extern/shorewall_code
1
0
Fork 1
mirror of https://gitlab.com/shorewall/code.git synced 2024-11-23 16:13:18 +01:00
Code Issues Packages Projects Releases Wiki Activity

Avoid double globals initialization for IPv6

Browse Source
This commit is contained in:
Tom Eastep 2009-08-16 09:24:51 -07:00
parent cbc9fa6e4c
commit 0557148bec
14 changed files with 85 additions and 141 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
Shorewall/Perl/Shorewall/Accounting.pm
View File

@ -38,24 +38,13 @@ our @EXPORT_OK = qw( );
our $VERSION = '4.3_7';
#
# Initialize globals -- we take this novel approach to globals initialization to allow
# the compiler to run multiple times in the same process. The
# initialize() function does globals initialization for this
# module and is called from an INIT block below. The function is
# also called by Shorewall::Compiler::compiler at the beginning of
# the second and subsequent calls to that function or when compiling
# for IPv6.
# Called by the compiler
#
sub initialize() {
our $jumpchainref;
$jumpchainref = undef;
}
INIT {
initialize;
}
#
# Accounting
#

20
Shorewall/Perl/Shorewall/Actions.pm
View File

@ -91,15 +91,15 @@ our $family;
our $macro_commands = { COMMENT => 0, FORMAT => 2 };
#
# Initialize globals -- we take this novel approach to globals initialization to allow
# the compiler to run multiple times in the same process. The
# initialize() function does globals initialization for this
# module and is called from an INIT block below. The function is
# also called by Shorewall::Compiler::compiler at the beginning of
# the second and subsequent calls to that function or when compiling
# for IPv6.
# Rather than initializing globals in an INIT block or during declaration,
# we initialize them in a function. This is done for two reasons:
#
# 1. Proper initialization usually depends on the address family which isn't
# known until the compiler has started.
#
# 2. The compiler can run multiple times in the same process so it has to be
# able to re-initialize all of its dependent modules.
#
sub initialize( $ ) {
$family = shift;
@ -113,10 +113,6 @@ sub initialize( $ ) {
%macros = ();
}
INIT {
initialize( F_IPV4 );
}
#
# This function determines the logging for a subordinate action or a rule within a superior action
#

22
Shorewall/Perl/Shorewall/Chains.pm
View File

@ -111,7 +111,6 @@ our %EXPORT_TAGS = (
new_builtin_chain
new_nat_chain
ensure_filter_chain
initialize_chain_table
finish_section
setup_zone_mss
newexclusionchain
@ -297,16 +296,17 @@ our %builtin_target = ( ACCEPT => 1,
NFQUEUE => 1,
REDIRECT => 1 );
sub initialize_chain_table();
#
# Initialize globals -- we take this novel approach to globals initialization to allow
# the compiler to run multiple times in the same process. The
# initialize() function does globals initialization for this
# module and is called from an INIT block below. The function is
# also called by Shorewall::Compiler::compiler at the beginning of
# the second and subsequent calls to that function or when compiling
# for IPv6.
# Rather than initializing globals in an INIT block or during declaration,
# we initialize them in a function. This is done for two reasons:
#
# 1. Proper initialization usually depends on the address family which isn't
# known until the compiler has started.
#
# 2. The compiler can run multiple times in the same process so it has to be
# able to re-initialize all of its dependent modules.
#
sub initialize( $ ) {
$family = shift;
@ -357,10 +357,8 @@ sub initialize( $ ) {
$global_variables = 0;
$idiotcount = 0;
}
initialize_chain_table;
INIT {
initialize( F_IPV4 );
}
#

14
Shorewall/Perl/Shorewall/Compiler.pm
View File

@ -49,14 +49,12 @@ our $export;
our $test;
our $reused = 0;
our $family = F_IPV4;
#
# Reinitilize the package-globals in the other modules
# Initilize the package-globals in the other modules
#
sub reinitialize() {
sub initialize_package_globals() {
Shorewall::Config::initialize($family);
Shorewall::Chains::initialize ($family);
Shorewall::Zones::initialize ($family);
@ -572,7 +570,10 @@ sub compiler {
${$ref->{store}} = $val;
}
reinitialize if $reused++ || $family == F_IPV6;
#
# Now that we know the address family that we are dealing with (IPv4/IPv6), we can initialize the other modules' globals
#
initialize_package_globals;
if ( $directory ne '' ) {
fatal_error "$directory is not an existing directory" unless -d $directory;
@ -597,8 +598,6 @@ sub compiler {
set_command( 'check', 'Checking', 'Checked' ) unless $objectfile;
initialize_chain_table;
unless ( $command eq 'check' ) {
create_temp_object( $objectfile , $export );
}
@ -804,7 +803,6 @@ sub compiler {
# for stopping the firewall
#
Shorewall::Chains::initialize( $family );
initialize_chain_table;
compile_stop_firewall( $test );
#
# Copy the footer to the object

