Add PERL= option to shorewall.conf and shorewall6.conf

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2024-11-25 09:03:30 +01:00 · 2010-07-05 13:11:52 -07:00 · 2010-07-05 13:11:52 -07:00 · 02fab09a14
commit 02fab09a14
parent 4547067da9
15 changed files with 119 additions and 42 deletions
--- a/Samples/one-interface/shorewall.conf
+++ b/Samples/one-interface/shorewall.conf
@ -70,6 +70,8 @@ TC=

 IPSET=

+PERL=/usr/bin/perl
+
 PATH=/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/bin:/usr/local/sbin

 SHOREWALL_SHELL=/bin/sh
--- a/Samples/three-interfaces/shorewall.conf
+++ b/Samples/three-interfaces/shorewall.conf
@ -70,6 +70,8 @@ TC=

 IPSET=

+PERL=/usr/bin/perl
+
 PATH=/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/bin:/usr/local/sbin

 SHOREWALL_SHELL=/bin/sh
--- a/Samples/two-interfaces/shorewall.conf
+++ b/Samples/two-interfaces/shorewall.conf
@ -77,6 +77,8 @@ TC=

 IPSET=

+PERL=/usr/bin/perl
+
 PATH=/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/bin:/usr/local/sbin

 SHOREWALL_SHELL=/bin/sh
--- a/Samples6/one-interface/shorewall6.conf
+++ b/Samples6/one-interface/shorewall6.conf
@ -58,6 +58,8 @@ SMURF_LOG_LEVEL=info

 IP6TABLES=

+PERL=/usr/bin/perl
+
 PATH=/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/bin:/usr/local/sbin

 SHOREWALL_SHELL=/bin/sh
--- a/Samples6/three-interfaces/shorewall6.conf
+++ b/Samples6/three-interfaces/shorewall6.conf
@ -58,6 +58,8 @@ SMURF_LOG_LEVEL=info

 IP6TABLES=

+PERL=/usr/bin/perl
+
 PATH=/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/bin:/usr/local/sbin

 SHOREWALL_SHELL=/bin/sh
--- a/Samples6/two-interfaces/shorewall6.conf
+++ b/Samples6/two-interfaces/shorewall6.conf
@ -58,6 +58,8 @@ SMURF_LOG_LEVEL=info

 IP6TABLES=

+PERL=/usr/bin/perl
+
 PATH=/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/bin:/usr/local/sbin

 SHOREWALL_SHELL=/bin/sh
--- a/Shorewall/Perl/Shorewall/Config.pm
+++ b/Shorewall/Perl/Shorewall/Config.pm
@ -380,6 +380,7 @@ sub initialize( $ ) {
 	      IP => undef,
 	      TC => undef,
 	      IPSET => undef,
+	      PERL => undef,
 	      #
 	      #PATH is inherited
 	      #
@ -1769,7 +1770,9 @@ sub embedded_perl( $ ) {
 #   - Handle INCLUDE <filename>
 #

-sub read_a_line() {
+sub read_a_line(;$) {
+    my $embedded_enabled = defined $_[0] ? shift : 1;
+
    while ( $currentfile ) {

 	$currentline = '';
@ -1815,11 +1818,18 @@ sub read_a_line() {
 	    #
 	    # Must check for shell/perl before doing variable expansion
 	    #
+	    if ( $embedded_enabled ) {
 		if ( $currentline =~ s/^\s*(BEGIN\s+)?SHELL\s*;?// ) {
 		    embedded_shell( $1 );
-	    } elsif ( $currentline =~ s/^\s*(BEGIN\s+)?PERL\s*\;?// ) {
+		    next;
+		}
+
+		if ( $currentline =~ s/^\s*(BEGIN\s+)?PERL\s*\;?// ) {
 		    embedded_perl( $1 );
-	    } else {
+		    next;
+		}
+	    } 
+
 	    my $count = 0;
 	    #
 	    # Expand Shell Variables using %ENV
@ -1863,7 +1873,6 @@ sub read_a_line() {
 		return 1;
 	    }
 	}
-	}

 	close_file;
    }
@ -2679,7 +2688,7 @@ sub process_shorewall_conf() {

 	    first_entry "Processing $file...";

-	    while ( read_a_line ) {
+	    while ( read_a_line(0) ) {
 		if ( $currentline =~ /^\s*([a-zA-Z]\w*)=(.*?)\s*$/ ) {
 		    my ($var, $val) = ($1, $2);
 		    unless ( exists $config{$var} ) {
--- a/Shorewall/changelog.txt
+++ b/Shorewall/changelog.txt
@ -22,6 +22,8 @@ Changes in Shorewall 4.4.11

 10) Avoid missing closing quote when REQUIRE_INTERFACE=Yes.

