extern/shorewall_code
1
0
Fork 1
mirror of https://gitlab.com/shorewall/code.git synced 2024-11-15 04:04:10 +01:00
Code Issues Packages Projects Releases Wiki Activity

More perl newbie code rework and global initialization fixes

Browse Source 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@6652 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
This commit is contained in:
teastep 2007-06-23 16:06:16 +00:00
parent a7c3d6a335
commit 3151db4561
5 changed files with 65 additions and 72 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
Shorewall-perl/Shorewall/Actions.pm
View File

@ -72,7 +72,7 @@ our %actions;
# #
# Contains an entry for each used <action>:<level>[:<tag>] that maps to the associated chain. # Contains an entry for each used <action>:<level>[:<tag>] that maps to the associated chain.
# #
my %logactionchains; our %logactionchains;
# #
# Initialize globals -- we take this novel approach to globals initialization to allow # Initialize globals -- we take this novel approach to globals initialization to allow
# the compiler to run multiple times in the same process. The # the compiler to run multiple times in the same process. The
@ -143,11 +143,7 @@ sub new_action( $ ) {
my $action = $_[0]; my $action = $_[0];
my %h; $actions{$action} = { actchain => '', requires => {} };
$h{actchain} = '';
$h{requires} = {};
$actions{$action} = \%h;
} }
# #

34
Shorewall-perl/Shorewall/Chains.pm
View File

@ -198,6 +198,10 @@ our $exclseq;
our $iprangematch; our $iprangematch;
our $chainseq; our $chainseq;
our %interfaceaddr;
our %interfaceaddrs;
our %interfacenets;
# #
# Initialize globals -- we take this novel approach to globals initialization to allow # Initialize globals -- we take this novel approach to globals initialization to allow
# the compiler to run multiple times in the same process. The # the compiler to run multiple times in the same process. The
@ -277,6 +281,12 @@ sub initialize() {
# Sequence for naming temporary chains # Sequence for naming temporary chains
# #
$chainseq = undef; $chainseq = undef;
#
# Keep track of which interfaces have active 'address', 'addresses' and 'networks' variables
#
%interfaceaddr = ();
%interfaceaddrs = ();
%interfacenets = ();
} }
INIT { INIT {
@ -531,17 +541,14 @@ sub first_chains( $ ) #$1 = interface
sub new_chain($$) sub new_chain($$)
{ {
my ($table, $chain) = @_; my ($table, $chain) = @_;
my %ch;
$ch{name} = $chain; $chain_table{$table}{$chain} = { name => $chain,
$ch{log} = 1 if $globals{LOGRULENUMBERS}; rules => [],
$ch{rules} = []; table => $table,
$ch{table} = $table; loglevel => '',
$ch{loglevel} = ''; log => 1,
$ch{loopcount} = 0; loopcount => 0,
$ch{cmdcount} = 0; cmdcount => 0 };
$chain_table{$table}{$chain} = \%ch;
\%ch;
} }
# #
@ -1328,13 +1335,6 @@ sub mysplit( $ ) {
@result; @result;
} }
#
# Keep track of which interfaces have active 'address', 'addresses' and 'networks' variables
#
my %interfaceaddr;
my %interfaceaddrs;
my %interfacenets;
# #
# Returns the name of the shell variable holding the first address of the passed interface # Returns the name of the shell variable holding the first address of the passed interface
# #

11
Shorewall-perl/Shorewall/Interfaces.pm
View File

@ -134,14 +134,11 @@ sub add_group_to_zone($$$$$)
$zoneref->{options}{complex} = 1 if @$arrayref || ( @newnetworks > 1 ) || ( @exclusions ); $zoneref->{options}{complex} = 1 if @$arrayref || ( @newnetworks > 1 ) || ( @exclusions );
my %h;
$h{options} = $options;
$h{hosts} = \@newnetworks;
$h{ipsec} = $type eq 'ipsec' ? 'ipsec' : 'none';
push @{$zoneref->{exclusions}}, @exclusions; push @{$zoneref->{exclusions}}, @exclusions;
push @{$arrayref}, \%h;
push @{$arrayref}, { options => $options,
hosts => \@newnetworks,
ipsec => $type eq 'ipsec' ? 'ipsec' : 'none' };
} }
# #

