extern/shorewall_code
1
0
Fork 1
mirror of https://gitlab.com/shorewall/code.git synced 2024-11-08 16:54:10 +01:00
Code Issues Packages Projects Releases Wiki Activity

Add 'audit' option to actions

Browse Source 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
This commit is contained in:
Tom Eastep 2016-03-13 14:39:46 -07:00
parent 2c3644a510
commit 44c0bffcd3
2 changed files with 22 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
Shorewall/Perl/Shorewall/Config.pm
View File

@ -139,6 +139,7 @@ our %EXPORT_TAGS = ( internal => [ qw( create_temp_script
push_action_params push_action_params
pop_action_params pop_action_params
default_action_params default_action_params
setup_audit_action
read_a_line read_a_line
which which
qt qt
@ -3295,6 +3296,18 @@ sub get_action_params( $ ) {
@return; @return;
} }
sub setup_audit_action( $ ) {
my ( $action ) = @_;
my ( $target, $audit ) = get_action_params( 2 );
if ( supplied $audit ) {
fatal_error "Invalid parameter ($audit) to action $action" if $audit ne 'audit';
$actparms{1} = "A_$target";
}
}
# #
# Returns the Level and Tag for the current action chain # Returns the Level and Tag for the current action chain
# #

11
Shorewall/Perl/Shorewall/Rules.pm
View File

@ -237,6 +237,7 @@ use constant { INLINE_OPT => 1 ,
FILTER_OPT => 64 , FILTER_OPT => 64 ,
NAT_OPT => 128 , NAT_OPT => 128 ,
TERMINATING_OPT => 256 , TERMINATING_OPT => 256 ,
AUDIT_OPT => 512 ,
}; };
our %options = ( inline => INLINE_OPT , our %options = ( inline => INLINE_OPT ,
@ -248,6 +249,7 @@ our %options = ( inline => INLINE_OPT ,
filter => FILTER_OPT , filter => FILTER_OPT ,
nat => NAT_OPT , nat => NAT_OPT ,
terminating => TERMINATING_OPT , terminating => TERMINATING_OPT ,
audit => AUDIT_OPT ,
); );
################################################################################ ################################################################################
# Declarations moved from the Tc module in 5.0.7 # # Declarations moved from the Tc module in 5.0.7 #
@ -1829,8 +1831,10 @@ sub process_action(\$\$$) {
push_open $actionfile, 2, 1, undef, 2; push_open $actionfile, 2, 1, undef, 2;
my $oldparms = push_action_params( $action, $chainref, $param, $level, $tag, $caller ); my $oldparms = push_action_params( $action, $chainref, $param, $level, $tag, $caller );
my $options = $actions{$action}{options};
my $nolog = $options & NOINLINE_OPT;
my $nolog = $actions{$action}{options} & NOINLINE_OPT; setup_audit_action( $action ) if $options & AUDIT_OPT;
$active{$action}++; $active{$action}++;
push @actionstack, $wholeaction; push @actionstack, $wholeaction;
@ -2326,7 +2330,10 @@ sub process_inline ($$$$$$$$$$$$$$$$$$$$$$) {
); );
my $inlinefile = $inlines{$inline}{file}; my $inlinefile = $inlines{$inline}{file};
my $nolog = $inlines{$inline}{options} & NOLOG_OPT; my $options = $inlines{$inline}{options};
my $nolog = $options & NOLOG_OPT;
setup_audit_action( $inline ) if $options & AUDIT_OPT;
progress_message "..Expanding inline action $inlinefile..."; progress_message "..Expanding inline action $inlinefile...";