extern/shorewall_code
1
0
Fork 1
mirror of https://gitlab.com/shorewall/code.git synced 2025-06-19 17:28:35 +02:00
Code Issues Packages Projects Releases Wiki Activity

Defer setting up forwarding

Browse Source 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8395 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
This commit is contained in:
teastep 2008-04-06 22:45:32 +00:00
parent 2b3f19fca3
commit 0064bcb5b5
4 changed files with 19 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
Shorewall-perl/Shorewall/Chains.pm
View File

@ -444,9 +444,15 @@ sub add_rule($$;$)
# we only worry about the destination ports. # we only worry about the destination ports.
# #
if ( $expandports && $rule =~ '^(.* --dports\s+)([^ ]+)(.*)$' ) { if ( $expandports && $rule =~ '^(.* --dports\s+)([^ ]+)(.*)$' ) {
#
# Rule has a --dports specification
#
my ($first, $ports, $rest) = ( $1, $2, $3 ); my ($first, $ports, $rest) = ( $1, $2, $3 );
if ( ( $ports =~ tr/:,/:,/ ) > 15 ) { if ( ( $ports =~ tr/:,/:,/ ) > 15 ) {
#
# More than 15 ports specified
#
my @ports = split '([,:])', $ports; my @ports = split '([,:])', $ports;
while ( @ports ) { while ( @ports ) {

7
Shorewall-perl/Shorewall/Compiler.pm
View File

@ -662,12 +662,18 @@ if [ $COMMAND = restore ]; then
else else
if [ $COMMAND = refresh ]; then if [ $COMMAND = refresh ]; then
chainlist_reload chainlist_reload
EOF
setup_forwarding;
emit<<'EOF';
run_refreshed_exit run_refreshed_exit
do_iptables -N shorewall do_iptables -N shorewall
set_state "Started" set_state "Started"
else else
setup_netfilter setup_netfilter
restore_dynamic_rules restore_dynamic_rules
EOF
setup_forwarding;
emit<<'EOF';
run_start_exit run_start_exit
do_iptables -N shorewall do_iptables -N shorewall
set_state "Started" set_state "Started"
@ -827,7 +833,6 @@ sub compiler {
setup_route_filtering; setup_route_filtering;
setup_martian_logging; setup_martian_logging;
setup_source_routing; setup_source_routing;
setup_forwarding;
# #
# Proxy Arp # Proxy Arp
# #

8
Shorewall-perl/Shorewall/Proc.pm
View File

@ -199,11 +199,11 @@ sub setup_source_routing() {
sub setup_forwarding() { sub setup_forwarding() {
if ( $config{IP_FORWARDING} eq 'on' ) { if ( $config{IP_FORWARDING} eq 'on' ) {
emit 'echo 1 > /proc/sys/net/ipv4/ip_forward'; emit ' echo 1 > /proc/sys/net/ipv4/ip_forward';
emit 'progress_message2 IP Forwarding Enabled'; emit ' progress_message2 IP Forwarding Enabled';
} elsif ( $config{IP_FORWARDING} eq 'off' ) { } elsif ( $config{IP_FORWARDING} eq 'off' ) {
emit 'echo 0 > /proc/sys/net/ipv4/ip_forward'; emit ' echo 0 > /proc/sys/net/ipv4/ip_forward';
emit 'progress_message2 IP Forwarding Disabled!'; emit ' progress_message2 IP Forwarding Disabled!';
} }
emit ''; emit '';

5
Shorewall-shell/compiler
View File

@ -690,10 +690,12 @@ setup_forwarding() {
On|on|ON|Yes|yes|YES) On|on|ON|Yes|yes|YES)
save_progress_message "IP Forwarding Enabled" save_progress_message "IP Forwarding Enabled"
save_command "echo 1 > /proc/sys/net/ipv4/ip_forward" save_command "echo 1 > /proc/sys/net/ipv4/ip_forward"
save_command ""
;; ;;
Off|off|OFF|No|no|NO) Off|off|OFF|No|no|NO)
save_progress_message "IP Forwarding Disabled!" save_progress_message "IP Forwarding Disabled!"
save_command "echo 0 > /proc/sys/net/ipv4/ip_forward" save_command "echo 0 > /proc/sys/net/ipv4/ip_forward"
save_command ""
;; ;;
esac esac
} }
@ -4058,8 +4060,6 @@ __EOF__
run_iptables -t nat -A PREROUTING -i $interface -j UPnP run_iptables -t nat -A PREROUTING -i $interface -j UPnP
done done
fi fi
setup_forwarding
} }
# #
@ -5788,6 +5788,7 @@ __EOF__
fi fi
__EOF__ __EOF__
setup_forwarding
save_command "date > \${VARDIR}/restarted" save_command "date > \${VARDIR}/restarted"
append_file start append_file start