From 128edd4bba3625ba2d85a6e3a02290348daccf24 Mon Sep 17 00:00:00 2001 From: Tom Eastep Date: Tue, 8 Sep 2009 16:00:40 -0700 Subject: [PATCH] Slight optimization -- also makes code easier to read --- Shorewall/Perl/Shorewall/Compiler.pm | 26 ++++++++++++++++---------- 1 file changed, 16 insertions(+), 10 deletions(-) diff --git a/Shorewall/Perl/Shorewall/Compiler.pm b/Shorewall/Perl/Shorewall/Compiler.pm index fcf180934..f270feed2 100644 --- a/Shorewall/Perl/Shorewall/Compiler.pm +++ b/Shorewall/Perl/Shorewall/Compiler.pm @@ -623,7 +623,9 @@ sub compiler { validate_interfaces_file ( $export ); # # Process the hosts file. - # + # # We must reinitialize Shorewall::Chains before generating the iptables-restore input + # for stopping the firewall + validate_hosts_file; # # Report zone contents @@ -795,15 +797,13 @@ sub compiler { # (Produces setup_netfilter(), chainlist_reload() and define_firewall() ) # generate_script_3( $chains ); - } - - # We must reinitialize Shorewall::Chains before generating the iptables-restore input - # for stopping the firewall - # - Shorewall::Chains::initialize( $family ); - initialize_chain_table; - - if ( $objectfile ) { + # + # We must reinitialize Shorewall::Chains before generating the iptables-restore input + # for stopping the firewall + # + Shorewall::Chains::initialize( $family ); + initialize_chain_table; + # # S T O P _ F I R E W A L L # (Writes the stop_firewall() function to the compiled script) # @@ -829,6 +829,12 @@ sub compiler { # enable_object, generate_aux_config if $export; } else { + # + # Re-initialize the chain table so that process_routestopped() has the same + # environment that it would when called by compile_stop_firewall(). + # + Shorewall::Chains::initialize( $family ); + initialize_chain_table; # # compile_stop_firewall() also validates the routestopped file. Since we don't # call that function during 'check', we must validate routestopped here.