extern/shorewall_code
1
0
Fork 1
mirror of https://gitlab.com/shorewall/code.git synced 2024-12-20 05:11:03 +01:00
Code Issues Packages Projects Releases Wiki Activity

Only use 'our' when required

Browse Source
This commit is contained in:
Tom Eastep 2011-05-14 13:21:31 -07:00
parent 0626594cda
commit 05e385a748
12 changed files with 164 additions and 160 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
Shorewall/Perl/Shorewall/Accounting.pm
View File

@ -35,21 +35,21 @@ use strict;
our @ISA = qw(Exporter); our @ISA = qw(Exporter);
our @EXPORT = qw( setup_accounting ); our @EXPORT = qw( setup_accounting );
our @EXPORT_OK = qw( ); our @EXPORT_OK = qw( );
our $VERSION = '4.4.18'; our $VERSION = '4.4.20';
# #
# Per-IP accounting tables. Each entry contains the associated network. # Per-IP accounting tables. Each entry contains the associated network.
# #
our %tables; my %tables;
our $jumpchainref; my $jumpchainref;
our %accountingjumps; my %accountingjumps;
our $asection; my $asection;
our $defaultchain; my $defaultchain;
our $defaultrestriction; my $defaultrestriction;
our $restriction; my $restriction;
our $accounting_commands = { COMMENT => 0, SECTION => 2 }; my $accounting_commands = { COMMENT => 0, SECTION => 2 };
our $sectionname; my $sectionname;
# #
# Sections in the Accounting File # Sections in the Accounting File

43
Shorewall/Perl/Shorewall/Chains.pm
View File

@ -188,7 +188,7 @@ our %EXPORT_TAGS = (
Exporter::export_ok_tags('internal'); Exporter::export_ok_tags('internal');
our $VERSION = '4.4_19'; our $VERSION = '4.4_20';
# #
# Chain Table # Chain Table
@ -242,8 +242,8 @@ our $raw_table;
our $nat_table; our $nat_table;
our $mangle_table; our $mangle_table;
our $filter_table; our $filter_table;
our $comment; my $comment;
our @comments; my @comments;
# #
# Target Types # Target Types
@ -280,14 +280,15 @@ use constant { NO_RESTRICT => 0, # FORWARD chain rule - Both -i an
# #
# See initialize() below for additional comments on these variables # See initialize() below for additional comments on these variables
# #
our $iprangematch;
our $chainseq; my $iprangematch;
our $idiotcount; my $chainseq;
our $idiotcount1; my $idiotcount;
our $warningcount; my $idiotcount1;
our $hashlimitset; my $warningcount;
our $global_variables; my $hashlimitset;
our $ipset_rules; my $global_variables;
my $ipset_rules;
# #
# Determines the commands for which a particular interface-oriented shell variable needs to be set # Determines the commands for which a particular interface-oriented shell variable needs to be set
# #
@ -296,18 +297,18 @@ use constant { ALL_COMMANDS => 1, NOT_RESTORE => 2 };
# #
# These hashes hold the shell code to set shell variables. The key is the name of the variable; the value is the code to generate the variable's contents # These hashes hold the shell code to set shell variables. The key is the name of the variable; the value is the code to generate the variable's contents
# #
our %interfaceaddr; # First interface address my %interfaceaddr; # First interface address
our %interfaceaddrs; # All interface addresses my %interfaceaddrs; # All interface addresses
our %interfacenets; # Networks routed out of the interface my %interfacenets; # Networks routed out of the interface
our %interfacemacs; # Interface MAC my %interfacemacs; # Interface MAC
our %interfacebcasts; # Broadcast addresses associated with the interface (IPv4) my %interfacebcasts; # Broadcast addresses associated with the interface (IPv4)
our %interfaceacasts; # Anycast addresses associated with the interface (IPv6) my %interfaceacasts; # Anycast addresses associated with the interface (IPv6)
our %interfacegateways; # Gateway of default route out of the interface my %interfacegateways; # Gateway of default route out of the interface
# #
# Built-in Chains # Built-in Chains
# #
our @builtins = qw(PREROUTING INPUT FORWARD OUTPUT POSTROUTING); my @builtins = qw(PREROUTING INPUT FORWARD OUTPUT POSTROUTING);
# #
# Mode of the emitter (part of this module that converts rules in the chain table into iptables-restore input) # Mode of the emitter (part of this module that converts rules in the chain table into iptables-restore input)
@ -316,7 +317,7 @@ use constant { NULL_MODE => 0 , # Emitting neither shell commands nor iptables
CAT_MODE => 1 , # Emitting iptables-restore input CAT_MODE => 1 , # Emitting iptables-restore input
CMD_MODE => 2 }; # Emitting shell commands. CMD_MODE => 2 }; # Emitting shell commands.
our $mode; my $mode;
# #
# Address Family # Address Family
# #
@ -325,7 +326,7 @@ our $family;
# #
# These are the current builtin targets # These are the current builtin targets
# #
our %builtin_target = ( ACCEPT => 1, my %builtin_target = ( ACCEPT => 1,
ACCOUNT => 1, ACCOUNT => 1,
CHAOS => 1, CHAOS => 1,
CHECKSUM => 1, CHECKSUM => 1,

