Streamline exclusion of the %vserver% pseudo-interface.

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2024-12-19 04:41:07 +01:00 · 2012-02-01 10:25:26 -08:00 · 2012-02-01 10:25:26 -08:00 · 45a1f9df4f
commit 45a1f9df4f
parent 81a96e689b
3 changed files with 14 additions and 5 deletions
--- a/Shorewall/Perl/Shorewall/Chains.pm
+++ b/Shorewall/Perl/Shorewall/Chains.pm
@ -5864,7 +5864,7 @@ sub add_interface_options( $ ) {
 	my %input_chains;
 	my %forward_chains;

-	for my $interface ( grep $_ ne '%vserver%', all_interfaces ) {
+	for my $interface ( all_real_interfaces ) {
 	    $input_chains{$interface}   = $filter_table->{input_option_chain $interface};
 	    $forward_chains{$interface} = $filter_table->{forward_option_chain $interface};
 	}
@ -5983,7 +5983,7 @@ sub add_interface_options( $ ) {
 	#
 	# Simply move the option chain rules to the interface chains
 	#
-	for my $interface ( grep $_ ne '%vserver%', all_interfaces ) {
+	for my $interface ( all_real_interfaces ) {
 	    my $chainref;
 	    my $chain1ref;

--- a/Shorewall/Perl/Shorewall/Misc.pm
+++ b/Shorewall/Perl/Shorewall/Misc.pm
@ -752,7 +752,7 @@ sub add_common_rules ( $ ) {
 	$target1 = $target;
    }

-    for $interface ( grep $_ ne '%vserver%', all_interfaces ) {
+    for $interface ( all_real_interfaces ) {
 	ensure_chain( 'filter', $_ ) for first_chains( $interface ), output_chain( $interface ), option_chains( $interface ), output_option_chain( $interface );

 	my $interfaceref = find_interface $interface;
@ -1367,6 +1367,7 @@ sub add_interface_jumps {
    our %output_jump_added;
    our %forward_jump_added;
    my  $lo_jump_added = 0;
+    my @interfaces = grep $_ ne '%vserver%', @_;
    #
    # Add Nat jumps
    #
@ -1378,7 +1379,7 @@ sub add_interface_jumps {
    addnatjump 'POSTROUTING' , 'nat_out';
    addnatjump 'PREROUTING', 'dnat';

-    for my $interface ( grep $_ ne '%vserver%', @_ ) {
+    for my $interface ( @interfaces  ) {
 	addnatjump 'PREROUTING'  , input_chain( $interface )  , imatch_source_dev( $interface );
 	addnatjump 'POSTROUTING' , output_chain( $interface ) , imatch_dest_dev( $interface );
 	addnatjump 'POSTROUTING' , masq_chain( $interface ) , imatch_dest_dev( $interface );
@ -1392,7 +1393,7 @@ sub add_interface_jumps {
    #
    # Add the jumps to the interface chains from filter FORWARD, INPUT, OUTPUT
    #
-    for my $interface ( grep $_ ne '%vserver%', @_ ) {
+    for my $interface ( @interfaces ) {
 	my $forwardref   = $filter_table->{forward_chain $interface};
 	my $inputref     = $filter_table->{input_chain $interface};
 	my $outputref    = $filter_table->{output_chain $interface};
--- a/Shorewall/Perl/Shorewall/Zones.pm
+++ b/Shorewall/Perl/Shorewall/Zones.pm
@ -61,6 +61,7 @@ our @EXPORT = qw( NOTHING
 		  chain_base
 		  validate_interfaces_file
 		  all_interfaces
+		  all_real_interfaces
 		  all_bridges
 		  interface_number
 		  find_interface
@ -1305,6 +1306,13 @@ sub all_interfaces() {
    @interfaces;
 }

+#
+# Return all non-vserver interfaces
+#
+sub all_real_interfaces() {
+    grep $_ ne '%vserver%', @interfaces;
+}
+
 #
 # Return a list of bridges
 #