Streamline exclusion of the %vserver% pseudo-interface.

Signed-off-by: Tom Eastep <teastep@shorewall.net>
This commit is contained in:
Tom Eastep 2012-02-01 10:25:26 -08:00
parent 81a96e689b
commit 45a1f9df4f
3 changed files with 14 additions and 5 deletions

View File

@ -5864,7 +5864,7 @@ sub add_interface_options( $ ) {
my %input_chains; my %input_chains;
my %forward_chains; my %forward_chains;
for my $interface ( grep $_ ne '%vserver%', all_interfaces ) { for my $interface ( all_real_interfaces ) {
$input_chains{$interface} = $filter_table->{input_option_chain $interface}; $input_chains{$interface} = $filter_table->{input_option_chain $interface};
$forward_chains{$interface} = $filter_table->{forward_option_chain $interface}; $forward_chains{$interface} = $filter_table->{forward_option_chain $interface};
} }
@ -5983,7 +5983,7 @@ sub add_interface_options( $ ) {
# #
# Simply move the option chain rules to the interface chains # Simply move the option chain rules to the interface chains
# #
for my $interface ( grep $_ ne '%vserver%', all_interfaces ) { for my $interface ( all_real_interfaces ) {
my $chainref; my $chainref;
my $chain1ref; my $chain1ref;

View File

@ -752,7 +752,7 @@ sub add_common_rules ( $ ) {
$target1 = $target; $target1 = $target;
} }
for $interface ( grep $_ ne '%vserver%', all_interfaces ) { for $interface ( all_real_interfaces ) {
ensure_chain( 'filter', $_ ) for first_chains( $interface ), output_chain( $interface ), option_chains( $interface ), output_option_chain( $interface ); ensure_chain( 'filter', $_ ) for first_chains( $interface ), output_chain( $interface ), option_chains( $interface ), output_option_chain( $interface );
my $interfaceref = find_interface $interface; my $interfaceref = find_interface $interface;
@ -1367,6 +1367,7 @@ sub add_interface_jumps {
our %output_jump_added; our %output_jump_added;
our %forward_jump_added; our %forward_jump_added;
my $lo_jump_added = 0; my $lo_jump_added = 0;
my @interfaces = grep $_ ne '%vserver%', @_;
# #
# Add Nat jumps # Add Nat jumps
# #
@ -1378,7 +1379,7 @@ sub add_interface_jumps {
addnatjump 'POSTROUTING' , 'nat_out'; addnatjump 'POSTROUTING' , 'nat_out';
addnatjump 'PREROUTING', 'dnat'; addnatjump 'PREROUTING', 'dnat';
for my $interface ( grep $_ ne '%vserver%', @_ ) { for my $interface ( @interfaces ) {
addnatjump 'PREROUTING' , input_chain( $interface ) , imatch_source_dev( $interface ); addnatjump 'PREROUTING' , input_chain( $interface ) , imatch_source_dev( $interface );
addnatjump 'POSTROUTING' , output_chain( $interface ) , imatch_dest_dev( $interface ); addnatjump 'POSTROUTING' , output_chain( $interface ) , imatch_dest_dev( $interface );
addnatjump 'POSTROUTING' , masq_chain( $interface ) , imatch_dest_dev( $interface ); addnatjump 'POSTROUTING' , masq_chain( $interface ) , imatch_dest_dev( $interface );
@ -1392,7 +1393,7 @@ sub add_interface_jumps {
# #
# Add the jumps to the interface chains from filter FORWARD, INPUT, OUTPUT # Add the jumps to the interface chains from filter FORWARD, INPUT, OUTPUT
# #
for my $interface ( grep $_ ne '%vserver%', @_ ) { for my $interface ( @interfaces ) {
my $forwardref = $filter_table->{forward_chain $interface}; my $forwardref = $filter_table->{forward_chain $interface};
my $inputref = $filter_table->{input_chain $interface}; my $inputref = $filter_table->{input_chain $interface};
my $outputref = $filter_table->{output_chain $interface}; my $outputref = $filter_table->{output_chain $interface};

View File

@ -61,6 +61,7 @@ our @EXPORT = qw( NOTHING
chain_base chain_base
validate_interfaces_file validate_interfaces_file
all_interfaces all_interfaces
all_real_interfaces
all_bridges all_bridges
interface_number interface_number
find_interface find_interface
@ -1305,6 +1306,13 @@ sub all_interfaces() {
@interfaces; @interfaces;
} }
#
# Return all non-vserver interfaces
#
sub all_real_interfaces() {
grep $_ ne '%vserver%', @interfaces;
}
# #
# Return a list of bridges # Return a list of bridges
# #