mirror of
https://gitlab.com/shorewall/code.git
synced 2024-11-22 07:33:43 +01:00
Add BALANCE_PROVIDERS option
Signed-off-by: Tom Eastep <teastep@shorewall.net>
This commit is contained in:
parent
2d16fac9ed
commit
45b9ddf188
@ -904,6 +904,7 @@ sub initialize( $;$$) {
|
|||||||
VERBOSE_MESSAGES => undef ,
|
VERBOSE_MESSAGES => undef ,
|
||||||
ZERO_MARKS => undef ,
|
ZERO_MARKS => undef ,
|
||||||
FIREWALL => undef ,
|
FIREWALL => undef ,
|
||||||
|
BALANCE_PROVIDERS => undef ,
|
||||||
#
|
#
|
||||||
# Packet Disposition
|
# Packet Disposition
|
||||||
#
|
#
|
||||||
@ -5279,6 +5280,7 @@ sub update_config_file( $ ) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
update_default( 'USE_DEFAULT_RT', 'No' );
|
update_default( 'USE_DEFAULT_RT', 'No' );
|
||||||
|
update_default( 'BALANCE_PROVIDERS', 'Yes' );
|
||||||
update_default( 'EXPORTMODULES', 'No' );
|
update_default( 'EXPORTMODULES', 'No' );
|
||||||
update_default( 'RESTART', 'reload' );
|
update_default( 'RESTART', 'reload' );
|
||||||
update_default( 'PAGER', $shorewallrc1{DEFAULT_PAGER} );
|
update_default( 'PAGER', $shorewallrc1{DEFAULT_PAGER} );
|
||||||
@ -6286,6 +6288,9 @@ sub get_configuration( $$$$ ) {
|
|||||||
default_yes_no 'RESTORE_DEFAULT_ROUTE' , 'Yes';
|
default_yes_no 'RESTORE_DEFAULT_ROUTE' , 'Yes';
|
||||||
default_yes_no 'AUTOMAKE' , '';
|
default_yes_no 'AUTOMAKE' , '';
|
||||||
default_yes_no 'TRACK_PROVIDERS' , '';
|
default_yes_no 'TRACK_PROVIDERS' , '';
|
||||||
|
default_yes_no 'BALANCE_PROVIDERS' , 'Yes';
|
||||||
|
|
||||||
|
$config{BALANCE_PROVIDERS} = '' unless $config{USE_DEFAULT_RT};
|
||||||
|
|
||||||
unless ( ( $config{NULL_ROUTE_RFC1918} || '' ) =~ /^(?:blackhole|unreachable|prohibit)$/ ) {
|
unless ( ( $config{NULL_ROUTE_RFC1918} || '' ) =~ /^(?:blackhole|unreachable|prohibit)$/ ) {
|
||||||
default_yes_no( 'NULL_ROUTE_RFC1918', '' );
|
default_yes_no( 'NULL_ROUTE_RFC1918', '' );
|
||||||
|
@ -519,11 +519,11 @@ sub process_a_provider( $ ) {
|
|||||||
my ( $loose, $track, $balance, $default, $default_balance, $optional, $mtu, $tproxy, $local, $load, $what, $hostroute, $persistent );
|
my ( $loose, $track, $balance, $default, $default_balance, $optional, $mtu, $tproxy, $local, $load, $what, $hostroute, $persistent );
|
||||||
|
|
||||||
if ( $pseudo ) {
|
if ( $pseudo ) {
|
||||||
( $loose, $track, $balance , $default, $default_balance, $optional, $mtu, $tproxy , $local, $load, $what , $hostroute, $persistent ) =
|
( $loose, $track, $balance , $default, $default_balance, $optional, $mtu, $tproxy , $local, $load, $what , $hostroute, $persistent ) =
|
||||||
( 0, 0 , 0 , 0, 0, 1 , '' , 0 , 0, 0, 'interface', 0, 0);
|
( 0, 0 , 0 , 0, 0, 1 , '' , 0 , 0, 0, 'interface', 0, 0);
|
||||||
} else {
|
} else {
|
||||||
( $loose, $track, $balance , $default, $default_balance, $optional, $mtu, $tproxy , $local, $load, $what , $hostroute, $persistent )=
