extern/shorewall_code
1
0
Fork 1
mirror of https://gitlab.com/shorewall/code.git synced 2025-02-02 10:59:27 +01:00
Code Issues Packages Projects Releases Wiki Activity

Some more minor cleanup patches from my current version

Browse Source 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@4005 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
This commit is contained in:
paulgear 2006-06-07 04:30:35 +00:00
parent b95ed17dd3
commit 2437ec6e4f
1 changed files with 8 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
contrib/shoregen/shoregen
View File

@ -31,6 +31,7 @@ my $VERBOSE = 1;
my $DEBUG = 1; my $DEBUG = 1;
my $DATE = scalar localtime; my $DATE = scalar localtime;
my $HEADER = "#\n# Shorewall %s - constructed by $0 on $DATE\n#\n\n"; my $HEADER = "#\n# Shorewall %s - constructed by $0 on $DATE\n#\n\n";
my $ret = 0; # return code to shell
if ($#ARGV != 0) { if ($#ARGV != 0) {
print STDERR "Usage: $0 <hostname>\n"; print STDERR "Usage: $0 <hostname>\n";
@ -58,6 +59,7 @@ sub mesg
sub error sub error
{ {
mesg "ERROR", @_; mesg "ERROR", @_;
++$ret;
} }
sub warning sub warning
@ -67,8 +69,8 @@ sub warning
sub fatal sub fatal
{ {
my $RET = shift;
mesg "FATAL", @_; mesg "FATAL", @_;
++$ret;
exit $RET; exit $RET;
} }
@ -238,8 +240,8 @@ for my $infile ("$dir/hosts", "$dir/interfaces") {
my @F = split; my @F = split;
next if $#F < 0; next if $#F < 0;
next if $F[ 0 ] eq "-"; next if $F[ 0 ] eq "-";
my @IF = split /:/, $F[ 1 ]; my @IF = split /:/, $F[ 0 ]; # strip off parent zone, if present
$hostzones{ $F[ 0 ] } = $IF[ 0 ]; $hostzones{ $IF[ 0 ] } = 1;
} }
} }
} }
@ -281,11 +283,11 @@ message "Other zones for $host: @tmp" if $VERBOSE > 0;
# #
# Add 'all' as a valid source or destination. Added here so it doesn't get # Add 'all' as a valid source or destination. Added here so it doesn't get
# checked in %tmpzones check above. Also add firewall itself. (The # checked in %tmpzones check above. Also add firewall itself. (The
# numbers are not important as long as they are different.) # numbers are not important as long as they are non-zero.)
# #
$hostzones{"all"} = 1; $hostzones{"all"} = 1;
$hostzones{$fw} = 2; $hostzones{$fw} = 1;
# #
# Create the policy file, including only the applicable zones. # Create the policy file, including only the applicable zones.
@ -318,7 +320,7 @@ for (stripfile $conf) {
# Save WARN & BAN details for later rules processing # Save WARN & BAN details for later rules processing
if ($pol eq "WARN" or $pol eq "BAN") { if ($pol eq "WARN" or $pol eq "BAN") {
if (exists $warnban{$src}{$dst}) { if (exists $warnban{$src}{$dst}) {
warning "Duplicate WARN/BAN rule: $src,$dst,$pol - possible typo?"; error "Duplicate WARN/BAN rule: $src,$dst,$pol - possible typo?";
} }
$warnban{$src}{$dst} = $pol; $warnban{$src}{$dst} = $pol;
next; next;
@ -343,8 +345,6 @@ open( $outfile, ">$dir/$conf" ) or
die "Can't open $dir/$conf for writing: $!"; die "Can't open $dir/$conf for writing: $!";
printf $outfile $HEADER, "$conf"; printf $outfile $HEADER, "$conf";
my $ret = 0;
for my $infile ("$conf.COMMON", "$conf.$host", "$conf") { for my $infile ("$conf.COMMON", "$conf.$host", "$conf") {
next unless -r $infile; next unless -r $infile;
for (stripfile $infile) { for (stripfile $infile) {
@ -384,7 +384,6 @@ for my $infile ("$conf.COMMON", "$conf.$host", "$conf") {
} }
else { # $warnban{$src}{$dst} eq "BAN" else { # $warnban{$src}{$dst} eq "BAN"
error "Rule contravenes BAN policy (omitted):\n\t$_"; error "Rule contravenes BAN policy (omitted):\n\t$_";
++$ret;
next; next;
} }
} }