8
Shorewall/Perl/Shorewall/Compiler.pm
View File

@ -41,13 +41,13 @@ use Shorewall::Misc;
our @ISA = qw(Exporter); our @ISA = qw(Exporter);
our @EXPORT = qw( compiler ); our @EXPORT = qw( compiler );
our @EXPORT_OK = qw( $export ); our @EXPORT_OK = qw( $export );
our $VERSION = '4.4_19'; our $VERSION = '4.4_20';
our $export; my $export;
our $test; my $test;
our $family; my $family;
# #
# Initilize the package-globals in the other modules # Initilize the package-globals in the other modules

76
Shorewall/Perl/Shorewall/Config.pm
View File

@ -139,7 +139,7 @@ our %EXPORT_TAGS = ( internal => [ qw( create_temp_script
Exporter::export_ok_tags('internal'); Exporter::export_ok_tags('internal');
our $VERSION = '4.4_19'; our $VERSION = '4.4_20';
# #
# describe the current command, it's present progressive, and it's completion. # describe the current command, it's present progressive, and it's completion.
@ -148,47 +148,47 @@ our ($command, $doing, $done );
# #
# VERBOSITY # VERBOSITY
# #
our $verbosity; my $verbosity;
# #
# Logging # Logging
# #
our ( $log, $log_verbosity ); my ( $log, $log_verbosity );
# #
# Timestamp each progress message, if true. # Timestamp each progress message, if true.
# #
our $timestamp; my $timestamp;
# #
# Script (output) file handle # Script (output) file handle
# #
our $script; my $script;
# #
# When 'true', writes to the script are enabled. Used to catch code emission between functions # When 'true', writes to the script are enabled. Used to catch code emission between functions
# #
our $script_enabled; my $script_enabled;
# #
# True, if last line emitted is blank # True, if last line emitted is blank
# #
our $lastlineblank; my $lastlineblank;
# #
# Tabs to indent the output # Tabs to indent the output
# #
our $indent1; my $indent1;
# #
# Characters to indent the output # Characters to indent the output
# #
our $indent2; my $indent2;
# #
# Total indentation # Total indentation
# #
our $indent; my $indent;
# #
# Script's Directory and File # Script's Directory and File
# #
our ( $dir, $file ); my ( $dir, $file );
# #
# Temporary output file's name # Temporary output file's name
# #
our $tempfile; my $tempfile;
# #
# Misc Globals # Misc Globals
# #
@ -200,15 +200,15 @@ our %config;
# #
# Config options and global settings that are to be copied to output script # Config options and global settings that are to be copied to output script
# #
our @propagateconfig = qw/ DISABLE_IPV6 MODULESDIR MODULE_SUFFIX LOAD_HELPERS_ONLY SUBSYSLOCK LOG_VERBOSITY/; my @propagateconfig = qw/ DISABLE_IPV6 MODULESDIR MODULE_SUFFIX LOAD_HELPERS_ONLY SUBSYSLOCK LOG_VERBOSITY/;
# #
# From parsing the capabilities file or detecting capabilities # From parsing the capabilities file or detecting capabilities
# #
our %capabilities; my %capabilities;
# #
# Capabilities # Capabilities
# #
our %capdesc = ( NAT_ENABLED => 'NAT', my %capdesc = ( NAT_ENABLED => 'NAT',
MANGLE_ENABLED => 'Packet Mangling', MANGLE_ENABLED => 'Packet Mangling',
MULTIPORT => 'Multi-port Match' , MULTIPORT => 'Multi-port Match' ,
XMULTIPORT => 'Extended Multi-port Match', XMULTIPORT => 'Extended Multi-port Match',
@ -312,52 +312,52 @@ our %config_files = ( #accounting => 1,
