Rename %env to %globals

git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@5773 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2024-12-15 19:01:19 +01:00 · 2007-03-31 17:44:16 +00:00 · 2007-03-31 17:44:16 +00:00 · 5abdc94ff6
commit 5abdc94ff6
parent 505f1ba3e0
8 changed files with 61 additions and 59 deletions
--- a/New/Shorewall/Actions.pm
+++ b/New/Shorewall/Actions.pm
@ -378,7 +378,7 @@ sub process_action3( $$$$$ ) {
    }

    my $actionfile = find_file "action.$action";
-    my $standard = ( $actionfile =~ /^$env{SHAREDIR}/ );
+    my $standard = ( $actionfile =~ /^$globals{SHAREDIR}/ );
    
    fatal_error "Missing Action File: $actionfile" unless -f $actionfile;
    
@ -420,7 +420,7 @@ sub process_action3( $$$$$ ) {

 	    push_open $fn;

-	    my $standard = ( $fn =~ /^($env{SHAREDIR})/ );
+	    my $standard = ( $fn =~ /^($globals{SHAREDIR})/ );

 	    while ( read_a_line ) {

--- a/New/Shorewall/Chains.pm
+++ b/New/Shorewall/Chains.pm
@ -431,7 +431,7 @@ sub new_chain($$)
    my @rules;

    $ch{name} = $chain;
-    $ch{log} = 1 if $env{LOGRULENUMBERS};
+    $ch{log} = 1 if $globals{LOGRULENUMBERS};
    $ch{rules} = \@rules;
    $ch{table} = $table;
    $chain_table{$table}{$chain} = \%ch;
@ -937,7 +937,7 @@ sub log_rule_limit( $$$$$$$$ ) {

    my $prefix;

-    $limit = $env{LOGLIMIT} unless $limit;
+    $limit = $globals{LOGLIMIT} unless $limit;

    if ( $tag ) {
 	if ( $config{LOGTAGONLY} ) {
@ -950,7 +950,7 @@ sub log_rule_limit( $$$$$$$$ ) {
 	$tag = '' unless defined $tag;
    }

-    if ( $env{LOGRULENUMBERS} ) {
+    if ( $globals{LOGRULENUMBERS} ) {
 	$prefix = (sprintf $config{LOGFORMAT} , $chain , $chainref->{log}++, $disposition ) . $tag;
    } else {
 	$prefix = (sprintf $config{LOGFORMAT} , $chain , $disposition) . $tag;
@ -962,9 +962,9 @@ sub log_rule_limit( $$$$$$$$ ) {
    }

    if ( $level eq 'ULOG' ) {
-	$prefix = "-j ULOG $env{LOGPARMS} --ulog-prefix \"$prefix\" ";
+	$prefix = "-j ULOG $globals{LOGPARMS} --ulog-prefix \"$prefix\" ";
    } else {
-	$prefix = "-j LOG $env{LOGPARMS} --log-level $level --log-prefix \"$prefix\" ";
+	$prefix = "-j LOG $globals{LOGPARMS} --log-level $level --log-prefix \"$prefix\" ";
    }

    if ( $command eq 'add' ) {
@ -977,7 +977,7 @@ sub log_rule_limit( $$$$$$$$ ) {
 sub log_rule( $$$$ ) {
    my ( $level, $chainref, $disposition, $predicates ) = @_;

-    log_rule_limit $level, $chainref, $chainref->{name} , $disposition, $env{LOGLIMIT}, '', 'add', $predicates;
+    log_rule_limit $level, $chainref, $chainref->{name} , $disposition, $globals{LOGLIMIT}, '', 'add', $predicates;
 }

 #
--- a/New/Shorewall/Config.pm
+++ b/New/Shorewall/Config.pm
@ -47,7 +47,7 @@ our @EXPORT = qw(
                 generate_aux_config

                 %config
-                 %env
+                 %globals
                 %capabilities );
 our @EXPORT_OK = ();
 our @VERSION = 1.00;
@ -55,12 +55,12 @@ our @VERSION = 1.00;
 #
 # Misc Globals
 #
-our %env  =   ( SHAREDIR => '/usr/share/shorewall' ,
-		CONFDIR =>  '/etc/shorewall',
-		SHAREDIRPL => '/usr/share/shorewall-perl/',
-		LOGPARMS => '',
-		VERSION =>  '3.9.0-1',
-	       );
+our %globals  =   ( SHAREDIR => '/usr/share/shorewall' ,
+		    CONFDIR =>  '/etc/shorewall',
+		    SHAREDIRPL => '/usr/share/shorewall-perl/',
+		    LOGPARMS => '',
+		    VERSION =>  '3.9.0-1',
+		  );