16
Shorewall/Perl/Shorewall/Config.pm
View File

@ -285,13 +285,14 @@ use constant { MIN_VERBOSITY => -1,
our %validlevels; # Valid log levels.
#
# Initialize globals -- we take this novel approach to globals initialization to allow
# the compiler to run multiple times in the same process. The
# initialize() function does globals initialization for this
# module and is called from an INIT block below. The function is
# also called by Shorewall::Compiler::compiler at the beginning of
# the second and subsequent calls to that function and when compiling
# for IPv6.
# Rather than initializing globals in an INIT block or during declaration,
# we initialize them in a function. This is done for two reasons:
#
# 1. Proper initialization usually depends on the address family which isn't
# known until the compiler has started.
#
# 2. The compiler can run multiple times in the same process so it has to be
# able to re-initialize all of its dependent modules.
#
sub initialize( $ ) {
$family = shift;
@ -642,7 +643,6 @@ sub initialize( $ ) {
}
INIT {
initialize( F_IPV4 );
#
# These variables appear within single quotes in shorewall.conf -- add them to ENV
# so that read_a_line doesn't have to be smart enough to parse that usage.

19
Shorewall/Perl/Shorewall/IPAddrs.pm
View File

@ -102,22 +102,19 @@ use constant { ALLIPv4 => '0.0.0.0/0' ,
our @rfc1918_networks = ( "10.0.0.0/8", "172.16.0.0/12", "192.168.0.0/16" );
#
# Initialize globals -- we take this novel approach to globals initialization to allow
# the compiler to run multiple times in the same process. The
# initialize() function does globals initialization for this
# module and is called from an INIT block below. The function is
# also called by Shorewall::Compiler::compiler at the beginning of
# the second and subsequent calls to that function.
# Rather than initializing globals in an INIT block or during declaration,
# we initialize them in a function. This is done for two reasons:
#
# 1. Proper initialization usually depends on the address family which isn't
# known until the compiler has started.
#
# 2. The compiler can run multiple times in the same process so it has to be
# able to re-initialize all of its dependent modules.
#
sub initialize( $ ) {
$family = shift;
}
INIT {
initialize( F_IPV4 );
}
sub vlsm_to_mask( $ ) {
my $vlsm = $_[0];

12
Shorewall/Perl/Shorewall/Nat.pm
View File

@ -42,23 +42,13 @@ our @addresses_to_add;
our %addresses_to_add;
#
# Initialize globals -- we take this novel approach to globals initialization to allow
# the compiler to run multiple times in the same process. The
# initialize() function does globals initialization for this
# module and is called from an INIT block below. The function is
# also called by Shorewall::Compiler::compiler at the beginning of
# the second and subsequent calls to that function.
# Called by the compiler
#
sub initialize() {
@addresses_to_add = ();
%addresses_to_add = ();
}
INIT {
initialize;
}
#
# Handle IPSEC Options in a masq record
#

12
Shorewall/Perl/Shorewall/Policy.pm
View File

@ -41,22 +41,12 @@ our $VERSION = '4.3_7';
our @policy_chains;
#
# Initialize globals -- we take this novel approach to globals initialization to allow
# the compiler to run multiple times in the same process. The
# initialize() function does globals initialization for this
# module and is called from an INIT block below. The function is
# also called by Shorewall::Compiler::compiler at the beginning of
# the second and subsequent calls to that function.
# Called by the compiler
#
sub initialize() {
@policy_chains = ();
}
INIT {
initialize;
}
#
# Convert a chain into a policy chain.
#

19
Shorewall/Perl/Shorewall/Providers.pm
View File

@ -62,14 +62,15 @@ our $family;
use constant { ROUTEMARKED_SHARED => 1, ROUTEMARKED_UNSHARED => 2 };
#
# Initialize globals -- we take this novel approach to globals initialization to allow
# the compiler to run multiple times in the same process. The
# initialize() function does globals initialization for this
# module and is called from an INIT block below. The function is
# also called by Shorewall::Compiler::compiler at the beginning of
# the second and subsequent calls to that function.
# Rather than initializing globals in an INIT block or during declaration,
# we initialize them in a function. This is done for two reasons:
#
# 1. Proper initialization usually depends on the address family which isn't
# known until the compiler has started.
#
# 2. The compiler can run multiple times in the same process so it has to be
# able to re-initialize all of its dependent modules.
#
sub initialize( $ ) {
$family = shift;
@ -89,10 +90,6 @@ sub initialize( $ ) {
@providers = ();
}
INIT {
initialize( F_IPV4 );
}
#
# Set up marking for 'tracked' interfaces.
#

