extern/shorewall_code
1
0
Fork 1
mirror of https://gitlab.com/shorewall/code.git synced 2024-11-29 19:13:39 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch '4.4.21'

Browse Source
This commit is contained in:
Tom Eastep 2011-07-03 07:23:09 -07:00
commit 029ac610fe
7 changed files with 24 additions and 66 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
Shorewall/Perl/Shorewall/Config.pm
View File

@ -1829,13 +1829,16 @@ sub pop_action_params( $ ) {
} }
sub default_action_params { sub default_action_params {
my $val; my $action = shift;
my ( $val, $i );
for ( my $i = 1; 1; $i++ ) { for ( $i = 1; 1; $i++ ) {
last unless defined ( $val = shift ); last unless defined ( $val = shift );
my $curval = $actparms[$i]; my $curval = $actparms[$i];
$actparms[$i] =$val eq '-' ? '' : $val eq '--' ? '-' : $val unless supplied( $curval ); $actparms[$i] =$val eq '-' ? '' : $val eq '--' ? '-' : $val unless supplied( $curval );
} }
fatal_error "Too Many arguments to action $action" if defined $actparms[$i];
} }
sub get_action_params( $ ) { sub get_action_params( $ ) {

59
Shorewall/Perl/Shorewall/Rules.pm
View File

@ -1148,63 +1148,6 @@ sub map_old_actions( $ ) {
} }
} }
#
# Create and populate the passed AUDIT chain if it doesn't exist. Return chain name
sub ensure_audit_chain( $;$$ ) {
my ( $target, $action, $tgt ) = @_;
push_comment( '' );
my $ref = $filter_table->{$target};
unless ( $ref ) {
$ref = new_chain 'filter', $target;
unless ( $action ) {
$action = $target;
$action =~ s/^A_//;
}
$tgt ||= $action;
if ( $config{FAKE_AUDIT} ) {
add_rule( $ref, '-j AUDIT -m comment --comment "--type ' . lc $action . '"' );
} else {
add_rule $ref, '-j AUDIT --type ' . lc $action;
}
if ( $tgt eq 'REJECT' ) {
add_jump $ref , 'reject', 1;
} else {
add_jump $ref , $tgt, 0;
}
}
pop_comment;
return $target;
}
#
# Return the appropriate target based on whether the second argument is 'audit'
#
sub require_audit($$;$) {
my ($action, $audit, $tgt ) = @_;
return $action unless supplied $audit;
my $target = 'A_' . $action;
fatal_error "Invalid parameter ($audit)" unless $audit eq 'audit';
require_capability 'AUDIT_TARGET', 'audit', 's';
return ensure_audit_chain $target, $action, $tgt;
}
# #
# The following small functions generate rules for the builtin actions of the same name # The following small functions generate rules for the builtin actions of the same name
# #
@ -1496,7 +1439,7 @@ sub process_action( $) {
} }
if ( $target eq 'DEFAULTS' ) { if ( $target eq 'DEFAULTS' ) {
default_action_params( split_list $source, 'defaults' ), next if $format == 2; default_action_params( $action, split_list $source, 'defaults' ), next if $format == 2;
fatal_error 'DEFAULTS only allowed in FORMAT-2 actions'; fatal_error 'DEFAULTS only allowed in FORMAT-2 actions';
} }

4
Shorewall/action.Drop
View File

@ -39,9 +39,7 @@ FORMAT 2
BEGIN PERL BEGIN PERL
use Shorewall::Config; use Shorewall::Config;
my ( $p1, $p2, $p3 , $p4, $p5, $p6 ) = get_action_params( 6 ); my ( $p1, $p2, $p3 , $p4, $p5 ) = get_action_params( 5 );
fatal_error "Too many parameters to Drop" if defined $p6;
if ( defined $p1 ) { if ( defined $p1 ) {
if ( $p1 eq 'audit' ) { if ( $p1 eq 'audit' ) {

4
Shorewall/action.Reject
View File

@ -35,9 +35,7 @@ FORMAT 2
BEGIN PERL BEGIN PERL
use Shorewall::Config; use Shorewall::Config;
my ( $p1, $p2, $p3 , $p4, $p5, $p6 ) = get_action_params( 6 ); my ( $p1, $p2, $p3 , $p4, $p5 ) = get_action_params( 5 );
fatal_error "Too many parameters to Reject" if defined $p6;
if ( defined $p1 ) { if ( defined $p1 ) {
if ( $p1 eq 'audit' ) { if ( $p1 eq 'audit' ) {

8
Shorewall/changelog.txt
View File

@ -4,6 +4,14 @@ Changes in Shorewall 4.4.21 Final
2) Make 'fallback' and 'balance' mutually exclusive. 2) Make 'fallback' and 'balance' mutually exclusive.
3) Generate error if too many parameters to a function with DEFAULT
4) Prepare for more parameterized actions
5) Fix parameter push/pop in process_action()
6) Add comment push/pop in process_action()
Changes in Shorewall 4.4.21 RC 1 Changes in Shorewall 4.4.21 RC 1
1) Fix empty parameter lists in _DEFAULT settings. 1) Fix empty parameter lists in _DEFAULT settings.

4
Shorewall/releasenotes.txt
View File

@ -67,6 +67,10 @@ VI. PROBLEMS CORRECTED AND NEW FEATURES IN PRIOR RELEASES
is the default value for the second parameter and so on. To specify is the default value for the second parameter and so on. To specify
an empty default, use '-'. an empty default, use '-'.
The DEFAULTS directive also determines the maximum number of
parameters that an action may have. If more parameters are passed
than have default values, an error message is issued.
3) Parameterized macros may now specify a default parameter value 3) Parameterized macros may now specify a default parameter value
using the DEFAULT directive. using the DEFAULT directive.

4
docs/Actions.xml
View File

@ -386,6 +386,10 @@ REDIRECT net - tcp 80 - 1.2.3.4</programlisting>
first parameter, <replaceable>def2</replaceable> is the default value first parameter, <replaceable>def2</replaceable> is the default value
for the second parameter and so on. You can specify an empty default for the second parameter and so on. You can specify an empty default
using '-' (e.g. DEFAULTS DROP,-,audit).</para> using '-' (e.g. DEFAULTS DROP,-,audit).</para>
<para>The DEFAULTS directive also determines the maximum number of
parameters that an action may have. If more parameters are passed than
have default values, an error message is issued. </para>
</section> </section>
<section> <section>