# #
# Directories to search for configuration files # Directories to search for configuration files
# #
our @config_path; my @config_path;
# #
# Stash away file references here when we encounter INCLUDE # Stash away file references here when we encounter INCLUDE
# #
our @includestack; my @includestack;
# #
# Allow nested opens # Allow nested opens
# #
our @openstack; my @openstack;
# #
# From the params file # From the params file
# #
our %params; my %params;
# #
# Entries that the compiler adds to %params # Entries that the compiler adds to %params
# #
our %compiler_params; my %compiler_params;
# #
# Action parameters # Action parameters
# #
our %actparms; my %actparms;
our $currentline; # Current config file line image our $currentline; # Current config file line image
our $currentfile; # File handle reference my $currentfile; # File handle reference
our $currentfilename; # File NAME my $currentfilename; # File NAME
our $currentlinenumber; # Line number my $currentlinenumber; # Line number
our $perlscript; # File Handle Reference to current temporary file being written by an in-line Perl script my $perlscript; # File Handle Reference to current temporary file being written by an in-line Perl script
our $perlscriptname; # Name of that file. my $perlscriptname; # Name of that file.
our @tempfiles; # Files that need unlinking at END my @tempfiles; # Files that need unlinking at END
our $first_entry; # Message to output or function to call on first non-blank line of a file my $first_entry; # Message to output or function to call on first non-blank line of a file
our $shorewall_dir; # Shorewall Directory; if non-empty, search here first for files. my $shorewall_dir; # Shorewall Directory; if non-empty, search here first for files.
our $debug; # If true, use Carp to report errors with stack trace. my $debug; # If true, use Carp to report errors with stack trace.
our $family; # Protocol family (4 or 6) our $family; # Protocol family (4 or 6)
our $toolname; # Name of the tool to use (iptables or iptables6) my $toolname; # Name of the tool to use (iptables or iptables6)
our $toolNAME; # Tool name in CAPS my $toolNAME; # Tool name in CAPS
our $product; # Name of product that will run the generated script our $product; # Name of product that will run the generated script
our $Product; # $product with initial cap. our $Product; # $product with initial cap.
our $sillyname; # Name of temporary filter chains for testing capabilities my $sillyname; # Name of temporary filter chains for testing capabilities
our $sillyname1; my $sillyname1;
our $iptables; # Path to iptables/ip6tables my $iptables; # Path to iptables/ip6tables
our $tc; # Path to tc my $tc; # Path to tc
our $ip; # Path to ip my $ip; # Path to ip
use constant { MIN_VERBOSITY => -1, use constant { MIN_VERBOSITY => -1,
MAX_VERBOSITY => 2 , MAX_VERBOSITY => 2 ,
@ -365,7 +365,7 @@ use constant { MIN_VERBOSITY => -1,
F_IPV6 => 6, F_IPV6 => 6,
}; };
our %validlevels; # Valid log levels. my %validlevels; # Valid log levels.
# #
# Rather than initializing globals in an INIT block or during declaration, # Rather than initializing globals in an INIT block or during declaration,

