allow_port 137/udp
allow_port 138/udp
allow_port 139/tcp
allow_port 445/tcp
elif [ "$service" = "SMTP" ]; then
allow_port 25/tcp
elif [ "$service" = "HTTP" ]; then
allow_port 80/tcp
elif [ "$service" = "HTTPS" ]; then
allow_port 443/tcp
fi
}
case "$1" in
configure)
# these files are required, but don't want to change them if
# the user modified them
for f in before.rules before6.rules after.rules after6.rules
do
ucf --debconf-ok $TEMPLATE_PATH/$f $RULES_PATH/$f
test -f $RULES_PATH/$f && chmod 640 $RULES_PATH/$f
done
for f in user.rules user6.rules
do
if [ ! -e "$USER_PATH/$f" ]; then
# if no config, copy the template
cp $TEMPLATE_PATH/$f $USER_PATH/$f
chmod 640 $USER_PATH/$f
fi
done
if [ ! -e "/etc/ufw/ufw.conf" ]; then
cp $TEMPLATE_PATH/ufw.conf /etc/ufw
fi
# configure ufw with debconf values
db_get ufw/enable
enabled="$RET"
db_fget ufw/existing_configuration seen
seen_warning="$RET"
if [ "$enabled" = "true" ] && [ "$seen_warning" = "false" ] ; then
db_get ufw/allow_known_ports
CHOICES="$RET"
for service in `echo "$CHOICES" | sed 's/, /\n/g' | sed 's/ /#/g'`; do
allow_service "$service"
done
db_get ufw/allow_custom_ports
PORTS="$RET"
for port in $PORTS ; do
allow_port "$port"
done
db_fset ufw/existing_configuration seen true
fi
# need to do this after all 'allow_service' calls, otherwise ufw may
# try to use iptables, which breaks the installer
enable_ufw "$enabled"
# reload the firewall for IPv6 enabled by default
if [ "$enabled" = "true" ] && [ ! -z "$2" ] && dpkg --compare-versions "$2" lt "0.30.1-2" ; then
/lib/ufw/ufw-init stop || true
/lib/ufw/ufw-init start || true
fi
;;
triggered)
ufw app update all || echo "Processing ufw triggers failed. Ignoring."
exit 0
;;
abort-upgrade|abort-remove|abort-deconfigure)
;;
*)
echo "postinst called with unknown argument '$1'" >&2
exit 1
;;
esac
# Automatically added by dh_installinit
update-rc.d -f ufw remove >/dev/null || exit $?
# End automatically added section
# Automatically added by dh_python2:
if which pycompile >/dev/null 2>&1; then
pycompile -p ufw
fi
# End automatically added section
|