 #
 # From shorewall.conf file
@ -266,7 +266,7 @@ sub find_file($)
 	return $file if -f $file;
    }

-    "$env{CONFDIR}/$filename";
+    "$globals{CONFDIR}/$filename";
 }

 #
@ -468,9 +468,11 @@ sub require_capability( $$ ) {
 #
 # - Read the shorewall.conf file
 # - Read the capabilities file created by the compiler front-end
-# - establish global hashes %config , %env and %capabilities
+# - establish global hashes %config , %globals and %capabilities
 #
-sub get_configuration() {
+sub get_configuration( $ ) {
+
+    my $export = $_[0];

    @config_path = split /:/, $ENV{CONFIG_PATH};

@ -537,16 +539,16 @@ sub get_configuration() {
 	fatal_error "$file does not exist!";
    }

-    $env{ORIGINAL_POLICY_MATCH} = $capabilities{POLICY_MATCH};
+    $globals{ORIGINAL_POLICY_MATCH} = $capabilities{POLICY_MATCH};

    default 'MODULE_PREFIX', 'o gz ko o.gz ko.gz';

    if ( $config{LOGRATE} || $config{LOGBURST} ) {
-	$env{LOGLIMIT} = '-m limit';
-	$env{LOGLIMIT} .= " --limit $config{LOGRATE}"        if $config{LOGRATE};
-	$env{LOGLIMIT} .= " --limit-burst $config{LOGBURST}" if $config{LOGBURST};
+	$globals{LOGLIMIT} = '-m limit';
+	$globals{LOGLIMIT} .= " --limit $config{LOGRATE}"        if $config{LOGRATE};
+	$globals{LOGLIMIT} .= " --limit-burst $config{LOGBURST}" if $config{LOGBURST};
    } else {
-	$env{LOGLIMIT} = '';
+	$globals{LOGLIMIT} = '';
    }

    if ( $config{IP_FORWARDING} ) {
@ -576,11 +578,11 @@ sub get_configuration() {
    default_yes_no 'DISABLE_IPV6'               , '';
    default_yes_no 'DYNAMIC_ZONES'              , '';

-    fatal_error "DYNAMIC_ZONES=Yes is incompatible with the -e option" if $config{DYNAMIC_ZONES} and $ENV{EXPORT};
+    fatal_error "DYNAMIC_ZONES=Yes is incompatible with the -e option" if $config{DYNAMIC_ZONES} && $export;

    default_yes_no 'BRIDGING'                   , '';

-    fatal_error 'BRIDGING=Yes is not supported by Shorewall-perl' . $env{VERSION} if $config{BRIDGING};
+    fatal_error 'BRIDGING=Yes is not supported by Shorewall-perl' . $globals{VERSION} if $config{BRIDGING};

    default_yes_no 'STARTUP_ENABLED'            , 'Yes';
    default_yes_no 'DELAYBLACKLISTLOAD'         , '';
@ -588,11 +590,11 @@ sub get_configuration() {
    default_yes_no 'RFC1918_STRICT'             , '';
    default_yes_no 'SAVE_IPSETS'                , '';

-    warning_message 'SAVE_IPSETS=Yes is not supported by Shorewall-perl ' . $env{VERSION} if $config{SAVE_IPSETS};
+    warning_message 'SAVE_IPSETS=Yes is not supported by Shorewall-perl ' . $globals{VERSION} if $config{SAVE_IPSETS};

    default_yes_no 'MAPOLDACTIONS'              , '';

-    warning_message 'MAPOLDACTIONS=Yes is not supported by Shorewall-perl ' . $env{VERSION} if $config{MAPOLDACTIONS};
+    warning_message 'MAPOLDACTIONS=Yes is not supported by Shorewall-perl ' . $globals{VERSION} if $config{MAPOLDACTIONS};

    default_yes_no 'FASTACCEPT'                 , '';
    default_yes_no 'IMPLICIT_CONTINUE'          , '';
@ -608,14 +610,14 @@ sub get_configuration() {

    my $val;