|
( $loose, $track, $balance , $default, $default_balance, $optional, $mtu, $tproxy , $local, $load, $what , $hostroute, $persistent )=
|
||||||
( 0, $config{TRACK_PROVIDERS}, 0 , 0, $config{USE_DEFAULT_RT} ? 1 : 0, interface_is_optional( $interface ), '' , 0 , 0, 0, 'provider', 1, 0);
|
( 0, $config{TRACK_PROVIDERS}, 0 , 0, $config{BALANCE_PROVIDERS} ? 1 : 0, interface_is_optional( $interface ), '' , 0 , 0, 0, 'provider', 1, 0);
|
||||||
}
|
}
|
||||||
|
|
||||||
unless ( $options eq '-' ) {
|
unless ( $options eq '-' ) {
|
||||||
|
@ -140,6 +140,8 @@ AUTOHELPERS=Yes
|
|||||||
|
|
||||||
AUTOMAKE=Yes
|
AUTOMAKE=Yes
|
||||||
|
|
||||||
|
BALANCE_PROVIDERS=No
|
||||||
|
|
||||||
BASIC_FILTERS=No
|
BASIC_FILTERS=No
|
||||||
|
|
||||||
BLACKLIST="NEW,INVALID,UNTRACKED"
|
BLACKLIST="NEW,INVALID,UNTRACKED"
|
||||||
|
@ -151,6 +151,8 @@ AUTOHELPERS=Yes
|
|||||||
|
|
||||||
AUTOMAKE=Yes
|
AUTOMAKE=Yes
|
||||||
|
|
||||||
|
BALANCE_PROVIDERS=No
|
||||||
|
|
||||||
BASIC_FILTERS=No
|
BASIC_FILTERS=No
|
||||||
|
|
||||||
BLACKLIST="NEW,INVALID,UNTRACKED"
|
BLACKLIST="NEW,INVALID,UNTRACKED"
|
||||||
|
@ -148,6 +148,8 @@ AUTOHELPERS=Yes
|
|||||||
|
|
||||||
AUTOMAKE=Yes
|
AUTOMAKE=Yes
|
||||||
|
|
||||||
|
BALANCE_PROVIDERS=No
|
||||||
|
|
||||||
BASIC_FILTERS=No
|
BASIC_FILTERS=No
|
||||||
|
|
||||||
BLACKLIST="NEW,INVALID,UNTRACKED"
|
BLACKLIST="NEW,INVALID,UNTRACKED"
|
||||||
|
@ -151,6 +151,8 @@ AUTOHELPERS=Yes
|
|||||||
|
|
||||||
AUTOMAKE=Yes
|
AUTOMAKE=Yes
|
||||||
|
|
||||||
|
BALANCE_PROVIDERS=No
|
||||||
|
|
||||||
BASIC_FILTERS=No
|
BASIC_FILTERS=No
|
||||||
|
|
||||||
BLACKLIST="NEW,INVALID,UNTRACKED"
|
BLACKLIST="NEW,INVALID,UNTRACKED"
|
||||||
|
@ -140,6 +140,8 @@ AUTOHELPERS=Yes
|
|||||||
|
|
||||||
AUTOMAKE=Yes
|
AUTOMAKE=Yes
|
||||||
|
|
||||||
|
BALANCE_PROVIDERS=No
|
||||||
|
|
||||||
BASIC_FILTERS=No
|
BASIC_FILTERS=No
|
||||||
|
|
||||||
BLACKLIST="NEW,INVALID,UNTRACKED"
|
BLACKLIST="NEW,INVALID,UNTRACKED"
|
||||||
|
@ -443,6 +443,23 @@
|
|||||||
</listitem>
|
</listitem>
|
||||||
</varlistentry>
|
</varlistentry>
|
||||||
|
|
||||||
|
<varlistentry>
|
||||||
|
<term><emphasis role="bold">BALANCE_PROVIDERS=</emphasis>[<emphasis
|
||||||
|
role="bold">Yes</emphasis>|<emphasis role="bold">No</emphasis>]</term>
|
||||||
|
|
||||||
|
<listitem>
|
||||||
|
<para>Added in Shorewall 5.1.1. When USE_DEFAULT_RT=Yes, this option
|
||||||
|
determines whether the <option>balance</option> provider option (see
|
||||||
|
<ulink
|
||||||
|
url="shorewall-providers.html">shorewall-providers(5)</ulink>) is
|
||||||
|
the default. When BALANCE_PROVIDERS=Yes (the default), then the
|
||||||
|
<option>balance</option> option is assumed unless the
|
||||||
|
<option>fallback</option>, <option>loose</option>,
|
||||||
|
