From 28e84a6abaf48138b0b3ebde0e9f22d23dd1e3c4 Mon Sep 17 00:00:00 2001 From: teastep Date: Fri, 10 Apr 2009 16:31:04 +0000 Subject: [PATCH] Break up long port lists in jump to logging chain Signed-off-by: Tom Eastep git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@9840 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb --- Shorewall/Perl/Shorewall/Chains.pm | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/Shorewall/Perl/Shorewall/Chains.pm b/Shorewall/Perl/Shorewall/Chains.pm index 9f6d5216a..590a426de 100644 --- a/Shorewall/Perl/Shorewall/Chains.pm +++ b/Shorewall/Perl/Shorewall/Chains.pm @@ -583,11 +583,12 @@ sub add_rule($$;$) # Add a jump from the chain represented by the reference in the first argument to # the target in the second argument. The third argument determines if a GOTO may be # used rather than a jump. The optional fourth argument specifies any matches to be -# included in the rule and must end with a space character if it is non-null. +# included in the rule and must end with a space character if it is non-null. The +# optional 5th argument causes long port lists to be split. # -sub add_jump( $$$;$ ) { - my ( $fromref, $to, $goto_ok, $predicate ) = @_; +sub add_jump( $$$;$$ ) { + my ( $fromref, $to, $goto_ok, $predicate, $expandports ) = @_; $predicate |= ''; @@ -612,7 +613,7 @@ sub add_jump( $$$;$ ) { my $param = $goto_ok && $toref && $capabilities{GOTO_TARGET} ? 'g' : 'j'; - add_rule ($fromref, join( '', $predicate, "-$param $to" ) ); + add_rule ($fromref, join( '', $predicate, "-$param $to" ), $expandports || 0 ); } # @@ -2702,7 +2703,7 @@ sub expand_rule( $$$$$$$$$$ ) if ( $disposition ne 'LOG' ) { my $logchainref = new_chain $chainref->{table}, newlogchain; - add_jump( $chainref, $logchainref, $builtin_target{$disposition}, $rule ); + add_jump( $chainref, $logchainref, $builtin_target{$disposition}, $rule, 1 ); log_rule_limit( $loglevel ,