-    $env{MACLIST_TARGET} = 'reject';
+    $globals{MACLIST_TARGET} = 'reject';

    if ( $val = $config{MACLIST_DISPOSITION} ) {
 	unless ( $val eq 'REJECT' ) {
 	    if ( $val eq 'DROP' ) {
-		$env{MACLIST_TARGET} = 'DROP';
+		$globals{MACLIST_TARGET} = 'DROP';
 	    } elsif ( $val eq 'ACCEPT' ) {
-		$env{MACLIST_TARGET} = 'RETURN';
+		$globals{MACLIST_TARGET} = 'RETURN';
 	    } else {
 		fatal_error "Invalid value ( $config{MACLIST_DISPOSITION} ) for MACLIST_DISPOSITION"
 		}
@ -640,7 +642,7 @@ sub get_configuration() {
 	$config{TCP_FLAGS_DISPOSITION} = 'DROP';
    }

-    $env{TC_SCRIPT} = '';
+    $globals{TC_SCRIPT} = '';

    if ( $val = "\L$config{TC_ENABLED}" ) {
 	if ( $val eq 'yes' ) {
@ -670,14 +672,14 @@ sub get_configuration() {

    fatal_error "Invalid IPSECFILE value ($config{IPSECFILE}" unless $config{IPSECFILE} eq 'zones';

-    $env{MARKING_CHAIN} = $config{MARK_IN_FORWARD_CHAIN} ? 'tcfor' : 'tcpre';
+    $globals{MARKING_CHAIN} = $config{MARK_IN_FORWARD_CHAIN} ? 'tcfor' : 'tcpre';

    if ( $val = $config{LOGFORMAT} ) {
 	my $result;

 	eval {
 	    if ( $val =~ /%d/ ) {
-		$env{LOGRULENUMBERS} = 'Yes';
+		$globals{LOGRULENUMBERS} = 'Yes';
 		$result = sprintf "$val", 'fooxx2barxx', 1, 'ACCEPT';
 	    } else {
 		$result = sprintf "$val", 'fooxx2barxx', 'ACCEPT';
@ -689,10 +691,10 @@ sub get_configuration() {
 	fatal_error "LOGFORMAT string is longer than 29 characters: \"$val\"" 
 	    if length $result > 29;

-	$env{MAXZONENAMELENGTH} = int ( 5 + ( ( 29 - (length $result ) ) / 2) );
+	$globals{MAXZONENAMELENGTH} = int ( 5 + ( ( 29 - (length $result ) ) / 2) );
    } else {
-	$env{LOGFORMAT}='Shorewall:%s:%s:';
-	$env{MAXZONENAMELENGTH} = 5;
+	$globals{LOGFORMAT}='Shorewall:%s:%s:';
+	$globals{MAXZONENAMELENGTH} = 5;
    }

 }
@ -704,7 +706,7 @@ sub propagateconfig() {
    }

    for my $option ( @Shorewall::Config::propagateenv ) {
-	my $value = $env{$option} || '';
+	my $value = $globals{$option} || '';
 	emit "$option=\"$value\"";
    }
 }
@ -712,7 +714,7 @@ sub propagateconfig() {
 sub append_file( $ ) {
    my $user_exit = find_file $_[0];

-    unless ( $user_exit =~ /$env{SHAREDIR}/ ) {
+    unless ( $user_exit =~ /$globals{SHAREDIR}/ ) {
 	if ( -f $user_exit ) {
 	    save_progress_message "Processing $user_exit ...";
 	    copy1 $user_exit;
@ -757,7 +759,7 @@ sub generate_aux_config() {

    create_temp_aux_config;

-    emit( "#\n# Shorewall auxiliary configuration file created by Shorewall-perl version " . $env{VERSION} . ' - ' . ( localtime ) . "\n#" );
+    emit( "#\n# Shorewall auxiliary configuration file created by Shorewall-perl version " . $globals{VERSION} . ' - ' . ( localtime ) . "\n#" );

