extern/shorewall_code
1
0
Fork 1
mirror of https://gitlab.com/shorewall/code.git synced 2025-06-12 12:47:07 +02:00
Code Issues Packages Projects Releases Wiki Activity

Additional corrections to INLINE action.

Browse Source 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
This commit is contained in:
Tom Eastep 2013-04-09 09:41:43 -07:00
parent 273f109daf
commit 477e2bc455
3 changed files with 12 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
Shorewall/Perl/Shorewall/Chains.pm
View File

@ -96,6 +96,7 @@ our @EXPORT = ( qw(
INLINE INLINE
TERMINATING TERMINATING
STATEMATCH STATEMATCH
USERBUILTIN
%chain_table %chain_table
%targets %targets
@ -402,6 +403,7 @@ use constant { STANDARD => 0x1, #defined by Netfilter
NFLOG => 0x4000, #NFLOG or ULOG NFLOG => 0x4000, #NFLOG or ULOG
INLINE => 0x8000, #Inline action INLINE => 0x8000, #Inline action
STATEMATCH => 0x10000, #action.Invalid, action.Related, etc. STATEMATCH => 0x10000, #action.Invalid, action.Related, etc.
USERBUILTIN => 0x20000, #Builtin action from user's actions file.
}; };
# #
# Valid Targets -- value is a combination of one or more of the above # Valid Targets -- value is a combination of one or more of the above
@ -2119,7 +2121,9 @@ sub add_jump( $$$;$$$ ) {
# #
# Ensure that we have the chain unless it is a builtin like 'ACCEPT' # Ensure that we have the chain unless it is a builtin like 'ACCEPT'
# #
$toref = ensure_chain( $fromref->{table} , $to ) unless $builtin_target{$to} || $to =~ / --/; #If the target has options, it must be a builtin. my ( $target ) = split ' ', $to;
$toref = $chain_table{$fromref->{table}}{$target};
fatal_error "Unknown rule target ($to)" unless $toref || $builtin_target{$target};
} }
# #
@ -2170,7 +2174,9 @@ sub add_ijump( $$$;@ ) {
# #
# Ensure that we have the chain unless it is a builtin like 'ACCEPT' # Ensure that we have the chain unless it is a builtin like 'ACCEPT'
# #
$toref = ensure_chain( $fromref->{table} , $to ) unless $builtin_target{$to} || $to =~ / --/; #If the target has options, it must be a builtin. my ( $target ) = split ' ', $to;
$toref = $chain_table{$fromref->{table}}{$target};
fatal_error "Unknown rule target ($to)" unless $toref || $builtin_target{$target};
} }
# #

2
Shorewall/Perl/Shorewall/Config.pm
View File

@ -1947,6 +1947,8 @@ sub split_line1( $$;$$ ) {
push @line, '-' while @line < $maxcolumns; push @line, '-' while @line < $maxcolumns;
$inline_matches = '';
if ( supplied $pairs ) { if ( supplied $pairs ) {
$pairs =~ s/^\s*//; $pairs =~ s/^\s*//;
$pairs =~ s/\s*$//; $pairs =~ s/\s*$//;

3
Shorewall/Perl/Shorewall/Rules.pm
View File

@ -1664,7 +1664,7 @@ sub process_actions() {
} }
if ( $builtin ) { if ( $builtin ) {
$targets{$action} = STANDARD; $targets{$action} = USERBUILTIN;
$builtin_target{$action} = 1; $builtin_target{$action} = 1;
} else { } else {
new_action $action, $type, $noinline, $nolog; new_action $action, $type, $noinline, $nolog;
@ -2151,6 +2151,7 @@ sub process_rule ( $$$$$$$$$$$$$$$$$$$ ) {
$loglevel = supplied $loglevel ? join( ':', $action, $loglevel ) : $action; $loglevel = supplied $loglevel ? join( ':', $action, $loglevel ) : $action;
$action = 'LOG'; $action = 'LOG';
} elsif ( ! ( $actiontype & (ACTION | INLINE) ) ) { } elsif ( ! ( $actiontype & (ACTION | INLINE) ) ) {
fatal_error "'builtin' actions may only be used in INLINE rules" if $actiontype == USERBUILTIN;
fatal_error "The $basictarget TARGET does not accept a parameter" unless $param eq ''; fatal_error "The $basictarget TARGET does not accept a parameter" unless $param eq '';
} }