mirror of
https://gitlab.com/shorewall/code.git
synced 2024-11-29 02:54:18 +01:00
Implement IFACE_MATCH capability
Signed-off-by: Tom Eastep <teastep@shorewall.net>
This commit is contained in:
parent
3890b8a884
commit
4a4bfe77ce
@ -25,7 +25,7 @@
|
|||||||
# loaded after this one and replaces some of the functions declared here.
|
# loaded after this one and replaces some of the functions declared here.
|
||||||
#
|
#
|
||||||
|
|
||||||
SHOREWALL_CAPVERSION=40600
|
SHOREWALL_CAPVERSION=40606
|
||||||
|
|
||||||
[ -n "${g_program:=shorewall}" ]
|
[ -n "${g_program:=shorewall}" ]
|
||||||
|
|
||||||
@ -2393,6 +2393,7 @@ determine_capabilities() {
|
|||||||
UDPLITEREDIRECT=
|
UDPLITEREDIRECT=
|
||||||
NEW_TOS_MATCH=
|
NEW_TOS_MATCH=
|
||||||
TARPIT_TARGET=
|
TARPIT_TARGET=
|
||||||
|
IFACE_MATCH=
|
||||||
|
|
||||||
AMANDA_HELPER=
|
AMANDA_HELPER=
|
||||||
FTP_HELPER=
|
FTP_HELPER=
|
||||||
@ -2548,6 +2549,8 @@ determine_capabilities() {
|
|||||||
|
|
||||||
qt $g_tool -A $chain -p tcp -j TARPIT && TARPIT_TARGET=Yes
|
qt $g_tool -A $chain -p tcp -j TARPIT && TARPIT_TARGET=Yes
|
||||||
|
|
||||||
|
qt $g_tool -A $chain -m iface --iface lo --loopback && IFACE_MATCH=Yes
|
||||||
|
|
||||||
if [ -n "$MANGLE_ENABLED" ]; then
|
if [ -n "$MANGLE_ENABLED" ]; then
|
||||||
qt $g_tool -t mangle -N $chain
|
qt $g_tool -t mangle -N $chain
|
||||||
|
|
||||||
@ -2826,6 +2829,7 @@ report_capabilities_unsorted() {
|
|||||||
report_capability "UDPLITE Port Redirection" $UDPLITEREDIRECT
|
report_capability "UDPLITE Port Redirection" $UDPLITEREDIRECT
|
||||||
report_capability "New tos Match" $NEW_TOS_MATCH
|
report_capability "New tos Match" $NEW_TOS_MATCH
|
||||||
report_capability "TARPIT Target" $TARPIT_TARGET
|
report_capability "TARPIT Target" $TARPIT_TARGET
|
||||||
|
report_capability "Iface Match" $IFACE_MATCH
|
||||||
|
|
||||||
report_capability "Amanda Helper" $AMANDA_HELPER
|
report_capability "Amanda Helper" $AMANDA_HELPER
|
||||||
report_capability "FTP Helper" $FTP_HELPER
|
report_capability "FTP Helper" $FTP_HELPER
|
||||||
@ -2954,6 +2958,7 @@ report_capabilities_unsorted1() {
|
|||||||
report_capability1 UDPLITEREDIRECT
|
report_capability1 UDPLITEREDIRECT
|
||||||
report_capability1 NEW_TOS_MATCH
|
report_capability1 NEW_TOS_MATCH
|
||||||
report_capability1 TARPIT_TARGET
|
report_capability1 TARPIT_TARGET
|
||||||
|
report_capability1 IFACE_MATCH
|
||||||
|
|
||||||
report_capability1 AMANDA_HELPER
|
report_capability1 AMANDA_HELPER
|
||||||
report_capability1 FTP_HELPER
|
report_capability1 FTP_HELPER
|
||||||
|
@ -395,6 +395,7 @@ our %capdesc = ( NAT_ENABLED => 'NAT',
|
|||||||
UDPLITEREDIRECT => 'UDPLITE Port Redirection',
|
UDPLITEREDIRECT => 'UDPLITE Port Redirection',
|
||||||
NEW_TOS_MATCH => 'New tos Match',
|
NEW_TOS_MATCH => 'New tos Match',
|
||||||
TARPIT_TARGET => 'TARPIT Target',
|
TARPIT_TARGET => 'TARPIT Target',