66
Shorewall-perl/Shorewall/Tc.pm
View File

@ -123,6 +123,37 @@ our %classids;
our @deferred_rules; our @deferred_rules;
#
# Perl version of Arn Bernin's 'tc4shorewall'.
#
# TCDevices Table
#
# %tcdevices { <interface> -> {in_bandwidth => <value> ,
# out_bandwidth => <value>
# number => <ordinal>
# default => <default class mark value> }
#
our @tcdevices;
our %tcdevices;
#
# TCClasses Table
#
# %tcclasses { device => <device> ,
# mark => <mark> ,
# rate => <rate> ,
# ceiling => <ceiling> ,
# priority => <priority> ,
# options => { tos => [ <value1> , <value2> , ... ];
# tcp_ack => 1 ,
# ...
#
our @tcclasses;
our %tcclasses;
our $prefix = '1';
# #
# Initialize globals -- we take this novel approach to globals initialization to allow # Initialize globals -- we take this novel approach to globals initialization to allow
# the compiler to run multiple times in the same process. The # the compiler to run multiple times in the same process. The
@ -135,6 +166,10 @@ our @deferred_rules;
sub initialize() { sub initialize() {
%classids = (); %classids = ();
@deferred_rules = (); @deferred_rules = ();
@tcdevices = ();
%tcdevices = ();
@tcclasses = ();
%tcclasses = ();
} }
sub process_tc_rule( $$$$$$$$$$ ) { sub process_tc_rule( $$$$$$$$$$ ) {
@ -256,37 +291,6 @@ sub process_tc_rule( $$$$$$$$$$ ) {
} }
#
# Perl version of Arn Bernin's 'tc4shorewall'.
#
# TCDevices Table
#
# %tcdevices { <interface> -> {in_bandwidth => <value> ,
# out_bandwidth => <value>
# number => <ordinal>
# default => <default class mark value> }
#
my @tcdevices;
my %tcdevices;
#
# TCClasses Table
#
# %tcclasses { device => <device> ,
# mark => <mark> ,
# rate => <rate> ,
# ceiling => <ceiling> ,
# priority => <priority> ,
# options => { tos => [ <value1> , <value2> , ... ];
# tcp_ack => 1 ,
# ...
#
my @tcclasses;
my %tcclasses;
my $prefix = '1';
sub rate_to_kbit( $ ) { sub rate_to_kbit( $ ) {
my $rate = $_[0]; my $rate = $_[0];

18
Shorewall-perl/Shorewall/Zones.pm
View File

@ -247,22 +247,18 @@ sub determine_zones()
fatal_error "Invalid zone type ($type)" ; fatal_error "Invalid zone type ($type)" ;
} }
my %zone_hash; for ( $options, $in_options, $out_options ) {
$_ = '' if $_ eq '-';
$options = '' if $options eq '-'; }
$in_options = '' if $in_options eq '-';
$out_options = '' if $out_options eq '-';
$zone_hash{in_out} = parse_zone_option_list( $options || '', $type );
$zone_hash{in} = parse_zone_option_list( $in_options || '', $type );
$zone_hash{out} = parse_zone_option_list( $out_options || '', $type );
$zone_hash{complex} = ($type eq 'ipsec4' || $options || $in_options || $out_options ? 1 : 0);
$zones{$zone} = { type => $type, $zones{$zone} = { type => $type,
parents => \@parents, parents => \@parents,
exclusions => [], exclusions => [],
bridge => '', bridge => '',
options => \%zone_hash, options => { in_out => parse_zone_option_list( $options || '', $type ) ,
in => parse_zone_option_list( $in_options || '', $type ) ,
out => parse_zone_option_list( $out_options || '', $type ) ,
complex => ($type eq 'ipsec4' || $options || $in_options || $out_options ? 1 : 0) } ,
interfaces => {} , interfaces => {} ,
children => [] , children => [] ,
hosts => {} hosts => {}