extern/shorewall_code
1
0
Fork 1
mirror of https://gitlab.com/shorewall/code.git synced 2025-06-01 23:45:53 +02:00
Code Issues Packages Projects Releases Wiki Activity

Create add_expanded_ijump() that breaks long lines

Browse Source 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
This commit is contained in:
Tom Eastep 2013-07-03 15:13:48 -07:00
parent b735b93378
commit 03885f71d3
1 changed files with 102 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

105
Shorewall/Perl/Shorewall/Chains.pm
View File

@ -1467,7 +1467,7 @@ sub create_irule( $$$;@ ) {
$chainref->{optflags} |= push_matches( $ruleref, @matches ); $chainref->{optflags} |= push_matches( $ruleref, @matches );
} }
push_irule( $chainref, $ruleref ); $ruleref;
} }
# #
@ -1490,6 +1490,62 @@ sub clone_irule( $ ) {
$newruleref; $newruleref;
} }
sub handle_port_ilist( $$$ );
sub handle_port_ilist( $$$ ) {
my ($chainref, $ruleref, $dport) = @_;
our $splitcount;
my $ports = $ruleref->{$dport ? 'dports' : 'sports'};
if ( $ports && port_count( $ports ) > 15 ) {
#
# More than 15 ports specified
#
my @ports = split '([,:])', $ports;
while ( @ports ) {
my $count = 0;
my $newports = '';
while ( @ports && $count < 15 ) {
my ($port, $separator) = ( shift @ports, shift @ports );
$separator ||= '';
if ( ++$count == 15 ) {
if ( $separator eq ':' ) {
unshift @ports, $port, ':';
chop $newports;
last;
} else {
$newports .= $port;
}
} else {
$newports .= "${port}${separator}";
}
}
my $newruleref = clone_irule( $ruleref );
$newruleref->{$dport} = $newports;
if ( $dport ) {
handle_port_ilist( $chainref, $newruleref, 0 );
} else {
push_irule( $chainref, $newruleref );
$splitcount++;
}
}
} elsif ( $dport ) {
handle_port_ilist( $chainref, $ruleref, 0 );
} else {
push_irule ( $chainref, $ruleref );
$splitcount++;
}
}
# #
# Compare two rule hash values. If a value is a reference, then it will be an array reference # Compare two rule hash values. If a value is a reference, then it will be an array reference
# #
@ -1511,7 +1567,7 @@ sub compare_values( $$ ) {
sub add_irule( $;@ ) { sub add_irule( $;@ ) {
my ( $chainref, @matches ) = @_; my ( $chainref, @matches ) = @_;
create_irule( $chainref, '' => '', @matches ); push_irule( $chainref, create_irule( $chainref, '' => '', @matches ) );
} }
@ -2327,7 +2383,50 @@ sub add_ijump( $$$;@ ) {
$fromref->{complete} = 1 if $jump eq 'g' || $terminating{$to}; $fromref->{complete} = 1 if $jump eq 'g' || $terminating{$to};
} }
$ruleref; push_irule( $fromref, $ruleref );
}
sub add_expanded_ijump( $$$;@ ) {
my ( $fromref, $jump, $to, @matches ) = @_;
return $dummyrule if $fromref->{complete};
our $splitcount = 0;
my $toref;
my $ruleref;
#
# The second argument may be a scalar (chain name or builtin target) or a chain reference
#
if ( reftype $to ) {
$toref = $to;
$to = $toref->{name};
} else {
#
# Ensure that we have the chain unless it is a builtin like 'ACCEPT'
#
my ( $target ) = split ' ', $to;
$toref = $chain_table{$fromref->{table}}{$target};
fatal_error "Unknown rule target ($to)" unless $toref || $builtin_target{$target};
}
#
# If the destination is a chain, mark it referenced
#
if ( $toref ) {
$toref->{referenced} = 1;
add_reference $fromref, $toref;
$jump = 'j' unless have_capability 'GOTO_TARGET';
$ruleref = create_irule ($fromref, $jump => $to, @matches );
} else {
$ruleref = create_irule( $fromref, 'j' => $to, @matches );
}
if ( $ruleref->{simple} ) {
$fromref->{complete} = 1 if $jump eq 'g' || $terminating{$to};
}
handle_port_ilist( $fromref, $ruleref, 1 );
} }
sub insert_ijump( $$$$;@ ) { sub insert_ijump( $$$$;@ ) {