From 3151db4561c899d9c7ca37e907175acc60e02cb1 Mon Sep 17 00:00:00 2001
From: teastep <teastep@fbd18981-670d-0410-9b5c-8dc0c1a9a2bb>
Date: Sat, 23 Jun 2007 16:06:16 +0000
Subject: [PATCH] More perl newbie code rework and global initialization fixes

git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@6652 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
---
 Shorewall-perl/Shorewall/Actions.pm    |  8 +---
 Shorewall-perl/Shorewall/Chains.pm     | 34 ++++++-------
 Shorewall-perl/Shorewall/Interfaces.pm | 11 ++---
 Shorewall-perl/Shorewall/Tc.pm         | 66 ++++++++++++++------------
 Shorewall-perl/Shorewall/Zones.pm      | 18 +++----
 5 files changed, 65 insertions(+), 72 deletions(-)

diff --git a/Shorewall-perl/Shorewall/Actions.pm b/Shorewall-perl/Shorewall/Actions.pm
index 1cf9dd861..6ce2feced 100644
--- a/Shorewall-perl/Shorewall/Actions.pm
+++ b/Shorewall-perl/Shorewall/Actions.pm
@@ -72,7 +72,7 @@ our %actions;
 #
 # Contains an entry for each used <action>:<level>[:<tag>] that maps to the associated chain.
 #
-my %logactionchains;
+our %logactionchains;
 #
 # Initialize globals -- we take this novel approach to globals initialization to allow
 #                       the compiler to run multiple times in the same process. The
@@ -143,11 +143,7 @@ sub new_action( $ ) {
 
     my $action = $_[0];
 
-    my %h;
-
-    $h{actchain}   = '';
-    $h{requires} = {};
-    $actions{$action} = \%h;
+    $actions{$action} = { actchain => '', requires => {} };
 }
 
 #
diff --git a/Shorewall-perl/Shorewall/Chains.pm b/Shorewall-perl/Shorewall/Chains.pm
index 9ae008485..00412dd05 100644
--- a/Shorewall-perl/Shorewall/Chains.pm
+++ b/Shorewall-perl/Shorewall/Chains.pm
@@ -198,6 +198,10 @@ our $exclseq;
 our $iprangematch;
 our $chainseq;
 
+our %interfaceaddr;
+our %interfaceaddrs;
+our %interfacenets;
+
 #
 # Initialize globals -- we take this novel approach to globals initialization to allow
 #                       the compiler to run multiple times in the same process. The
@@ -277,6 +281,12 @@ sub initialize() {
     # Sequence for naming temporary chains
     #
     $chainseq = undef;
+    #
+    # Keep track of which interfaces have active 'address', 'addresses' and 'networks' variables
+    #
+    %interfaceaddr  = ();
+    %interfaceaddrs = ();
+    %interfacenets  = ();
 }
 
 INIT {
@@ -531,17 +541,14 @@ sub first_chains( $ ) #$1 = interface
 sub new_chain($$)
 {
     my ($table, $chain) = @_;
-    my %ch;
 
-    $ch{name} = $chain;
-    $ch{log}  = 1 if $globals{LOGRULENUMBERS};
-    $ch{rules} = [];
-    $ch{table} = $table;
-    $ch{loglevel} = '';
-    $ch{loopcount} = 0;
-    $ch{cmdcount}  = 0;
-    $chain_table{$table}{$chain} = \%ch;
-    \%ch;
+    $chain_table{$table}{$chain} = { name      => $chain,
+				     rules     => [],
+				     table     => $table,
+				     loglevel  => '',
+				     log       => 1,
+				     loopcount => 0,
+				     cmdcount  => 0 };
 }
 
 #
@@ -1328,13 +1335,6 @@ sub mysplit( $ ) {
     @result;
 }
 
-#
-# Keep track of which interfaces have active 'address', 'addresses' and 'networks' variables
-#
-my %interfaceaddr;
-my %interfaceaddrs;
-my %interfacenets;
-
 #
 # Returns the name of the shell variable holding the first address of the passed interface
 #
diff --git a/Shorewall-perl/Shorewall/Interfaces.pm b/Shorewall-perl/Shorewall/Interfaces.pm
index e113deaa9..261618a80 100644
--- a/Shorewall-perl/Shorewall/Interfaces.pm
+++ b/Shorewall-perl/Shorewall/Interfaces.pm
@@ -134,14 +134,11 @@ sub add_group_to_zone($$$$$)
 
     $zoneref->{options}{complex} = 1 if @$arrayref || ( @newnetworks > 1 ) || ( @exclusions );
 