32
Shorewall/Perl/Shorewall/IPAddrs.pm
View File

@ -80,25 +80,25 @@ our @EXPORT = qw( ALLIPv4
validate_icmp6 validate_icmp6
); );
our @EXPORT_OK = qw( ); our @EXPORT_OK = qw( );
our $VERSION = '4.4_19'; our $VERSION = '4.4_20';
# #
# Some IPv4/6 useful stuff # Some IPv4/6 useful stuff
# #
our @allipv4 = ( '0.0.0.0/0' ); my @allipv4 = ( '0.0.0.0/0' );
our @allipv6 = ( '::/0' ); my @allipv6 = ( '::/0' );
our $allip; my $allip;
our @allip; my @allip;
our @nilipv4 = ( '0.0.0.0' ); my @nilipv4 = ( '0.0.0.0' );
our @nilipv6 = ( '::' ); my @nilipv6 = ( '::' );
our $nilip; my $nilip;
our @nilip; my @nilip;
our $valid_address; my $valid_address;
our $validate_address; my $validate_address;
our $validate_net; my $validate_net;
our $validate_range; my $validate_range;
our $validate_host; my $validate_host;
our $family; my $family;
use constant { ALLIPv4 => '0.0.0.0/0' , use constant { ALLIPv4 => '0.0.0.0/0' ,
ALLIPv6 => '::/0' , ALLIPv6 => '::/0' ,
@ -121,7 +121,7 @@ use constant { ALLIPv4 => '0.0.0.0/0' ,
SCTP => 132, SCTP => 132,
UDPLITE => 136 }; UDPLITE => 136 };
our @rfc1918_networks = ( "10.0.0.0/8", "172.16.0.0/12", "192.168.0.0/16" ); my @rfc1918_networks = ( "10.0.0.0/8", "172.16.0.0/12", "192.168.0.0/16" );
# #
# Note: initialize() is declared at the bottom of the file # Note: initialize() is declared at the bottom of the file

2
Shorewall/Perl/Shorewall/Misc.pm
View File

@ -47,7 +47,7 @@ our @EXPORT = qw( process_tos
our @EXPORT_OK = qw( initialize ); our @EXPORT_OK = qw( initialize );
our $VERSION = '4.4_20'; our $VERSION = '4.4_20';
our $family; my $family;
# #
# Rather than initializing globals in an INIT block or during declaration, # Rather than initializing globals in an INIT block or during declaration,

4
Shorewall/Perl/Shorewall/Nat.pm
View File

@ -38,8 +38,8 @@ our @EXPORT = qw( setup_masq setup_nat setup_netmap add_addresses );
our @EXPORT_OK = (); our @EXPORT_OK = ();
our $VERSION = '4.4_20'; our $VERSION = '4.4_20';
our @addresses_to_add; my @addresses_to_add;
our %addresses_to_add; my %addresses_to_add;
# #
# Called by the compiler # Called by the compiler

22
Shorewall/Perl/Shorewall/Providers.pm
View File

@ -43,23 +43,23 @@ use constant { LOCAL_TABLE => 255,
UNSPEC_TABLE => 0 UNSPEC_TABLE => 0
}; };
our @routemarked_providers; my @routemarked_providers;
our %routemarked_interfaces; my %routemarked_interfaces;
our @routemarked_interfaces; our @routemarked_interfaces;
our %provider_interfaces; my %provider_interfaces;
our $balancing; my $balancing;
our $fallback; my $fallback;
our $first_default_route; my $first_default_route;
our $first_fallback_route; my $first_fallback_route;
our %providers; my %providers;
our @providers; my @providers;
our $family; my $family;
our $lastmark; my $lastmark;
use constant { ROUTEMARKED_SHARED => 1, ROUTEMARKED_UNSHARED => 2 }; use constant { ROUTEMARKED_SHARED => 1, ROUTEMARKED_UNSHARED => 2 };

