diff --git a/Shorewall/Perl/Shorewall/Compiler.pm b/Shorewall/Perl/Shorewall/Compiler.pm index a5e693d10..0f85cac85 100644 --- a/Shorewall/Perl/Shorewall/Compiler.pm +++ b/Shorewall/Perl/Shorewall/Compiler.pm @@ -78,28 +78,32 @@ sub initialize_package_globals() { # Note: This function is not called when $command eq 'check'. So it must have no side effects other # than those related to writing to the output script file. # -sub generate_script_1() { +sub generate_script_1( $ ) { - if ( $test ) { - emit "#!/bin/sh\n#\n# Compiled firewall script generated by Shorewall-perl\n#"; - } else { - my $date = localtime; + my $script = shift; - emit "#!/bin/sh\n#\n# Compiled firewall script generated by Shorewall $globals{VERSION} - $date\n#"; - - if ( $family == F_IPV4 ) { - copy $globals{SHAREDIRPL} . 'prog.header'; + if ( $script ) { + if ( $test ) { + emit "#!/bin/sh\n#\n# Compiled firewall script generated by Shorewall-perl\n#"; } else { - copy $globals{SHAREDIRPL} . 'prog.header6'; + my $date = localtime; + + emit "#!/bin/sh\n#\n# Compiled firewall script generated by Shorewall $globals{VERSION} - $date\n#"; + + if ( $family == F_IPV4 ) { + copy $globals{SHAREDIRPL} . 'prog.header'; + } else { + copy $globals{SHAREDIRPL} . 'prog.header6'; + } + + copy2 $globals{SHAREDIR} . '/lib.common'; } - - copy2 $globals{SHAREDIR} . '/lib.common'; + + my $lib = find_file 'lib.private'; + + copy2 $lib if -f $lib; } - my $lib = find_file 'lib.private'; - - copy2 $lib if -f $lib; - emit <<'EOF'; ################################################################################ # Functions to execute the various user exits (extension scripts) @@ -619,6 +623,8 @@ sub compiler { set_shorewall_dir( $directory ); } + $verbosity = 1 if $debug && $verbosity < 1; + set_verbosity( $verbosity ); set_log($log, $log_verbosity) if $log; set_timestamp( $timestamp ); @@ -685,11 +691,11 @@ sub compiler { enable_script; - if ( $scriptfilename ) { + if ( $scriptfilename || $debug ) { # # Place Header in the script # - generate_script_1; + generate_script_1( $scriptfilename ); # # C O M M O N _ R U L E S # (Writes the setup_common_rules() function to the compiled script) @@ -725,7 +731,7 @@ sub compiler { # setup_zone_mss; - if ( $scriptfilename ) { + if ( $scriptfilename || $debug ) { emit 'return 0'; pop_indent; emit '}'; @@ -738,7 +744,7 @@ sub compiler { # enable_script; - if ( $scriptfilename ) { + if ( $scriptfilename || $debug ) { emit( "\n#", '# Setup routing and traffic shaping', '#', @@ -756,7 +762,7 @@ sub compiler { # setup_tc; - if ( $scriptfilename ) { + if ( $scriptfilename || $debug ) { pop_indent; emit "}\n"; } @@ -899,6 +905,10 @@ sub compiler { optimize_ruleset if $config{OPTIMIZE} & 4; } + enable_script if $debug; + + generate_script_2 if $debug; + preview_netfilter_load if $preview; } # @@ -907,11 +917,17 @@ sub compiler { # Shorewall::Chains::initialize( $family ); initialize_chain_table; - # - # compile_stop_firewall() also validates the routestopped file. Since we don't - # call that function during 'check', we must validate routestopped here. - # - process_routestopped; + + if ( $debug ) { + compile_stop_firewall( $test, $export ); + disable_script; + } else { + # + # compile_stop_firewall() also validates the routestopped file. Since we don't + # call that function during normal 'check', we must validate routestopped here. + # + process_routestopped; + } if ( $family == F_IPV4 ) { progress_message3 "Shorewall configuration verified"; diff --git a/Shorewall/Perl/Shorewall/Config.pm b/Shorewall/Perl/Shorewall/Config.pm index 382ec31ef..6d8f76c50 100644 --- a/Shorewall/Perl/Shorewall/Config.pm +++ b/Shorewall/Perl/Shorewall/Config.pm @@ -896,13 +896,13 @@ sub emit { if ( $debug ) { $line =~ s/^\n//; - $line =~ s/\n/\nCS-----> /g; - print "CS-----> $line\n"; + $line =~ s/\n/\nGS-----> /g; + print "GS-----> $line\n"; } } else { unless ( $lastlineblank ) { print $script "\n" if $script; - print "CS-----> \n" if $debug; + print "GS-----> \n" if $debug; } $lastlineblank = 1; @@ -1163,7 +1163,7 @@ sub copy1( $ ) { my $result = 0; - if ( $script ) { + if ( $script || $debug ) { my $file = $_[0]; open IF , $file or fatal_error "Unable to open $file: $!"; @@ -1174,8 +1174,16 @@ sub copy1( $ ) { chomp; if ( /^${here_documents}\s*$/ ) { - print $script $here_documents if $here_documents; - print $script "\n"; + if ( $script ) { + print $script $here_documents if $here_documents; + print $script "\n"; + } + + if ( $debug ) { + print "GS-----> $here_documents" if $here_documents; + print "GS----->\n"; + } + $do_indent = 1; $here_documents = ''; next; @@ -1186,8 +1194,17 @@ sub copy1( $ ) { s/^(\s*)/$indent1$1$indent2/; s/ /\t/ if $indent2; $do_indent = 0; - print $script $_; - print $script "\n"; + + if ( $script ) { + print $script $_; + print $script "\n"; + } + + if ( $debug ) { + s/\n/\nGS-----> /g; + print "GS-----> $_\n"; + } + $result = 1; next; } @@ -1197,11 +1214,19 @@ sub copy1( $ ) { s/ /\t/ if $indent2; } - print $script $_; - print $script "\n"; + if ( $script ) { + print $script $_; + print $script "\n"; + } + $do_indent = ! ( $here_documents || /\\$/ ); $result = 1 unless $result || /^\s*$/ || /^\s*#/; + + if ( $debug ) { + s/\n/\nGS-----> /g; + print "GS-----> $_\n"; + } } close IF;