<option>load</option> or <option>tproxy</option> option is
|
||||||
|
specified.</para>
|
||||||
|
</listitem>
|
||||||
|
</varlistentry>
|
||||||
|
|
||||||
<varlistentry>
|
<varlistentry>
|
||||||
<term><emphasis role="bold">BASIC_FILTERS=</emphasis>[<emphasis
|
<term><emphasis role="bold">BASIC_FILTERS=</emphasis>[<emphasis
|
||||||
role="bold">Yes</emphasis>|<emphasis role="bold">No</emphasis>]</term>
|
role="bold">Yes</emphasis>|<emphasis role="bold">No</emphasis>]</term>
|
||||||
@ -2831,8 +2848,12 @@ INLINE - - - ;; -j REJECT
|
|||||||
</listitem>
|
</listitem>
|
||||||
|
|
||||||
<listitem>
|
<listitem>
|
||||||
<para><emphasis role="bold">balance</emphasis> is assumed unless
|
<para>If running Shorewall 5.1.0 or earlier or if
|
||||||
<emphasis role="bold">loose</emphasis> is specified.</para>
|
BALANCE_PROVIDERS=Yes (Shorewall 5.1.1 or later), then the
|
||||||
|
<emphasis role="bold">balance</emphasis> provider option is
|
||||||
|
assumed unless the <option>fallback</option>,
|
||||||
|
<option>loose</option>, <option>load</option> or
|
||||||
|
<option>tproxy</option> option is specified.</para>
|
||||||
</listitem>
|
</listitem>
|
||||||
|
|
||||||
<listitem>
|
<listitem>
|
||||||
|
@ -133,6 +133,8 @@ AUTOHELPERS=Yes
|
|||||||
|
|
||||||
AUTOMAKE=Yes
|
AUTOMAKE=Yes
|
||||||
|
|
||||||
|
BALANCE_PROVIDERS=No
|
||||||
|
|
||||||
BASIC_FILTERS=No
|
BASIC_FILTERS=No
|
||||||
|
|
||||||
BLACKLIST="NEW,INVALID,UNTRACKED"
|
BLACKLIST="NEW,INVALID,UNTRACKED"
|
||||||
|
@ -134,6 +134,8 @@ AUTOHELPERS=Yes
|
|||||||
|
|
||||||
AUTOMAKE=Yes
|
AUTOMAKE=Yes
|
||||||
|
|
||||||
|
BALANCE_PROVIDERS=No
|
||||||
|
|
||||||
BASIC_FILTERS=No
|
BASIC_FILTERS=No
|
||||||
|
|
||||||
BLACKLIST="NEW,INVALID,UNTRACKED"
|
BLACKLIST="NEW,INVALID,UNTRACKED"
|
||||||
|
@ -133,6 +133,8 @@ AUTOHELPERS=Yes
|
|||||||
|
|
||||||
AUTOMAKE=Yes
|
AUTOMAKE=Yes
|
||||||
|
|
||||||
|
BALANCE_PROVIDERS=No
|
||||||
|
|
||||||
BASIC_FILTERS=No
|
BASIC_FILTERS=No
|
||||||
|
|
||||||
BLACKLIST="NEW,INVALID,UNTRACKED"
|
BLACKLIST="NEW,INVALID,UNTRACKED"
|
||||||
|
@ -133,6 +133,8 @@ AUTOHELPERS=Yes
|
|||||||
|
|
||||||
AUTOMAKE=Yes
|
AUTOMAKE=Yes
|
||||||
|
|
||||||
|
BALANCE_PROVIDERS=No
|
||||||
|
|
||||||
BASIC_FILTERS=No
|
BASIC_FILTERS=No
|
||||||
|
|
||||||
BLACKLIST="NEW,INVALID,UNTRACKED"
|
BLACKLIST="NEW,INVALID,UNTRACKED"
|
||||||
|
@ -133,6 +133,8 @@ AUTOHELPERS=Yes
|
|||||||
|
|
||||||
AUTOMAKE=Yes
|
AUTOMAKE=Yes
|
||||||
|
|
||||||
|
BALANCE_PROVIDERS=No
|
||||||
|
|
||||||
BASIC_FILTERS=No
|
BASIC_FILTERS=No
|
||||||
|
|
||||||
BLACKLIST="NEW,INVALID,UNTRACKED"
|
BLACKLIST="NEW,INVALID,UNTRACKED"
|
||||||
|
@ -374,6 +374,23 @@
|
|||||||
</listitem>
|
</listitem>
|
||||||
</varlistentry>
|
</varlistentry>
|
||||||
|
|
||||||
|
<varlistentry>
|
||||||
|
<term><emphasis role="bold">BALANCE_PROVIDERS=</emphasis>[<emphasis