30
Shorewall/Perl/Shorewall/Rules.pm
View File

@ -52,47 +52,47 @@ our @EXPORT = qw(
); );
our @EXPORT_OK = qw( initialize ); our @EXPORT_OK = qw( initialize );
our $VERSION = '4.4_19'; our $VERSION = '4.4_20';
# #
# Globals are documented in the initialize() function # Globals are documented in the initialize() function
# #
our %sections; my %sections;
our $section; my $section;
our @policy_chains; my @policy_chains;
our %policy_actions; my %policy_actions;
our %default_actions; my %default_actions;
our %macros; my %macros;
our $family; my $family;
our @builtins; my @builtins;
# #
# Commands that can be embedded in a basic rule and how many total tokens on the line (0 => unlimited). # Commands that can be embedded in a basic rule and how many total tokens on the line (0 => unlimited).
# #
our $rule_commands = { COMMENT => 0, FORMAT => 2, SECTION => 2 }; my $rule_commands = { COMMENT => 0, FORMAT => 2, SECTION => 2 };
use constant { MAX_MACRO_NEST_LEVEL => 5 }; use constant { MAX_MACRO_NEST_LEVEL => 5 };
our $macro_nest_level; my $macro_nest_level;
our @actionstack; my @actionstack;
our %active; my %active;
# Action Table # Action Table
# #
# %actions{ actchain => used to eliminate collisions } # %actions{ actchain => used to eliminate collisions }
# #
our %actions; my %actions;
# #
# Contains an entry for each used <action>:<level>[:<tag>] that maps to the associated chain. # Contains an entry for each used <action>:<level>[:<tag>] that maps to the associated chain.
# #
our %usedactions; my %usedactions;
# #
# Rather than initializing globals in an INIT block or during declaration, # Rather than initializing globals in an INIT block or during declaration,

33
Shorewall/Perl/Shorewall/Tc.pm
View File

@ -40,9 +40,9 @@ use strict;
our @ISA = qw(Exporter); our @ISA = qw(Exporter);
our @EXPORT = qw( setup_tc ); our @EXPORT = qw( setup_tc );
our @EXPORT_OK = qw( process_tc_rule initialize ); our @EXPORT_OK = qw( process_tc_rule initialize );
our $VERSION = '4.4_19'; our $VERSION = '4.4_20';
our %tcs = ( T => { chain => 'tcpost', my %tcs = ( T => { chain => 'tcpost',
connmark => 0, connmark => 0,
fw => 1, fw => 1,
fwi => 0, fwi => 0,
@ -86,7 +86,7 @@ use constant { NOMARK => 0 ,
HIGHMARK => 2 HIGHMARK => 2
}; };
our %flow_keys = ( 'src' => 1, my %flow_keys = ( 'src' => 1,
'dst' => 1, 'dst' => 1,
'proto' => 1, 'proto' => 1,
'proto-src' => 1, 'proto-src' => 1,
@ -104,14 +104,14 @@ our %flow_keys = ( 'src' => 1,
'sk-gid' => 1, 'sk-gid' => 1,
'vlan-tag' => 1 ); 'vlan-tag' => 1 );
our %tosoptions = ( 'tos-minimize-delay' => '0x10/0x10' , my %tosoptions = ( 'tos-minimize-delay' => '0x10/0x10' ,
'tos-maximize-throughput' => '0x08/0x08' , 'tos-maximize-throughput' => '0x08/0x08' ,
'tos-maximize-reliability' => '0x04/0x04' , 'tos-maximize-reliability' => '0x04/0x04' ,
'tos-minimize-cost' => '0x02/0x02' , 'tos-minimize-cost' => '0x02/0x02' ,
'tos-normal-service' => '0x00/0x1e' ); 'tos-normal-service' => '0x00/0x1e' );
our %classids; my %classids;
our @deferred_rules; my @deferred_rules;
# #
# Perl version of Arn Bernin's 'tc4shorewall'. # Perl version of Arn Bernin's 'tc4shorewall'.
@ -132,12 +132,12 @@ our @deferred_rules;
# name => <interface> # name => <interface>
# } # }
# #
our @tcdevices; my @tcdevices;
our %tcdevices; my %tcdevices;
our @devnums; my @devnums;
our $devnum; my $devnum;
our $sticky; my $sticky;
our $ipp2p; my $ipp2p;
# #
# TCClasses Table # TCClasses Table
@ -158,17 +158,16 @@ our $ipp2p;
# } # }
# } # }
# } # }
my @tcclasses;
my %tcclasses;
our @tcclasses; my %restrictions = ( tcpre => PREROUTE_RESTRICT ,
our %tcclasses;
our %restrictions = ( tcpre => PREROUTE_RESTRICT ,
tcpost => POSTROUTE_RESTRICT , tcpost => POSTROUTE_RESTRICT ,
tcfor => NO_RESTRICT , tcfor => NO_RESTRICT ,
tcin => INPUT_RESTRICT , tcin => INPUT_RESTRICT ,
tcout => OUTPUT_RESTRICT ); tcout => OUTPUT_RESTRICT );
our $family; my $family;
# #
# Rather than initializing globals in an INIT block or during declaration, # Rather than initializing globals in an INIT block or during declaration,

