mirror of
https://gitlab.com/shorewall/code.git
synced 2025-06-20 01:37:59 +02:00
Correct handling of address variables out of the Providers module
Signed-off-by: Tom Eastep <teastep@shorewall.net>
This commit is contained in:
Tom Eastep
parent
174f46f3e6
commit
282253022e
@ -268,7 +268,6 @@ our %EXPORT_TAGS = (
|
|||||||
mark_firewall6_not_started
|
mark_firewall6_not_started
|
||||||
interface_address
|
interface_address
|
||||||
get_interface_address
|
get_interface_address
|
||||||
used_address_variable
|
|
||||||
get_interface_addresses
|
get_interface_addresses
|
||||||
get_interface_bcasts
|
get_interface_bcasts
|
||||||
get_interface_acasts
|
get_interface_acasts
|
||||||
@ -5778,12 +5777,12 @@ sub have_ipset_rules() {
|
|||||||
$ipset_rules;
|
$ipset_rules;
|
||||||
}
|
}
|
||||||
|
|
||||||
sub get_interface_address( $ );
|
sub get_interface_address( $;$ );
|
||||||
|
|
||||||
sub get_interface_gateway ( $;$$ );
|
sub get_interface_gateway ( $;$$ );
|
||||||
|
|
||||||
sub record_runtime_address( $$;$ ) {
|
sub record_runtime_address( $$;$$ ) {
|
||||||
my ( $addrtype, $interface, $protect ) = @_;
|
my ( $addrtype, $interface, $protect, $provider ) = @_;
|
||||||
|
|
||||||
if ( $interface =~ /^{([a-zA-Z_]\w*)}$/ ) {
|
if ( $interface =~ /^{([a-zA-Z_]\w*)}$/ ) {
|
||||||
fatal_error "Mixed required/optional usage of address variable $1" if ( $address_variables{$1} || $addrtype ) ne $addrtype;
|
fatal_error "Mixed required/optional usage of address variable $1" if ( $address_variables{$1} || $addrtype ) ne $addrtype;
|
||||||
@ -5797,9 +5796,9 @@ sub record_runtime_address( $$;$ ) {
|
|||||||
my $addr;
|
my $addr;
|
||||||
|
|
||||||
if ( $addrtype eq '&' ) {
|
if ( $addrtype eq '&' ) {
|
||||||
$addr = get_interface_address( $interface );
|
$addr = get_interface_address( $interface, $provider );
|
||||||
} else {
|
} else {
|
||||||
$addr = get_interface_gateway( $interface, $protect );
|
$addr = get_interface_gateway( $interface, $protect, $provider );
|
||||||
}
|
}
|
||||||
|
|
||||||
$addr . ' ';
|
$addr . ' ';
|
||||||
@ -6796,8 +6795,8 @@ sub interface_address( $ ) {
|
|||||||
#
|
#
|
||||||
# Record that the ruleset requires the first IP address on the passed interface
|
# Record that the ruleset requires the first IP address on the passed interface
|
||||||
#
|
#
|
||||||
sub get_interface_address ( $ ) {
|
sub get_interface_address ( $;$ ) {
|
||||||
my ( $logical ) = $_[0];
|
my ( $logical, $provider ) = @_;
|
||||||
|
|
||||||
my $interface = get_physical( $logical );
|
my $interface = get_physical( $logical );
|
||||||
my $variable = interface_address( $interface );
|
my $variable = interface_address( $interface );
|
||||||
@ -6807,11 +6806,9 @@ sub get_interface_address ( $ ) {
|
|||||||
|
|
||||||
$interfaceaddr{$interface} = "$variable=\$($function $interface)\n";
|
$interfaceaddr{$interface} = "$variable=\$($function $interface)\n";
|
||||||
|
|
||||||
"\$$variable";
|
set_interface_option( $logical, 'used_address_variable', 1 ) unless $provider;
|
||||||
}
|
|
||||||
|
|
||||||
sub used_address_variable( $ ) {
|
"\$$variable";
|
||||||
defined $interfaceaddr{$_[0]}
|
|
||||||
}
|
}
|
||||||
|
|
||||||
#
|
#
|
||||||
|
|||||||
@ -799,7 +799,7 @@ sub add_a_provider( $$ ) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
if ( $gateway ) {
|
if ( $gateway ) {
|
||||||
$address = get_interface_address $interface unless $address;
|
$address = get_interface_address( $interface, 1 ) unless $address;
|
||||||
|
|
||||||
emit( qq([ -z "$address" ] && return\n) );
|
emit( qq([ -z "$address" ] && return\n) );
|
||||||
|
|
||||||
@ -925,7 +925,7 @@ CEOF
|
|||||||
}
|
}
|
||||||
|
|
||||||
if ( $gateway ) {
|
if ( $gateway ) {
|
||||||
$address = get_interface_address $interface unless $address;
|
$address = get_interface_address( $interface, 1 ) unless $address;
|
||||||
|
|
||||||
if ( $hostroute ) {
|
