extern/shorewall_code
1
0
Fork 1
mirror of https://gitlab.com/shorewall/code.git synced 2024-11-15 04:04:10 +01:00
Code Issues Packages Projects Releases Wiki Activity

Convert file processors to use ?FORMAT

Browse Source 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
This commit is contained in:
Tom Eastep 2012-12-21 15:49:28 -08:00
parent 35aeaf340f
commit 10108b2d6a
5 changed files with 22 additions and 33 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
Shorewall/Perl/Shorewall/Config.pm
View File

@ -485,7 +485,7 @@ my $embedded; # True if we're in an embedded perl script
my @tempfiles; # Files that need unlinking at END
my $first_entry; # Message to output or function to call on first non-blank line of a file
our $file_format; # Format of configuration file.
my $max_format # Max format value
my $max_format; # Max format value
my $shorewall_dir; # Shorewall Directory; if non-empty, search here first for files.
@ -2091,7 +2091,7 @@ sub process_compiler_directive( $$$$ ) {
print "CD===> $line\n" if $debug;
directive_error( "Invalid compiler directive ($line)" , $filename, $linenumber ) unless $line =~ /^\s*\?(IF\s+|ELSE|ELSIF\s+|ENDIF|SET\s+|RESET\s+|INCLUDE\s+)(.*)$/i;
directive_error( "Invalid compiler directive ($line)" , $filename, $linenumber ) unless $line =~ /^\s*\?(IF\s+|ELSE|ELSIF\s+|ENDIF|SET\s+|RESET\s+|FORMAT\s+)(.*)$/i;
my ($keyword, $expression) = ( uc $1, $2 );

14
Shorewall/Perl/Shorewall/Raw.pm
View File

@ -206,7 +206,7 @@ sub process_format( $ ) {
fatal_error q(FORMAT must be '1', '2' or '3') unless $format =~ /^[123]$/;
$format;
$file_format = $format;
}
sub setup_conntrack() {
@ -217,29 +217,27 @@ sub setup_conntrack() {
if ( $fn ) {
my $format = 1;
my $action = 'NOTRACK';
my $empty = 1;
first_entry( "$doing $fn..." );
first_entry( "$doing $fn..." , 3 );
while ( read_a_line( NORMAL_READ ) ) {
my ( $source, $dest, $proto, $ports, $sports, $user, $switch );
if ( $format == 1 ) {
if ( $file_format == 1 ) {
( $source, $dest, $proto, $ports, $sports, $user, $switch ) = split_line1 'Conntrack File', { source => 0, dest => 1, proto => 2, dport => 3, sport => 4, user => 5, switch => 6 };
if ( $source eq 'FORMAT' ) {
$format = process_format( $dest );
process_format( $dest );
next;
}
} else {
( $action, $source, $dest, $proto, $ports, $sports, $user, $switch ) = split_line1 'Conntrack File', { action => 0, source => 1, dest => 2, proto => 3, dport => 4, sport => 5, user => 6, switch => 7 }, { COMMENT => 0, FORMAT => 2 };
if ( $action eq 'FORMAT' ) {
$format = process_format( $source );
process_format( $source );
$action = 'NOTRACK';
next;
}
@ -252,7 +250,7 @@ sub setup_conntrack() {
$empty = 0;
if ( $format < 3 ) {
if ( $file_format < 3 ) {
if ( $source =~ /^all(-)?(:(.+))?$/ ) {
fatal_error 'USER/GROUP is not allowed unless the SOURCE zone is $FW or a Vserver zone' if $user ne '-';
for my $zone ( $1 ? off_firewall_zones : all_zones ) {