+11) Add PERL option.
+
 Changes in Shorewall 4.4.10

 1)  Fix regression with scripts.
--- a/Shorewall/configfiles/shorewall.conf
+++ b/Shorewall/configfiles/shorewall.conf
@ -59,6 +59,8 @@ TC=

 IPSET=

+PERL=/usr/bin/perl
+
 PATH=/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/bin:/usr/local/sbin

 SHOREWALL_SHELL=/bin/sh
--- a/Shorewall/releasenotes.txt
+++ b/Shorewall/releasenotes.txt
@ -310,6 +310,12 @@ None.
    specifying a SOURCE network (DNAT rule) or DEST network (SNAT rule)
    associated with the interface.

+4)  To accomodate systems with more than one version of Perl installed,
+    the shorewall.conf and shorewall6.conf files now support a PERL
+    option. If the program specified by that option does not exist or
+    is not executable, Shorewall (and Shorewall6) fall back to
+    /usr/bin/perl.
+
 ----------------------------------------------------------------------------
 V I.  P R O B L E M S  C O R R E C T E D  A N D  N E W   F E A T U R E S
      I N   P R I O R  R E L E A S E S
--- a/Shorewall/shorewall
+++ b/Shorewall/shorewall
@ -360,7 +360,16 @@ compiler() {
    run_user_exit params
    set +a

-    /usr/bin/perl $debugflags /usr/share/shorewall/compiler.pl $options $@
+    if [ -n "$PERL" ]; then
+	if [ ! -x "$PERL" ]; then
+	    echo "   WARNING: The program specified in the PERL option does not exist or is not executable; falling back to /usr/bin/perl" >&2
+	    PERL=/usr/bin/perl
+	fi
+    else
+	PERL=/usr/bin/perl
+    fi
+
+    $PERL $debugflags /usr/share/shorewall/compiler.pl $options $@
 }

 #
--- a/Shorewall6/shorewall6
+++ b/Shorewall6/shorewall6
@ -299,7 +299,16 @@ compiler() {
 	set +a
    fi

-    $command perl $debugflags $pc $options $@
+    if [ -n "$PERL" ]; then
+	if [ ! -x "$PERL" ]; then
+	    echo "   WARNING: The program specified in PERL does not exist or is not executable; falling back to /usr/bin/perl" >&2
+	    PERL=/usr/bin/perl
+	fi
+    else
+	PERL=/usr/bin/perl
+    fi
+
+    $command $PERL $debugflags $pc $options $@
 }    

 #
--- a/Shorewall6/shorewall6.conf
+++ b/Shorewall6/shorewall6.conf
@ -56,6 +56,8 @@ TC=

 IPSET=

+PERL=/usr/bin/perl
+
 PATH=/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/bin:/usr/local/sbin

 SHOREWALL_SHELL=/bin/sh
--- a/manpages/shorewall.conf.xml
+++ b/manpages/shorewall.conf.xml
@ -1320,6 +1320,19 @@ net     all  DROP   info</programlisting>then the chain name is 'net2all'
        </listitem>
      </varlistentry>

+      <varlistentry>
+        <term><emphasis
+        role="bold">PERL=</emphasis><emphasis>pathname</emphasis></term>
+
+        <listitem>
+          <para>Added in Shorewall 4.4.11 RC1. Specifies the path name of the
+          Perl executable. Default is <filename>/usr/bin/perl</filename>. If
+          the pathname specified by this option does not exist or the named
+          file is not executable, then Shorewall falls back to
+          <filename>/usr/bin/perl/</filename></para>
+        </listitem>
+      </varlistentry>
+
      <varlistentry>
        <term><emphasis role="bold">PKTTYPE=</emphasis>{<emphasis
        role="bold">Yes</emphasis>|<emphasis role="bold">No</emphasis>}</term>
--- a/manpages6/shorewall6.conf.xml
+++ b/manpages6/shorewall6.conf.xml
@ -1100,6 +1100,19 @@ net     all  DROP   info</programlisting>then the chain name is 'net2all'
        </listitem>
      </varlistentry>

+      <varlistentry>
+        <term><emphasis
+        role="bold">PERL=</emphasis><emphasis>pathname</emphasis></term>
+
+        <listitem>
+          <para>Added in Shorewall 4.4.11 RC1. Specifies the path name of the
+          Perl executable. Default is <filename>/usr/bin/perl</filename>. If
+          the pathname specified by this option does not exist or the named
+          file is not executable, then Shorewall6 falls back to
+          <filename>/usr/bin/perl/</filename></para>
+        </listitem>
+      </varlistentry>
+
      <varlistentry>
        <term><emphasis
        role="bold">RCP_COMMAND="</emphasis><replaceable>command</replaceable><emphasis