if ( $hostroute ) {
|
||||||
emit qq(run_ip route replace $gateway src $address dev $physical ${mtu});
|
emit qq(run_ip route replace $gateway src $address dev $physical ${mtu});
|
||||||
@ -1038,7 +1038,7 @@ CEOF
|
|||||||
emit( qq(rm -f \${VARDIR}/${physical}_disabled) );
|
emit( qq(rm -f \${VARDIR}/${physical}_disabled) );
|
||||||
emit_started_message( '', 2, $pseudo, $table, $number );
|
emit_started_message( '', 2, $pseudo, $table, $number );
|
||||||
|
|
||||||
if ( used_address_variable( $interface ) || get_interface_option( $interface, 'used_gateway_variable' ) ) {
|
if ( get_interface_option( $interface, 'used_address_variable' ) || get_interface_option( $interface, 'used_gateway_variable' ) ) {
|
||||||
emit( '',
|
emit( '',
|
||||||
'if [ -n "$g_forcereload" ]; then',
|
'if [ -n "$g_forcereload" ]; then',
|
||||||
" progress_message2 \"The IP address or gateway of $physical has changed -- forcing reload of the ruleset\"",
|
" progress_message2 \"The IP address or gateway of $physical has changed -- forcing reload of the ruleset\"",
|
||||||
@ -1059,7 +1059,7 @@ CEOF
|
|||||||
|
|
||||||
emit "fi\n";
|
emit "fi\n";
|
||||||
|
|
||||||
if ( used_address_variable( $interface ) ) {
|
if ( get_interface_option( $interface, 'used_address_variable' ) ) {
|
||||||
my $variable = interface_address( $interface );
|
my $variable = interface_address( $interface );
|
||||||
|
|
||||||
emit( "echo \$$variable > \${VARDIR}/${physical}.address" );
|
emit( "echo \$$variable > \${VARDIR}/${physical}.address" );
|
||||||
@ -1095,7 +1095,7 @@ CEOF
|
|||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
if ( used_address_variable( $interface ) ) {
|
if ( get_interface_option( $interface, 'used_address_variable' ) ) {
|
||||||
my $variable = interface_address( $interface );
|
my $variable = interface_address( $interface );
|
||||||
emit( "\necho \$$variable > \${VARDIR}/${physical}.address" );
|
emit( "\necho \$$variable > \${VARDIR}/${physical}.address" );
|
||||||
}
|
}
|
||||||
@ -1242,7 +1242,7 @@ sub add_an_rtrule1( $$$$$ ) {
|
|||||||
if ( $source eq '-' ) {
|
if ( $source eq '-' ) {
|
||||||
$source = 'from ' . ALLIP;
|
$source = 'from ' . ALLIP;
|
||||||
} elsif ( $source =~ s/^&// ) {
|
} elsif ( $source =~ s/^&// ) {
|
||||||
$source = 'from ' . record_runtime_address '&', $source;
|
$source = 'from ' . record_runtime_address( '&', $source, undef, 1 );
|
||||||
} elsif ( $family == F_IPV4 ) {
|
} elsif ( $family == F_IPV4 ) {
|
||||||
if ( $source =~ /:/ ) {
|
if ( $source =~ /:/ ) {
|
||||||
( my $interface, $source , my $remainder ) = split( /:/, $source, 3 );
|
( my $interface, $source , my $remainder ) = split( /:/, $source, 3 );
|
||||||
@ -2189,7 +2189,7 @@ sub handle_optional_interfaces( $ ) {
|
|||||||
emit( " SW_${wildbase}_IS_USABLE=Yes" ) if $interfaceref->{wildcard};
|
emit( " SW_${wildbase}_IS_USABLE=Yes" ) if $interfaceref->{wildcard};
|
||||||
emit( 'fi' );
|
emit( 'fi' );
|
||||||
|
|
||||||
if ( used_address_variable( $interface ) ) {
|
if ( get_interface_option( $interface, 'used_address_variable' ) ) {
|
||||||
my $variable = interface_address( $interface );
|
my $variable = interface_address( $interface );
|
||||||
|
|
||||||
emit( '',
|
emit( '',
|
||||||
@ -2242,7 +2242,7 @@ sub handle_optional_interfaces( $ ) {
|
|||||||
emit ( " SW_${base}_IS_USABLE=Yes" ,
|
emit ( " SW_${base}_IS_USABLE=Yes" ,
|
||||||
'fi' );
|
'fi' );
|
||||||
|
|
||||||
if ( used_address_variable( $interface ) ) {
|
if ( get_interface_option( $interface, 'used_address_variable' ) ) {
|
||||||
emit( '',
|
emit( '',
|
||||||
"if [ -f \${VARDIR}/${physical}.address ]; then",
|
"if [ -f \${VARDIR}/${physical}.address ]; then",
|
||||||
" if [ \$(cat \${VARDIR}/${physical}.address) != \$$variable ]; then",
|
" if [ \$(cat \${VARDIR}/${physical}.address) != \$$variable ]; then",
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user