17
Shorewall/Perl/Shorewall/Rules.pm
View File

@ -1547,13 +1547,12 @@ sub process_action($) {
$builtinops{$action}->( $chainref, $level, $tag, $param );
} else {
my $actionfile = find_file "action.$action";
my $format = 1;
fatal_error "Missing Action File ($actionfile)" unless -f $actionfile;
progress_message2 "$doing $actionfile for chain $chainref->{name}...";
push_open $actionfile;
push_open $actionfile, 2;
my $oldparms = push_action_params( $chainref, $param, $level, $tag );
@ -1568,7 +1567,7 @@ sub process_action($) {
my ($target, $source, $dest, $proto, $ports, $sports, $origdest, $rate, $user, $mark, $connlimit, $time, $headers, $condition, $helper );
if ( $format == 1 ) {
if ( $file_format == 1 ) {
($target, $source, $dest, $proto, $ports, $sports, $rate, $user, $mark ) =
split_line1 'action file', { target => 0, source => 1, dest => 2, proto => 3, dport => 4, sport => 5, rate => 6, user => 7, mark => 8 }, $rule_commands;
$origdest = $connlimit = $time = $headers = $condition = $helper = '-';
@ -1586,12 +1585,12 @@ sub process_action($) {
if ( $target eq 'FORMAT' ) {
fatal_error "FORMAT must be 1 or 2" unless $source =~ /^[12]$/;
$format = $source;
$file_format = $source;
next;
}
if ( $target eq 'DEFAULTS' ) {
default_action_params( $action, split_list $source, 'defaults' ), next if $format == 2;
default_action_params( $action, split_list $source, 'defaults' ), next if $file_format == 2;
fatal_error 'DEFAULTS only allowed in FORMAT-2 actions';
}
@ -1646,8 +1645,6 @@ sub process_macro ($$$$$$$$$$$$$$$$$$$) {
my $nocomment = no_comment;
my $format = 1;
my $generated = 0;
macro_comment $macro;
@ -1656,13 +1653,13 @@ sub process_macro ($$$$$$$$$$$$$$$$$$$) {
progress_message "..Expanding Macro $macrofile...";
push_open $macrofile;
push_open $macrofile, 2;
while ( read_a_line( NORMAL_READ ) ) {
my ( $mtarget, $msource, $mdest, $mproto, $mports, $msports, $morigdest, $mrate, $muser, $mmark, $mconnlimit, $mtime, $mheaders, $mcondition, $mhelper);
if ( $format == 1 ) {
if ( $file_format == 1 ) {
( $mtarget, $msource, $mdest, $mproto, $mports, $msports, $mrate, $muser ) = split_line1 'macro file', \%rulecolumns, $rule_commands;
( $morigdest, $mmark, $mconnlimit, $mtime, $mheaders, $mcondition, $mhelper ) = qw/- - - - - - -/;
} else {
@ -1692,7 +1689,7 @@ sub process_macro ($$$$$$$$$$$$$$$$$$$) {
if ( $mtarget eq 'FORMAT' ) {
fatal_error "Invalid FORMAT ($msource)" unless $msource =~ /^[12]$/;
$format = $msource;
$file_format = $msource;
next;
}

12
Shorewall/Perl/Shorewall/Tc.pm
View File

@ -217,8 +217,6 @@ sub process_tc_rule( ) {
our %tccmd;
our $format;
fatal_error 'MARK must be specified' if $originalmark eq '-';
if ( $originalmark eq 'COMMENT' ) {
@ -228,7 +226,7 @@ sub process_tc_rule( ) {
if ( $originalmark eq 'FORMAT' ) {
if ( $source =~ /^([12])$/ ) {
$format = $1;
$file_format = $1;
return;
}
@ -320,7 +318,7 @@ sub process_tc_rule( ) {
$target = "IPMARK --addr $srcdst --and-mask $mask1 --or-mask $mask2 --shift $shift";
},
DIVERT => sub() {
fatal_error "Invalid MARK ($originalmark)" unless $format == 2;
fatal_error "Invalid MARK ($originalmark)" unless $file_format == 2;
fatal_error "Invalid DIVERT specification( $cmd/$rest )" if $rest;
$chain = 'PREROUTING';
@ -349,7 +347,7 @@ sub process_tc_rule( ) {
my $params = $1;
my ( $port, $ip, $bad );
if ( $format == 1 ) {
if ( $file_format == 1 ) {
fatal_error "Invalid TPROXY specification( $cmd )" unless defined $params;
( $mark, $port, $ip, $bad ) = split_list $params, 'Parameter';
@ -2416,9 +2414,7 @@ sub setup_tc() {
if ( my $fn = open_file 'tcrules' ) {
our $format = 1;
first_entry "$doing $fn...";
first_entry "$doing $fn...", 2;
process_tc_rule while read_a_line( NORMAL_READ );

8
Shorewall/Perl/Shorewall/Zones.pm
View File

@ -999,9 +999,8 @@ sub process_interface( $$ ) {
my ($zone, $originalinterface, $bcasts, $options );
my $zoneref;
my $bridge = '';
our $format;
if ( $format == 1 ) {
if ( $file_format == 1 ) {
($zone, $originalinterface, $bcasts, $options ) = split_line1 'interfaces file', { zone => 0, interface => 1, broadcast => 2, options => 3 }, { COMMENT => 0, FORMAT => 2 };
} else {
($zone, $originalinterface, $options ) = split_line1 'interfaces file', { zone => 0, interface => 1, options => 2 }, { COMMENT => 0, FORMAT => 2 };
@ -1010,7 +1009,7 @@ sub process_interface( $$ ) {
if ( $zone eq 'FORMAT' ) {
if ( $originalinterface =~ /^([12])$/ ) {
$format = $1;
$file_format = $1;
return;
}
@ -1308,13 +1307,12 @@ sub process_interface( $$ ) {
#
sub validate_interfaces_file( $ ) {
my $export = shift;
our $format = 1;
my @ifaces;
my $nextinum = 1;
if ( my $fn = open_file 'interfaces' ) {
first_entry "$doing $fn...";
first_entry "$doing $fn..." , 2;
push @ifaces, process_interface( $nextinum++, $export ) while read_a_line( NORMAL_READ );
} else {
fatal_error q(The 'interfaces' file does not exist or has zero size);