19
Shorewall/Perl/Shorewall/Proxyarp.pm
View File

@ -42,23 +42,20 @@ our @proxyarp;
our $family;
#
# Initialize globals -- we take this novel approach to globals initialization to allow
# the compiler to run multiple times in the same process. The
# initialize() function does globals initialization for this
# module and is called from an INIT block below. The function is
# also called by Shorewall::Compiler::compiler at the beginning of
# the second and subsequent calls to that function.
# Rather than initializing globals in an INIT block or during declaration,
# we initialize them in a function. This is done for two reasons:
#
# 1. Proper initialization usually depends on the address family which isn't
# known until the compiler has started.
#
# 2. The compiler can run multiple times in the same process so it has to be
# able to re-initialize all of its dependent modules.
#
sub initialize( $ ) {
$family = shift;
@proxyarp = ();
}
INIT {
initialize( F_IPV4 );
}
sub setup_one_proxy_arp( $$$$$ ) {
my ( $address, $interface, $external, $haveroute, $persistent) = @_;

19
Shorewall/Perl/Shorewall/Rules.pm
View File

@ -63,14 +63,15 @@ my %rules_commands = ( COMMENT => 0,
SECTION => 2 );
#
# Initialize globals -- we take this novel approach to globals initialization to allow
# the compiler to run multiple times in the same process. The
# initialize() function does globals initialization for this
# module and is called from an INIT block below. The function is
# also called by Shorewall::Compiler::compiler at the beginning of
# the second and subsequent calls to that function.
# Rather than initializing globals in an INIT block or during declaration,
# we initialize them in a function. This is done for two reasons:
#
# 1. Proper initialization usually depends on the address family which isn't
# known until the compiler has started.
#
# 2. The compiler can run multiple times in the same process so it has to be
# able to re-initialize all of its dependent modules.
#
sub initialize( $ ) {
$family = shift;
$sectioned = 0;
@ -79,10 +80,6 @@ sub initialize( $ ) {
@param_stack = ();
}
INIT {
initialize( F_IPV4 );
}
use constant { MAX_MACRO_NEST_LEVEL => 5 };
sub process_tos() {

19
Shorewall/Perl/Shorewall/Tc.pm
View File

@ -202,14 +202,15 @@ our %restrictions = ( tcpre => PREROUTE_RESTRICT ,
our $family;
#
# Initialize globals -- we take this novel approach to globals initialization to allow
# the compiler to run multiple times in the same process. The
# initialize() function does globals initialization for this
# module and is called from an INIT block below. The function is
# also called by Shorewall::Compiler::compiler at the beginning of
# the second and subsequent calls to that function.
# Rather than initializing globals in an INIT block or during declaration,
# we initialize them in a function. This is done for two reasons:
#
# 1. Proper initialization usually depends on the address family which isn't
# known until the compiler has started.
#
# 2. The compiler can run multiple times in the same process so it has to be
# able to re-initialize all of its dependent modules.
#
sub initialize( $ ) {
$family = shift;
%classids = ();
@ -223,10 +224,6 @@ sub initialize( $ ) {
$sticky = 0;
}
INIT {
initialize( F_IPV4 );
}
sub process_tc_rule( ) {
my ( $originalmark, $source, $dest, $proto, $ports, $sports, $user, $testval, $length, $tos , $connbytes, $helper ) = split_line1 2, 12, 'tcrules file';

20
Shorewall/Perl/Shorewall/Zones.pm
View File

@ -174,15 +174,15 @@ our %validinterfaceoptions;
our %validhostoptions;
#
# Initialize globals -- we take this novel approach to globals initialization to allow
# the compiler to run multiple times in the same process. The
# initialize() function does globals initialization for this
# module and is called from an INIT block below. The function is
# also called by Shorewall::Compiler::compiler at the beginning of
# the second and subsequent calls to that function or when compiling
# for IPv6.
# Rather than initializing globals in an INIT block or during declaration,
# we initialize them in a function. This is done for two reasons:
#
# 1. Proper initialization usually depends on the address family which isn't
# known until the compiler has started.
#
# 2. The compiler can run multiple times in the same process so it has to be
# able to re-initialize all of its dependent modules.
#
sub initialize( $ ) {
$family = shift;
@zones = ();
@ -250,10 +250,6 @@ sub initialize( $ ) {
}
}
INIT {
initialize( F_IPV4 );
}
#
# Parse the passed option list and return a reference to a hash as follows:
#

2
Shorewall/changelog.txt
View File

@ -6,6 +6,8 @@ Changes in Shorewall 4.4.1
3) Added support for --persistent.
4) Don't do module initialization in an INIT block.
Changes in Shorewall 4.4.0
1) Fix 'compile ... -' so that it no longer requires '-v-1'