    for my $option qw(VERBOSITY LOGFILE LOGFORMAT IPTABLES PATH SHOREWALL_SHELL SUBSYSLOCK RESTOREFILE SAVE_IPSETS) {
 	conditionally_add_option $option;
--- a/New/Shorewall/Nat.pm
+++ b/New/Shorewall/Nat.pm
@ -105,7 +105,7 @@ sub setup_one_masq($$$$$$)
    # Handle IPSEC options, if any
    #
    if ( $ipsec ne '-' ) {
-	fatal_error "Non-empty IPSEC column requires policy match support in your kernel and iptables"  unless $env{ORIGINAL_POLICY_MATCH};
+	fatal_error "Non-empty IPSEC column requires policy match support in your kernel and iptables"  unless $globals{ORIGINAL_POLICY_MATCH};

 	if ( $ipsec =~ /^yes$/i ) {
 	    $rule .= '-m policy --pol ipsec --dir out ';
--- a/New/Shorewall/Rules.pm
+++ b/New/Shorewall/Rules.pm
@ -268,7 +268,7 @@ sub setup_blacklist() {
 	if ( $level ) {
 	    my $chainref = new_standard_chain 'blacklog';

-	    log_rule_limit( $level , $chainref , 'blacklst' , $disposition , "$env{LOGLIMIT}" , '', 'add',	'' );
+	    log_rule_limit( $level , $chainref , 'blacklst' , $disposition , "$globals{LOGLIMIT}" , '', 'add',	'' );

 	    add_rule $chainref, "-j $target" ;

@ -467,7 +467,7 @@ sub add_common_rules() {

    my $rejectref = new_standard_chain 'reject';

-    $level = $env{BLACKLIST_LOG_LEVEL} || 'info';
+    $level = $globals{BLACKLIST_LOG_LEVEL} || 'info';

    add_rule_pair new_standard_chain( 'logdrop' ),   ' ' , 'DROP'   , $level ;
    add_rule_pair new_standard_chain( 'logreject' ), ' ' , 'REJECT' , $level ;
@ -554,13 +554,13 @@ sub add_common_rules() {
 	if ( $config{TCP_FLAGS_LOG_LEVEL} ) {
 	    my $logflagsref = new_standard_chain 'logflags';

-	    my $savelogparms = $env{LOGPARMS};
+	    my $savelogparms = $globals{LOGPARMS};

-	    $env{LOGPARMS} = "$env{LOGPARMS} --log-ip-options" unless $config{TCP_FLAGS_LOG_LEVEL} eq 'ULOG';
+	    $globals{LOGPARMS} = "$globals{LOGPARMS} --log-ip-options" unless $config{TCP_FLAGS_LOG_LEVEL} eq 'ULOG';

 	    log_rule $config{TCP_FLAGS_LOG_LEVEL} , $logflagsref , $config{TCP_FLAGS_DISPOSITION}, '';

-	    $env{LOGPARMS} = $savelogparms;
+	    $globals{LOGPARMS} = $savelogparms;

 	    if ( $config{TCP_FLAGS_DISPOSITION} eq 'REJECT' ) {
 		add_rule $logflagsref , '-j REJECT --reject-with tcp-reset';
@ -732,7 +732,7 @@ sub setup_mac_lists( $ ) {
 	    }
 	}
    } else {
-	my $target      = $env{MACLIST_TARGET};
+	my $target      = $globals{MACLIST_TARGET};
 	my $level       = $config{MACLIST_LOG_LEVEL};
 	my $disposition = $config{MACLIST_DISPOSITION};

@ -770,7 +770,7 @@ sub process_rule1 ( $$$$$$$$$ );
 sub process_macro ( $$$$$$$$$$$ ) {
    my ($macrofile, $target, $param, $source, $dest, $proto, $ports, $sports, $origdest, $rate, $user) = @_;

-    my $standard = ( $macrofile =~ /^($env{SHAREDIR})/ );
+    my $standard = ( $macrofile =~ /^($globals{SHAREDIR})/ );

    progress_message "..Expanding Macro $macrofile...";

--- a/New/Shorewall/Tc.pm
+++ b/New/Shorewall/Tc.pm
@ -125,7 +125,7 @@ sub process_tc_rule( $$$$$$$$$$ ) {

    ( $mark, my $designator ) = split /:/, $mark;

-    my $chain  = $env{MARKING_CHAIN};
+    my $chain  = $globals{MARKING_CHAIN};
    my $target = 'MARK --set-mark';
    my $tcsref;
    my $connmark = 0;
--- a/New/Shorewall/Zones.pm
+++ b/New/Shorewall/Zones.pm
@ -207,7 +207,7 @@ sub determine_zones()
 	    }
 	}

