extern/shorewall_code
1
0
Fork 1
mirror of https://gitlab.com/shorewall/code.git synced 2024-11-30 11:33:28 +01:00
Code Issues Packages Projects Releases Wiki Activity

Add Kernel Version to the capabilities

Browse Source
This commit is contained in:
Tom Eastep 2009-12-19 12:42:39 -08:00
parent 24ddacb4a7
commit 4f4d77be48
2 changed files with 27 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

27
Shorewall/Perl/Shorewall/Config.pm
View File

@ -243,6 +243,7 @@ our %capdesc = ( NAT_ENABLED => 'NAT',
PERSISTENT_SNAT => 'Persistent SNAT', PERSISTENT_SNAT => 'Persistent SNAT',
OLD_HL_MATCH => 'Old Hash Limit Match', OLD_HL_MATCH => 'Old Hash Limit Match',
CAPVERSION => 'Capability Version', CAPVERSION => 'Capability Version',
KERNELVERSION => 'Kernel Version',
); );
# #
# Directories to search for configuration files # Directories to search for configuration files
@ -328,7 +329,7 @@ sub initialize( $ ) {
EXPORT => 0, EXPORT => 0,
UNTRACKED => 0, UNTRACKED => 0,
VERSION => "4.4.5", VERSION => "4.4.5",
CAPVERSION => 40402 , CAPVERSION => 40406 ,
); );
# #
@ -1844,8 +1845,8 @@ sub check_trivalue( $$ ) {
sub report_capability( $ ) { sub report_capability( $ ) {
my $cap = $_[0]; my $cap = $_[0];
print " $capdesc{$cap}: "; print " $capdesc{$cap}: ";
if ( $cap eq 'CAPVERSION' ) { if ( $cap eq 'CAPVERSION' || $cap eq 'KERNELVERSION') {
my $version = $capabilities{CAPVERSION}; my $version = $capabilities{$cap};
printf "%d.%d.%d\n", int( $version / 10000 ) , int ( ( $version % 10000 ) / 100 ) , int ( $version % 100 ); printf "%d.%d.%d\n", int( $version / 10000 ) , int ( ( $version % 10000 ) / 100 ) , int ( $version % 100 );
} else { } else {
print $capabilities{$cap} ? "Available\n" : "Not Available\n"; print $capabilities{$cap} ? "Available\n" : "Not Available\n";
@ -1947,6 +1948,19 @@ sub qt1( $ ) {
$? == 0; $? == 0;
} }
#
# Get the current kernel version
#
sub determine_kernelversion() {
my $kernelversion=`uname -r`;
if ( $kernelversion =~ /^(\d+)\.(\d+).(\d+)/ ) {
$capabilities{KERNELVERSION} = sprintf "%d%02d%02d", $1 , $2 , $3;
} else {
fatal_error "Inrecognized Kernel Version Format ($kernelversion)";
}
}
# #
# Determine which optional facilities are supported by iptables/netfilter # Determine which optional facilities are supported by iptables/netfilter
# #
@ -2106,6 +2120,8 @@ sub determine_capabilities( $ ) {
qt1( "$iptables -X $sillyname1" ); qt1( "$iptables -X $sillyname1" );
$capabilities{CAPVERSION} = $globals{CAPVERSION}; $capabilities{CAPVERSION} = $globals{CAPVERSION};
determine_kernelversion;
} }
# #
@ -2221,6 +2237,11 @@ sub read_capabilities() {
} else { } else {
warning_message "Your capabilities file may not contain all of the capabilities defined by $Product version $globals{VERSION}"; warning_message "Your capabilities file may not contain all of the capabilities defined by $Product version $globals{VERSION}";
} }
unless ( $capabilities{KERNELVERSION} ) {
warning_message "Your capabilities file does not contain a Kernel Version -- using the local kernel's version";
determine_kernelversion;
}
} }
# #

4
Shorewall/lib.base
View File

@ -30,7 +30,7 @@
# #
SHOREWALL_LIBVERSION=40000 SHOREWALL_LIBVERSION=40000
SHOREWALL_CAPVERSION=40402 SHOREWALL_CAPVERSION=40406
[ -n "${VARDIR:=/var/lib/shorewall}" ] [ -n "${VARDIR:=/var/lib/shorewall}" ]
[ -n "${SHAREDIR:=/usr/share/shorewall}" ] [ -n "${SHAREDIR:=/usr/share/shorewall}" ]
@ -965,6 +965,7 @@ determine_capabilities() {
qt $IPTABLES -X $chain1 qt $IPTABLES -X $chain1
CAPVERSION=$SHOREWALL_CAPVERSION CAPVERSION=$SHOREWALL_CAPVERSION
KERNELVERSION=$(printf "%d%02d%02d" $(uname -r 2> /dev/null | sed -e 's/-.*//' -e 's/^\([0-9][0-9]*\)\.\([0-9][0-9]*\)\.\([0-9][0-9]*\).*$/\1 \2 \3/g'))
} }
report_capabilities() { report_capabilities() {
@ -1087,6 +1088,7 @@ report_capabilities1() {
report_capability1 PERSISTENT_SNAT report_capability1 PERSISTENT_SNAT
echo CAPVERSION=$SHOREWALL_CAPVERSION echo CAPVERSION=$SHOREWALL_CAPVERSION
echo KERNELVERSION=$KERNELVERSION
} }
# Function to truncate a string -- It uses 'cut -b -<n>' # Function to truncate a string -- It uses 'cut -b -<n>'