mirror of
https://gitlab.com/shorewall/code.git
synced 2024-11-29 02:54:18 +01:00
Implement optional action parameters
This commit is contained in:
parent
d8bcbffb88
commit
4111432a52
@ -1799,7 +1799,8 @@ sub push_params( $ ) {
|
|||||||
%actparms = ();
|
%actparms = ();
|
||||||
|
|
||||||
for ( my $i = 1; $i <= @params; $i++ ) {
|
for ( my $i = 1; $i <= @params; $i++ ) {
|
||||||
$actparms{$i} = $params[$i - 1];
|
my $val = $params[$i - 1];
|
||||||
|
$actparms{$i} = $val eq '-' ? '' : $val;
|
||||||
}
|
}
|
||||||
|
|
||||||
$oldparams;
|
$oldparams;
|
||||||
|
@ -260,7 +260,7 @@ sub process_rule_common ( $$$$$$$$$$$$$$$$ );
|
|||||||
|
|
||||||
sub process_actions1() {
|
sub process_actions1() {
|
||||||
|
|
||||||
progress_message2 "Preprocessing Action Files...";
|
progress_message2 "Locating Action Files...";
|
||||||
#
|
#
|
||||||
# Add built-in actions to the target table and create those actions
|
# Add built-in actions to the target table and create those actions
|
||||||
#
|
#
|
||||||
@ -717,6 +717,14 @@ sub process_macro ( $$$$$$$$$$$$$$$$$ ) {
|
|||||||
#
|
#
|
||||||
# Once a rule has been expanded via wildcards (source and/or dest zone eq 'all'), it is processed by this function. If
|
# Once a rule has been expanded via wildcards (source and/or dest zone eq 'all'), it is processed by this function. If
|
||||||
# the target is a macro, the macro is expanded and this function is called recursively for each rule in the expansion.
|
# the target is a macro, the macro is expanded and this function is called recursively for each rule in the expansion.
|
||||||
|
# Rules in both the rules file and in action bodies are processed here.
|
||||||
|
#
|
||||||
|
# This function may be called in three different ways:
|
||||||
|
#
|
||||||
|
# 1) $chainref undefined -- Being called to process a record in the rules file. All arguments are passed.
|
||||||
|
# 2) $chainref is a chain name -- Pre-proessing the records in an action file. Only $target is passed.
|
||||||
|
# 3) $chainref is a chain reference -- Processing the records in an action file. The chain is where the generated
|
||||||
|
# rules are added.
|
||||||
#
|
#
|
||||||
sub process_rule_common ( $$$$$$$$$$$$$$$$ ) {
|
sub process_rule_common ( $$$$$$$$$$$$$$$$ ) {
|
||||||
my ( $chainref, #reference to Action Chain if we are being called from process_action3()
|
my ( $chainref, #reference to Action Chain if we are being called from process_action3()
|
||||||
@ -765,7 +773,7 @@ sub process_rule_common ( $$$$$$$$$$$$$$$$ ) {
|
|||||||
( $basictarget, $actiontype , $param ) = map_old_actions( $basictarget ) unless $actiontype || $param;
|
( $basictarget, $actiontype , $param ) = map_old_actions( $basictarget ) unless $actiontype || $param;
|
||||||
}
|
}
|
||||||
|
|
||||||
fatal_error "Unknown action ($action)" unless $actiontype;
|
fatal_error "Unknown ACTION ($action)" unless $actiontype;
|
||||||
|
|
||||||
if ( $actiontype == MACRO ) {
|
if ( $actiontype == MACRO ) {
|
||||||
#
|
#
|
||||||
|
@ -125,13 +125,18 @@ Beta 1
|
|||||||
Actions are now free to invoke other actions.
|
Actions are now free to invoke other actions.
|
||||||
|
|
||||||
4) There is now support for parameterized actions. The parameters are
|
4) There is now support for parameterized actions. The parameters are
|
||||||
available to extensions scripts. See
|
a comma-separated list enclosed in parentheses following the
|
||||||
|
action name (e.g., ACT(REDIRECT,192.168.1.4)). Within the action
|
||||||
|
body, the parameter values are available in $1, $2, etc.
|
||||||
|
|
||||||
|
You can 'omit' a parameter in the list by using '-' (e,g,
|
||||||
|
REDIRECT,-.info) would omit the second parameter (within the action
|
||||||
|
body, $2 would expand to nothing).
|
||||||
|
|
||||||
|
Parameter values are also available to extensions scripts. See
|
||||||
http://www.shorewall.net/Actions.html#Extension for more
|
http://www.shorewall.net/Actions.html#Extension for more
|
||||||
information.
|
information.
|
||||||
|
|
||||||
Within the action body, the parameter values are available in $1,
|
|
||||||
$2, etc.
|
|
||||||
|
|
||||||
----------------------------------------------------------------------------
|
----------------------------------------------------------------------------
|
||||||
I V. R E L E A S E 4 . 4 H I G H L I G H T S
|
I V. R E L E A S E 4 . 4 H I G H L I G H T S
|
||||||
----------------------------------------------------------------------------
|
----------------------------------------------------------------------------
|
||||||
|
@ -249,6 +249,12 @@ A(REDIRECT) net fw</programlisting>
|
|||||||
<programlisting>#TARGET SOURCE DEST PROTO DEST SOURCE ORIGINAL
|
<programlisting>#TARGET SOURCE DEST PROTO DEST SOURCE ORIGINAL
|
||||||
# PORT(S) PORT(S) DEST
|
# PORT(S) PORT(S) DEST
|
||||||
REDIRECT net - tcp 80 - 1.2.3.4</programlisting>
|
REDIRECT net - tcp 80 - 1.2.3.4</programlisting>
|
||||||
|
|
||||||
|
<para>You can 'omit' parameters by using '-'.</para>
|
||||||
|
|
||||||
|
<para>Example: ACTION(REDIRECT,-,info) </para>
|
||||||
|
|
||||||
|
<para>In the above example, $2 would expand to nothing.</para>
|
||||||
</section>
|
</section>
|
||||||
|
|
||||||
<section>
|
<section>
|
||||||
@ -542,7 +548,8 @@ bar:debug</programlisting>
|
|||||||
|
|
||||||
<listitem>
|
<listitem>
|
||||||
<para><emphasis role="bold">@params</emphasis> is the list of
|
<para><emphasis role="bold">@params</emphasis> is the list of
|
||||||
parameter values (Shorewall 4.4.16 and later).</para>
|
parameter values (Shorewall 4.4.16 and later). 'Omitted' parameters
|
||||||
|
contain '-'.</para>
|
||||||
</listitem>
|
</listitem>
|
||||||
</itemizedlist>
|
</itemizedlist>
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user