-	fatal_error "Invalid zone name: $zone" unless "\L$zone" =~ /^[a-z]\w*$/ && length $zone <= $env{MAXZONENAMELENGTH};
+	fatal_error "Invalid zone name: $zone" unless "\L$zone" =~ /^[a-z]\w*$/ && length $zone <= $globals{MAXZONENAMELENGTH};
 	fatal_error "Invalid zone name: $zone" if $zone =~ /^all2|2all$/;
 	fatal_error( "Duplicate zone name: $zone\n" ) if $zones{$zone};

--- a/New/compiler.pl
+++ b/New/compiler.pl
@ -75,11 +75,11 @@ BEGIN {
 #

 sub generate_script_1 {
-    copy $env{SHAREDIRPL} . 'prog.header';
+    copy $globals{SHAREDIRPL} . 'prog.header';

    my $date = localtime;

-    emit "#\n# Compiled firewall script generated by Shorewall-perl $env{VERSION} - $date\n#";
+    emit "#\n# Compiled firewall script generated by Shorewall-perl $globals{VERSION} - $date\n#";

    if ( $export ) {
 	emitj ( 'SHAREDIR=/usr/share/shorewall-lite',
@ -88,7 +88,7 @@ sub generate_script_1 {
 		'PRODUCT="Shorewall Lite"'
 		);

-	copy "$env{SHAREDIR}/lib.base";
+	copy "$globals{SHAREDIR}/lib.base";

 	emitj ( '################################################################################',
 		'# End of /usr/share/shorewall/lib.base',
@ -147,7 +147,7 @@ sub generate_script_1 {
 	    '[ -n "${VERBOSE:=0}" ]',
 	    qq([ -n "\${RESTOREFILE:=$config{RESTOREFILE}}" ]),
 	    '[ -n "$LOGFORMAT" ] || LOGFORMAT="Shorewall:%s:%s:"',
-	    qq(VERSION="$env{VERSION}") ,
+	    qq(VERSION="$globals{VERSION}") ,
 	    qq(PATH="$config{PATH}") ,
 	    'TERMINATOR=fatal_error'
 	    );
@ -478,7 +478,7 @@ EOF
 #
 sub generate_script_2 () {

-    copy $env{SHAREDIRPL} . 'prog.functions';
+    copy $globals{SHAREDIRPL} . 'prog.functions';

    emitj( '#',
 	   '# Setup Routing and Traffic Shaping',
@ -495,7 +495,7 @@ sub generate_script_2 () {
    if ( $export ) {
 	my $mf = find_file 'modules';

-	if ( $mf ne "$env{SHAREDIR}/module" && -f $mf ) {
+	if ( $mf ne "$globals{SHAREDIR}/module" && -f $mf ) {

 	    emitj( 'echo MODULESDIR="$MODULESDIR" > ${VARDIR}/.modulesdir',
 		   'cat > ${VARDIR}/.modules << EOF'
@ -628,7 +628,7 @@ EOF

    emit "}\n";
    
-    copy $env{SHAREDIRPL} . 'prog.footer';
+    copy $globals{SHAREDIRPL} . 'prog.footer';
 }

 #
@ -643,8 +643,8 @@ sub compiler( $ ) {

    report_capabilities if $verbose > 1;

-    require_capability( 'MULTIPORT'       , "Shorewall-perl $env{VERSION}" ); 
-    require_capability( 'ADDRTYPE'        , "Shorewall-perl $env{VERSION}" );
+    require_capability( 'MULTIPORT'       , "Shorewall-perl $globals{VERSION}" ); 
+    require_capability( 'ADDRTYPE'        , "Shorewall-perl $globals{VERSION}" );
    require_capability( 'RECENT_MATCH'    , 'MACLIST_TTL' )           if $config{MACLIST_TTL};
    require_capability( 'XCONNMARK'       , 'HIGH_ROUTE_MARKS=Yes' )  if $config{HIGH_ROUTE_MARKS};
    require_capability( 'MANGLE_ENABLED'  , 'Traffic Shaping'      )  if $config{TC_ENABLED};
@ -795,7 +795,7 @@ sub compiler( $ ) {
 #
 # Get shorewall.conf and capabilities.
 #
-get_configuration;
+get_configuration( $export );
 #
 # Compile/Check the configuration.
 #