-    my %h;
-
-    $h{options} = $options;
-    $h{hosts}   = \@newnetworks;
-    $h{ipsec}   = $type eq 'ipsec' ? 'ipsec' : 'none';
-
     push @{$zoneref->{exclusions}}, @exclusions;
-    push @{$arrayref}, \%h;
+    
+    push @{$arrayref}, { options => $options,
+			 hosts   => \@newnetworks,
+			 ipsec   => $type eq 'ipsec' ? 'ipsec' : 'none' };
 }
 
 #
diff --git a/Shorewall-perl/Shorewall/Tc.pm b/Shorewall-perl/Shorewall/Tc.pm
index 1cba4eb2f..f82a9e0fe 100644
--- a/Shorewall-perl/Shorewall/Tc.pm
+++ b/Shorewall-perl/Shorewall/Tc.pm
@@ -123,6 +123,37 @@ our %classids;
 
 our @deferred_rules;
 
+#
+# Perl version of Arn Bernin's 'tc4shorewall'.
+#
+# TCDevices Table
+#
+# %tcdevices { <interface> -> {in_bandwidth => <value> ,
+#                              out_bandwidth => <value>
+#                              number => <ordinal>
+#                              default => <default class mark value> }
+#
+our @tcdevices;
+our %tcdevices;
+
+#
+# TCClasses Table
+#
+# %tcclasses { device    => <device> ,
+#              mark      => <mark> ,
+#              rate      => <rate> ,
+#              ceiling   => <ceiling> ,
+#              priority  => <priority> ,
+#              options   => { tos  => [ <value1> , <value2> , ... ];
+#                             tcp_ack => 1 ,
+#                             ...
+#
+
+our @tcclasses;
+our %tcclasses;
+
+our $prefix = '1';
+
 #
 # Initialize globals -- we take this novel approach to globals initialization to allow
 #                       the compiler to run multiple times in the same process. The
@@ -135,6 +166,10 @@ our @deferred_rules;
 sub initialize() {
     %classids = ();
     @deferred_rules = ();
+    @tcdevices = ();
+    %tcdevices = ();
+    @tcclasses = ();
+    %tcclasses = ();
 }
 
 sub process_tc_rule( $$$$$$$$$$ ) {
@@ -256,37 +291,6 @@ sub process_tc_rule( $$$$$$$$$$ ) {
 
 }
 
-#
-# Perl version of Arn Bernin's 'tc4shorewall'.
-#
-# TCDevices Table
-#
-# %tcdevices { <interface> -> {in_bandwidth => <value> ,
-#                              out_bandwidth => <value>
-#                              number => <ordinal>
-#                              default => <default class mark value> }
-#
-my @tcdevices;
-my %tcdevices;
-
-#
-# TCClasses Table
-#
-# %tcclasses { device    => <device> ,
-#              mark      => <mark> ,
-#              rate      => <rate> ,
-#              ceiling   => <ceiling> ,
-#              priority  => <priority> ,
-#              options   => { tos  => [ <value1> , <value2> , ... ];
-#                             tcp_ack => 1 ,
-#                             ...
-#
-
-my @tcclasses;
-my %tcclasses;
-
-my $prefix = '1';
-
 sub rate_to_kbit( $ ) {
     my $rate = $_[0];
 
diff --git a/Shorewall-perl/Shorewall/Zones.pm b/Shorewall-perl/Shorewall/Zones.pm
index 0a3427a4e..6627c2cf2 100644
--- a/Shorewall-perl/Shorewall/Zones.pm
+++ b/Shorewall-perl/Shorewall/Zones.pm
@@ -247,22 +247,18 @@ sub determine_zones()
 	    fatal_error "Invalid zone type ($type)" ;
 	}
 
-	my %zone_hash;
-
-	$options      = '' if $options     eq '-';
-	$in_options   = '' if $in_options  eq '-';
-	$out_options  = '' if $out_options eq '-';
-
-	$zone_hash{in_out}   = parse_zone_option_list( $options || '', $type );
-	$zone_hash{in}       = parse_zone_option_list( $in_options || '', $type );
-	$zone_hash{out}      = parse_zone_option_list( $out_options || '', $type );
-	$zone_hash{complex}  = ($type eq 'ipsec4' || $options || $in_options || $out_options ? 1 : 0);
+	for ( $options, $in_options, $out_options ) {
+	    $_ = '' if $_ eq '-';
+	}
 
 	$zones{$zone} = { type       => $type,
 			  parents    => \@parents, 
 			  exclusions => [], 
 			  bridge     => '',
-			  options    => \%zone_hash,
+			  options    => { in_out  => parse_zone_option_list( $options || '', $type ) ,
+					  in      => parse_zone_option_list( $in_options || '', $type ) ,
+					  out     => parse_zone_option_list( $out_options || '', $type ) ,
+					  complex => ($type eq 'ipsec4' || $options || $in_options || $out_options ? 1 : 0) } ,
 			  interfaces => {} ,
 			  children   => [] ,
 			  hosts      => {}