extern/shorewall_code
1
0
Fork 1
mirror of https://gitlab.com/shorewall/code.git synced 2025-06-23 19:21:21 +02:00
Code Issues Packages Projects Releases Wiki Activity

Correct handling of existing notrack file.

Browse Source 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
This commit is contained in:
Tom Eastep 2012-08-16 14:46:48 -07:00
parent 8d3cf6428f
commit 0a4f26a318
1 changed files with 16 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
Shorewall/Perl/Shorewall/Raw.pm
View File

@ -201,15 +201,16 @@ sub process_format( $ ) {
sub setup_conntrack() { sub setup_conntrack() {
my $format = 1;
my $action = 'NOTRACK';
for my $name ( qw/notrack conntrack/ ) { for my $name ( qw/notrack conntrack/ ) {
my $fn = open_file( $name ); my $fn = open_file( $name );
if ( $fn ) { if ( $fn ) {
my $format = 1;
my $action = 'NOTRACK';
my $empty = 1; my $empty = 1;
first_entry( "$doing $fn..." ); first_entry( "$doing $fn..." );
@ -224,11 +225,6 @@ sub setup_conntrack() {
$format = process_format( $dest ); $format = process_format( $dest );
next; next;
} }
if ( $source eq 'COMMENT' ) {
process_comment;
next;
}
} else { } else {
( $action, $source, $dest, $proto, $ports, $sports, $user ) = split_line1 'Conntrack File', { action => 0, source => 1, dest => 2, proto => 3, dport => 4, sport => 5, user => 6 }, { COMMENT => 0, FORMAT => 2 }; ( $action, $source, $dest, $proto, $ports, $sports, $user ) = split_line1 'Conntrack File', { action => 0, source => 1, dest => 2, proto => 3, dport => 4, sport => 5, user => 6 }, { COMMENT => 0, FORMAT => 2 };
@ -237,12 +233,12 @@ sub setup_conntrack() {
$action = 'NOTRACK'; $action = 'NOTRACK';
next; next;
} }
}
if ( $action eq 'COMMENT' ) { if ( $action eq 'COMMENT' ) {
process_comment; process_comment;
next; next;
} }
}
$empty = 0; $empty = 0;
@ -257,12 +253,16 @@ sub setup_conntrack() {
clear_comment; clear_comment;
if ( $empty && $name eq 'notrack') { if ( $name eq 'notrack') {
if ( $empty ) {
if ( unlink( $fn ) ) { if ( unlink( $fn ) ) {
warning_message "Empty notrack file ($fn) removed"; warning_message "Empty notrack file ($fn) removed";
} else { } else {
warning_message "Unable to remove empty notrack file ($fn): $!"; warning_message "Unable to remove empty notrack file ($fn): $!";
} }
} else {
warning_message "Non-empty notrack file ($fn); please move its contents to the conntrack file";
}
} }
} }
} }