42
Shorewall/Perl/Shorewall/Zones.pm
View File

@ -85,7 +85,7 @@ our @EXPORT = qw( NOTHING
); );
our @EXPORT_OK = qw( initialize ); our @EXPORT_OK = qw( initialize );
our $VERSION = '4.4_19'; our $VERSION = '4.4_20';
# #
# IPSEC Option types # IPSEC Option types
@ -129,11 +129,11 @@ use constant { NOTHING => 'NOTHING',
# #
# $firewall_zone names the firewall zone. # $firewall_zone names the firewall zone.
# #
our @zones; my @zones;
our %zones; my %zones;
our $firewall_zone; my $firewall_zone;
our %reservedName = ( all => 1, my %reservedName = ( all => 1,
any => 1, any => 1,
none => 1, none => 1,
SOURCE => 1, SOURCE => 1,
@ -167,18 +167,18 @@ our %reservedName = ( all => 1,
# The purpose of the 'base' member is to ensure that the base names associated with the physical interfaces are assigned in # The purpose of the 'base' member is to ensure that the base names associated with the physical interfaces are assigned in
# the same order as the interfaces are encountered in the configuration files. # the same order as the interfaces are encountered in the configuration files.
# #
our @interfaces; my @interfaces;
our %interfaces; my %interfaces;
our %roots; my %roots;
our @bport_zones; my @bport_zones;
our %ipsets; my %ipsets;
our %physical; my %physical;
our %basemap; my %basemap;
our %mapbase; my %mapbase;
our $family; my $family;
our $have_ipsec; my $have_ipsec;
our $baseseq; my $baseseq;
our $minroot; my $minroot;
use constant { FIREWALL => 1, use constant { FIREWALL => 1,
IP => 2, IP => 2,
@ -202,13 +202,13 @@ use constant { SIMPLE_IF_OPTION => 1,
IF_OPTION_WILDOK => 64 IF_OPTION_WILDOK => 64
}; };
our %validinterfaceoptions; my %validinterfaceoptions;
our %defaultinterfaceoptions = ( routefilter => 1 , wait => 60 ); my %defaultinterfaceoptions = ( routefilter => 1 , wait => 60 );
our %maxoptionvalue = ( routefilter => 2, mss => 100000 , wait => 120 ); my %maxoptionvalue = ( routefilter => 2, mss => 100000 , wait => 120 );
our %validhostoptions; my %validhostoptions;
# #
# Rather than initializing globals in an INIT block or during declaration, # Rather than initializing globals in an INIT block or during declaration,

4
Shorewall/changelog.txt
View File

@ -1,3 +1,7 @@
Changes in Shorewall 4.4.20 Beta 2
1) Use 'my' unless variable is exported.
Changes in Shorewall 4.4.20 Beta 1 Changes in Shorewall 4.4.20 Beta 1
1) Apply Togan's patch for installation flexibility. 1) Apply Togan's patch for installation flexibility.