extern/shorewall_code
1
0
Fork 1
mirror of https://gitlab.com/shorewall/code.git synced 2025-06-18 15:46:55 +02:00
Code Issues Packages Projects Releases Wiki Activity

Allow wide macros in actions

Browse Source
This commit is contained in:
Tom Eastep 2010-12-12 10:14:47 -08:00
parent acbbdc1690
commit 1bbe95ead8
1 changed files with 26 additions and 23 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

49
Shorewall/Perl/Shorewall/Actions.pm
View File

@ -458,14 +458,12 @@ sub find_logactionchain( $ ) {
sub process_macro1 ( $$ ) { sub process_macro1 ( $$ ) {
my ( $action, $macrofile ) = @_; my ( $action, $macrofile ) = @_;
my $nat;
progress_message " ..Expanding Macro $macrofile..."; progress_message " ..Expanding Macro $macrofile...";
push_open( $macrofile ); push_open( $macrofile );
while ( read_a_line ) { while ( read_a_line ) {
my ( $mtarget, @rest ) = split_line1 1, 9, 'macro file', $macro_commands; my ( $mtarget, @rest ) = split_line1 1, 13, 'macro file', $macro_commands;
next if $mtarget eq 'COMMENT' || $mtarget eq 'FORMAT'; next if $mtarget eq 'COMMENT' || $mtarget eq 'FORMAT';
@ -478,16 +476,12 @@ sub process_macro1 ( $$ ) {
$targettype = 0 unless defined $targettype; $targettype = 0 unless defined $targettype;
fatal_error "Invalid target ($mtarget)" fatal_error "Invalid target ($mtarget)"
unless ( $targettype == STANDARD ) || ( $mtarget eq 'PARAM' ) || ( $targettype & ( LOGRULE | NFQ | CHAIN | NATRULE ) ); unless ( $targettype == STANDARD ) || ( $mtarget eq 'PARAM' ) || ( $targettype & ( LOGRULE | NFQ | CHAIN ) );
$nat ||= ( $targettype & NATRULE );
} }
progress_message " ..End Macro $macrofile"; progress_message " ..End Macro $macrofile";
pop_open; pop_open;
$nat;
} }
# #
@ -633,8 +627,8 @@ sub process_actions2 () {
# #
# This function is called to process each rule generated from an action file. # This function is called to process each rule generated from an action file.
# #
sub process_action( $$$$$$$$$$$ ) { sub process_action( $$$$$$$$$$$$$$ ) {
my ($chainref, $actionname, $target, $source, $dest, $proto, $ports, $sports, $rate, $user, $mark ) = @_; my ($chainref, $actionname, $target, $source, $dest, $proto, $ports, $sports, $rate, $user, $mark, $connlimit, $time, $headers ) = @_;
my ( $action , $level ) = split_action $target; my ( $action , $level ) = split_action $target;
@ -652,7 +646,13 @@ sub process_action( $$$$$$$$$$$ ) {
expand_rule ( $chainref , expand_rule ( $chainref ,
NO_RESTRICT , NO_RESTRICT ,
do_proto( $proto, $ports, $sports ) . do_ratelimit( $rate, $action ) . do_user $user . do_test( $mark, $globals{TC_MASK} ) , do_proto( $proto, $ports, $sports ) .
do_ratelimit( $rate, $action ) .
do_user $user .
do_test( $mark, $globals{TC_MASK} ) .
do_connlimit ( $connlimit ) .
do_time( $time ) .
do_headers ( $headers ) ,
$source , $source ,
$dest , $dest ,
'', #Original Dest '', #Original Dest
@ -682,14 +682,17 @@ sub process_macro3( $$$$$$$$$$$$ ) {
while ( read_a_line ) { while ( read_a_line ) {
my ( $mtarget, $msource, $mdest, $mproto, $mports, $msports, $morigdest, $mrate, $muser, $mmark ); my ( $mtarget, $msource, $mdest, $mproto, $mports, $msports, $morigdest, $mrate, $muser, $mmark, $mconnlimit, $mtime, $mheaders );
if ( $format == 1 ) { if ( $format == 1 ) {
( $mtarget, $msource, $mdest, $mproto, $mports, $msports, $mrate, $muser ) = split_line1 1, 8, 'macro file', $macro_commands; ( $mtarget, $msource, $mdest, $mproto, $mports, $msports, $mrate, $muser ) = split_line1 1, 8, 'macro file', $macro_commands;
$morigdest = '-'; $morigdest = '-';
$mmark = '-'; $mmark = '-';
$mconnlimit = '-';
$mtime = '-';
$mheaders = '-';
} else { } else {
( $mtarget, $msource, $mdest, $mproto, $mports, $msports, $morigdest, $mrate, $muser, $mmark ) = split_line1 1, 10, 'macro file', $macro_commands; ( $mtarget, $msource, $mdest, $mproto, $mports, $msports, $morigdest, $mrate, $muser, $mmark, $mconnlimit, $mtime, $mheaders ) = split_line1 1, 13, 'macro file', $macro_commands;
} }
if ( $mtarget eq 'COMMENT' ) { if ( $mtarget eq 'COMMENT' ) {
@ -738,14 +741,14 @@ sub process_macro3( $$$$$$$$$$$$ ) {
$mdest = '' if $mdest eq '-'; $mdest = '' if $mdest eq '-';
$mproto = merge_macro_column $mproto, $proto; $mproto = merge_macro_column $mproto, $proto;
$mports = merge_macro_column $mports, $ports; $mports = merge_macro_column $mports, $ports;
$msports = merge_macro_column $msports, $sports; $msports = merge_macro_column $msports, $sports;
$mrate = merge_macro_column $mrate, $rate; $mrate = merge_macro_column $mrate, $rate;
$muser = merge_macro_column $muser, $user; $muser = merge_macro_column $muser, $user;
$mmark = merge_macro_column $mmark, $mark; $mmark = merge_macro_column $mmark, $mark;
process_action $chainref, $action, $mtarget, $msource, $mdest, $mproto, $mports, $msports, $mrate, $muser, $mark; process_action $chainref, $action, $mtarget, $msource, $mdest, $mproto, $mports, $msports, $mrate, $muser, $mark, $mconnlimit, $mtime, $mheaders;
} }
pop_open; pop_open;
@ -796,7 +799,7 @@ sub process_action3( $$$$$ ) {
if ( $action2type == MACRO ) { if ( $action2type == MACRO ) {
process_macro3( $action2, $param, $chainref, $action, $source, $dest, $proto, $ports, $sports, $rate, $user, $mark ); process_macro3( $action2, $param, $chainref, $action, $source, $dest, $proto, $ports, $sports, $rate, $user, $mark );
} else { } else {
process_action $chainref, $action, $target2, $source, $dest, $proto, $ports, $sports, $rate, $user, $mark; process_action $chainref, $action, $target2, $source, $dest, $proto, $ports, $sports, $rate, $user, $mark, '-', '-', '-';
} }
} }