mirror of
https://gitlab.com/shorewall/code.git
synced 2024-12-30 10:08:52 +01:00
Streamline exclusion of the %vserver% pseudo-interface.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
This commit is contained in:
parent
81a96e689b
commit
45a1f9df4f
@ -5864,7 +5864,7 @@ sub add_interface_options( $ ) {
|
|||||||
my %input_chains;
|
my %input_chains;
|
||||||
my %forward_chains;
|
my %forward_chains;
|
||||||
|
|
||||||
for my $interface ( grep $_ ne '%vserver%', all_interfaces ) {
|
for my $interface ( all_real_interfaces ) {
|
||||||
$input_chains{$interface} = $filter_table->{input_option_chain $interface};
|
$input_chains{$interface} = $filter_table->{input_option_chain $interface};
|
||||||
$forward_chains{$interface} = $filter_table->{forward_option_chain $interface};
|
$forward_chains{$interface} = $filter_table->{forward_option_chain $interface};
|
||||||
}
|
}
|
||||||
@ -5983,7 +5983,7 @@ sub add_interface_options( $ ) {
|
|||||||
#
|
#
|
||||||
# Simply move the option chain rules to the interface chains
|
# Simply move the option chain rules to the interface chains
|
||||||
#
|
#
|
||||||
for my $interface ( grep $_ ne '%vserver%', all_interfaces ) {
|
for my $interface ( all_real_interfaces ) {
|
||||||
my $chainref;
|
my $chainref;
|
||||||
my $chain1ref;
|
my $chain1ref;
|
||||||
|
|
||||||
|
@ -752,7 +752,7 @@ sub add_common_rules ( $ ) {
|
|||||||
$target1 = $target;
|
$target1 = $target;
|
||||||
}
|
}
|
||||||
|
|
||||||
for $interface ( grep $_ ne '%vserver%', all_interfaces ) {
|
for $interface ( all_real_interfaces ) {
|
||||||
ensure_chain( 'filter', $_ ) for first_chains( $interface ), output_chain( $interface ), option_chains( $interface ), output_option_chain( $interface );
|
ensure_chain( 'filter', $_ ) for first_chains( $interface ), output_chain( $interface ), option_chains( $interface ), output_option_chain( $interface );
|
||||||
|
|
||||||
my $interfaceref = find_interface $interface;
|
my $interfaceref = find_interface $interface;
|
||||||
@ -1367,6 +1367,7 @@ sub add_interface_jumps {
|
|||||||
our %output_jump_added;
|
our %output_jump_added;
|
||||||
our %forward_jump_added;
|
our %forward_jump_added;
|
||||||
my $lo_jump_added = 0;
|
my $lo_jump_added = 0;
|
||||||
|
my @interfaces = grep $_ ne '%vserver%', @_;
|
||||||
#
|
#
|
||||||
# Add Nat jumps
|
# Add Nat jumps
|
||||||
#
|
#
|
||||||
@ -1378,7 +1379,7 @@ sub add_interface_jumps {
|
|||||||
addnatjump 'POSTROUTING' , 'nat_out';
|
addnatjump 'POSTROUTING' , 'nat_out';
|
||||||
addnatjump 'PREROUTING', 'dnat';
|
addnatjump 'PREROUTING', 'dnat';
|
||||||
|
|
||||||
for my $interface ( grep $_ ne '%vserver%', @_ ) {
|
for my $interface ( @interfaces ) {
|
||||||
addnatjump 'PREROUTING' , input_chain( $interface ) , imatch_source_dev( $interface );
|
addnatjump 'PREROUTING' , input_chain( $interface ) , imatch_source_dev( $interface );
|
||||||
addnatjump 'POSTROUTING' , output_chain( $interface ) , imatch_dest_dev( $interface );
|
addnatjump 'POSTROUTING' , output_chain( $interface ) , imatch_dest_dev( $interface );
|
||||||
addnatjump 'POSTROUTING' , masq_chain( $interface ) , imatch_dest_dev( $interface );
|
addnatjump 'POSTROUTING' , masq_chain( $interface ) , imatch_dest_dev( $interface );
|
||||||
@ -1392,7 +1393,7 @@ sub add_interface_jumps {
|
|||||||
#
|
#
|
||||||
# Add the jumps to the interface chains from filter FORWARD, INPUT, OUTPUT
|
# Add the jumps to the interface chains from filter FORWARD, INPUT, OUTPUT
|
||||||
#
|
#
|
||||||
for my $interface ( grep $_ ne '%vserver%', @_ ) {
|
for my $interface ( @interfaces ) {
|
||||||
my $forwardref = $filter_table->{forward_chain $interface};
|
my $forwardref = $filter_table->{forward_chain $interface};
|
||||||
my $inputref = $filter_table->{input_chain $interface};
|
my $inputref = $filter_table->{input_chain $interface};
|
||||||
my $outputref = $filter_table->{output_chain $interface};
|
my $outputref = $filter_table->{output_chain $interface};
|
||||||
|
@ -61,6 +61,7 @@ our @EXPORT = qw( NOTHING
|
|||||||
chain_base
|
chain_base
|
||||||
validate_interfaces_file
|
validate_interfaces_file
|
||||||
all_interfaces
|
all_interfaces
|
||||||
|
all_real_interfaces
|
||||||
all_bridges
|
all_bridges
|
||||||
interface_number
|
interface_number
|
||||||
find_interface
|
find_interface
|
||||||
@ -1305,6 +1306,13 @@ sub all_interfaces() {
|
|||||||
@interfaces;
|
@interfaces;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
#
|
||||||
|
# Return all non-vserver interfaces
|
||||||
|
#
|
||||||
|
sub all_real_interfaces() {
|
||||||
|
grep $_ ne '%vserver%', @interfaces;
|
||||||
|
}
|
||||||
|
|
||||||
#
|
#
|
||||||
# Return a list of bridges
|
# Return a list of bridges
|
||||||
#
|
#
|
||||||
|
Loading…
Reference in New Issue
Block a user