|
||||||
|
role="bold">Yes</emphasis>|<emphasis role="bold">No</emphasis>]</term>
|
||||||
|
|
||||||
|
<listitem>
|
||||||
|
<para>Added in Shorewall 5.1.1. When USE_DEFAULT_RT=Yes, this option
|
||||||
|
determines whether the <option>balance</option> provider option (see
|
||||||
|
<ulink
|
||||||
|
url="shorewall6-providers.html">shorewall6-providers(5)</ulink>) is
|
||||||
|
the default. When BALANCE_PROVIDERS=Yes (the default), then the
|
||||||
|
<option>balance</option> option is assumed unless the
|
||||||
|
<option>fallback</option>, <option>loose</option>,
|
||||||
|
<option>load</option> or <option>tproxy</option> option is
|
||||||
|
specified.</para>
|
||||||
|
</listitem>
|
||||||
|
</varlistentry>
|
||||||
|
|
||||||
<varlistentry>
|
<varlistentry>
|
||||||
<term><emphasis role="bold">BASIC_FILTERS=</emphasis>[<emphasis
|
<term><emphasis role="bold">BASIC_FILTERS=</emphasis>[<emphasis
|
||||||
role="bold">Yes</emphasis>|<emphasis role="bold">No</emphasis>]</term>
|
role="bold">Yes</emphasis>|<emphasis role="bold">No</emphasis>]</term>
|
||||||
@ -2475,8 +2492,12 @@ INLINE - - - ;; -j REJECT
|
|||||||
</listitem>
|
</listitem>
|
||||||
|
|
||||||
<listitem>
|
<listitem>
|
||||||
<para><emphasis role="bold">balance</emphasis> is assumed unless
|
<para>If running Shorewall 5.1.0 or earlier or if
|
||||||
<emphasis role="bold">loose</emphasis> is specified.</para>
|
BALANCE_PROVIDERS=Yes (Shorewall 5.1.1 or later), then the
|
||||||
|
<emphasis role="bold">balance</emphasis> provider option is
|
||||||
|
assumed unless the <option>fallback</option>,
|
||||||
|
<option>loose</option>, <option>load</option> or
|
||||||
|
<option>tproxy</option> option is specified.</para>
|
||||||
</listitem>
|
</listitem>
|
||||||
|
|
||||||
<listitem>
|
<listitem>
|
||||||
|
@ -484,6 +484,18 @@ fi</programlisting>
|
|||||||
url="FAQ.htm#faq58">FAQ 58</ulink>.</para>
|
url="FAQ.htm#faq58">FAQ 58</ulink>.</para>
|
||||||
</note></para>
|
</note></para>
|
||||||
</important>
|
</important>
|
||||||
|
|
||||||
|
<para>Prior to Shorewall 5.1.1, <emphasis
|
||||||
|
role="bold">balance=1</emphasis> is the default when
|
||||||
|
USE_DEFAULT_RT=Yes and neither the
|
||||||
|
<option>fallback</option>, <option>loose</option>,
|
||||||
|
<option>load</option> or <option>tproxy</option> option is
|
||||||
|
specified. Beginning with Shorewall 5.1.1, <emphasis
|
||||||
|
role="bold">balance=1</emphasis> is the default when both
|
||||||
|
USE_DEFAULT_RT=Yes and BALANCE_PROVIDERS=Yes and neither the
|
||||||
|
<option>fallback</option>, <option>loose</option>,
|
||||||
|
<option>load</option> nor <option>tproxy</option> option is
|
||||||
|
specified.</para>
|
||||||
</listitem>
|
</listitem>
|
||||||
</varlistentry>
|
</varlistentry>
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user