|
||||||
|
IFACE_MATCH => 'Iface Match',
|
||||||
|
|
||||||
AMANDA_HELPER => 'Amanda Helper',
|
AMANDA_HELPER => 'Amanda Helper',
|
||||||
FTP_HELPER => 'FTP Helper',
|
FTP_HELPER => 'FTP Helper',
|
||||||
@ -713,7 +714,7 @@ sub initialize( $;$$) {
|
|||||||
EXPORT => 0,
|
EXPORT => 0,
|
||||||
KLUDGEFREE => '',
|
KLUDGEFREE => '',
|
||||||
VERSION => "4.5.19-Beta1",
|
VERSION => "4.5.19-Beta1",
|
||||||
CAPVERSION => 40600 ,
|
CAPVERSION => 40606 ,
|
||||||
);
|
);
|
||||||
#
|
#
|
||||||
# From shorewall.conf file
|
# From shorewall.conf file
|
||||||
@ -981,6 +982,7 @@ sub initialize( $;$$) {
|
|||||||
NEW_TOS_MATCH => undef,
|
NEW_TOS_MATCH => undef,
|
||||||
REAP_OPTION => undef,
|
REAP_OPTION => undef,
|
||||||
TARPIT_TARGET => undef,
|
TARPIT_TARGET => undef,
|
||||||
|
IFACE_MATCH => undef,
|
||||||
|
|
||||||
AMANDA_HELPER => undef,
|
AMANDA_HELPER => undef,
|
||||||
FTP_HELPER => undef,
|
FTP_HELPER => undef,
|
||||||
@ -4462,6 +4464,12 @@ sub Arptables_JF() {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
sub Iface_Match() {
|
||||||
|
qt1( "$iptables $iptablesw -A $sillyname -m iface --iface lo --loopback" );
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
our %detect_capability =
|
our %detect_capability =
|
||||||
( ACCOUNT_TARGET =>\&Account_Target,
|
( ACCOUNT_TARGET =>\&Account_Target,
|
||||||
AMANDA_HELPER => \&Amanda_Helper,
|
AMANDA_HELPER => \&Amanda_Helper,
|
||||||
@ -4494,6 +4502,7 @@ our %detect_capability =
|
|||||||
HASHLIMIT_MATCH => \&Hashlimit_Match,
|
HASHLIMIT_MATCH => \&Hashlimit_Match,
|
||||||
HEADER_MATCH => \&Header_Match,
|
HEADER_MATCH => \&Header_Match,
|
||||||
HELPER_MATCH => \&Helper_Match,
|
HELPER_MATCH => \&Helper_Match,
|
||||||
|
IFACE_MATCH => \&Iface_Match,
|
||||||
IMQ_TARGET => \&Imq_Target,
|
IMQ_TARGET => \&Imq_Target,
|
||||||
IPMARK_TARGET => \&IPMark_Target,
|
IPMARK_TARGET => \&IPMark_Target,
|
||||||
IPP2P_MATCH => \&Ipp2p_Match,
|
IPP2P_MATCH => \&Ipp2p_Match,
|
||||||
@ -4700,6 +4709,7 @@ sub determine_capabilities() {
|
|||||||
$capabilities{UDPLITEREDIRECT} = detect_capability( 'UDPLITEREDIRECT' );
|
$capabilities{UDPLITEREDIRECT} = detect_capability( 'UDPLITEREDIRECT' );
|
||||||
$capabilities{NEW_TOS_MATCH} = detect_capability( 'NEW_TOS_MATCH' );
|
$capabilities{NEW_TOS_MATCH} = detect_capability( 'NEW_TOS_MATCH' );
|
||||||
$capabilities{TARPIT_TARGET} = detect_capability( 'TARPIT_TARGET' );
|
$capabilities{TARPIT_TARGET} = detect_capability( 'TARPIT_TARGET' );
|
||||||
|
$capabilities{IFACE_MATCH} = detect_capability( 'IFACE_MATCH' );
|
||||||
|
|
||||||
unless ( have_capability 'CT_TARGET' ) {
|
unless ( have_capability 'CT_TARGET' ) {
|
||||||
$capabilities{HELPER_MATCH} = detect_capability 'HELPER_MATCH';
|
$capabilities{HELPER_MATCH} = detect_capability 'HELPER_MATCH';
|
||||||
|
Loading…
Reference in New Issue
Block a user