mirror of
https://gitlab.com/shorewall/code.git
synced 2025-01-17 02:58:44 +01:00
Check for minimum columns in split_line
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@5785 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
This commit is contained in:
parent
280d8b4b27
commit
5d8989173b
@ -116,7 +116,7 @@ sub setup_accounting() {
|
|||||||
|
|
||||||
while ( read_a_line ) {
|
while ( read_a_line ) {
|
||||||
|
|
||||||
my ( $action, $chain, $source, $dest, $proto, $ports, $sports, $user ) = split_line 8, 'Accounting File';
|
my ( $action, $chain, $source, $dest, $proto, $ports, $sports, $user ) = split_line 1, 8, 'Accounting File';
|
||||||
|
|
||||||
if ( $first_entry ) {
|
if ( $first_entry ) {
|
||||||
progress_message2 "$doing $fn...";
|
progress_message2 "$doing $fn...";
|
||||||
|
@ -248,7 +248,7 @@ sub process_actions1() {
|
|||||||
open_file $file;
|
open_file $file;
|
||||||
|
|
||||||
while ( read_a_line ) {
|
while ( read_a_line ) {
|
||||||
my ( $action ) = split_line 1, 'action file';
|
my ( $action ) = split_line 1, 1, 'action file';
|
||||||
|
|
||||||
if ( $action =~ /:/ ) {
|
if ( $action =~ /:/ ) {
|
||||||
warning_message 'Default Actions are now specified in /etc/shorewall/shorewall.conf';
|
warning_message 'Default Actions are now specified in /etc/shorewall/shorewall.conf';
|
||||||
@ -278,7 +278,7 @@ sub process_actions1() {
|
|||||||
|
|
||||||
while ( read_a_line ) {
|
while ( read_a_line ) {
|
||||||
|
|
||||||
my ($wholetarget, $source, $dest, $proto, $ports, $sports, $rate, $users ) = split_line 8, 'action file';
|
my ($wholetarget, $source, $dest, $proto, $ports, $sports, $rate, $users ) = split_line 1, 8, 'action file';
|
||||||
|
|
||||||
my ( $target, $level ) = split_action $wholetarget;
|
my ( $target, $level ) = split_action $wholetarget;
|
||||||
|
|
||||||
@ -303,7 +303,7 @@ sub process_actions1() {
|
|||||||
push_open( $macrofile );
|
push_open( $macrofile );
|
||||||
|
|
||||||
while ( read_a_line ) {
|
while ( read_a_line ) {
|
||||||
my ( $mtarget, $msource, $mdest, $mproto, $mports, $msports, $ mrate, $muser ) = split_line 8, 'macro file';
|
my ( $mtarget, $msource, $mdest, $mproto, $mports, $msports, $ mrate, $muser ) = split_line 1, 8, 'macro file';
|
||||||
|
|
||||||
$mtarget =~ s/:.*$//;
|
$mtarget =~ s/:.*$//;
|
||||||
|
|
||||||
@ -388,7 +388,7 @@ sub process_action3( $$$$$ ) {
|
|||||||
|
|
||||||
while ( read_a_line ) {
|
while ( read_a_line ) {
|
||||||
|
|
||||||
my ($target, $source, $dest, $proto, $ports, $sports, $rate, $user ) = split_line 8, 'action file';
|
my ($target, $source, $dest, $proto, $ports, $sports, $rate, $user ) = split_line 1, 8, 'action file';
|
||||||
|
|
||||||
my $target2 = merge_levels $wholeaction, $target;
|
my $target2 = merge_levels $wholeaction, $target;
|
||||||
|
|
||||||
@ -424,7 +424,7 @@ sub process_action3( $$$$$ ) {
|
|||||||
|
|
||||||
while ( read_a_line ) {
|
while ( read_a_line ) {
|
||||||
|
|
||||||
my ( $mtarget, $msource, $mdest, $mproto, $mports, $msports, $mrate, $muser ) = split_line 8, 'macro file';
|
my ( $mtarget, $msource, $mdest, $mproto, $mports, $msports, $mrate, $muser ) = split_line 1, 8, 'macro file';
|
||||||
|
|
||||||
if ( $mtarget =~ /^PARAM:?/ ) {
|
if ( $mtarget =~ /^PARAM:?/ ) {
|
||||||
fatal_error 'PARAM requires that a parameter be supplied in macro invocation' unless $param;
|
fatal_error 'PARAM requires that a parameter be supplied in macro invocation' unless $param;
|
||||||
|
@ -291,16 +291,17 @@ my %no_pad = ( COMMENT => 1,
|
|||||||
# ensure that it has an appropriate number of columns.
|
# ensure that it has an appropriate number of columns.
|
||||||
# supply '-' in omitted trailing columns.
|
# supply '-' in omitted trailing columns.
|
||||||
#
|
#
|
||||||
sub split_line( $$ ) {
|
sub split_line( $$$ ) {
|
||||||
my ( $columns, $description ) = @_;
|
my ( $mincolumns, $maxcolumns, $description ) = @_;
|
||||||
|
|
||||||
my @line = split /\s+/, $line;
|
my @line = split /\s+/, $line;
|
||||||
|
|
||||||
return @line if $no_pad{$line[0]};
|
return @line if $no_pad{$line[0]};
|
||||||
|
|
||||||
fatal_error "Invalid $description entry (too many columns)" if @line > $columns;
|
fatal_error "Invalid $description entry (too few columns)" if @line < $mincolumns;
|
||||||
|
fatal_error "Invalid $description entry (too many columns)" if @line > $maxcolumns;
|
||||||
|
|
||||||
push @line, '-' while @line < $columns;
|
push @line, '-' while @line < $maxcolumns;
|
||||||
|
|
||||||
@line;
|
@line;
|
||||||
}
|
}
|
||||||
@ -687,7 +688,7 @@ sub get_configuration( $ ) {
|
|||||||
default 'OPTIMIZE' , 0;
|
default 'OPTIMIZE' , 0;
|
||||||
default 'IPSECFILE' , 'ipsec';
|
default 'IPSECFILE' , 'ipsec';
|
||||||
|
|
||||||
fatal_error "IPSECFILE=ipsec is not supported by Shorewall-perl ' . $globals{VERSION} unless $config{IPSECFILE} eq 'zones';
|
fatal_error 'IPSECFILE=ipsec is not supported by Shorewall-perl ' . $globals{VERSION} unless $config{IPSECFILE} eq 'zones';
|
||||||
|
|
||||||
for my $default qw/DROP_DEFAULT REJECT_DEFAULT QUEUE_DEFAULT ACCEPT_DEFAULT/ {
|
for my $default qw/DROP_DEFAULT REJECT_DEFAULT QUEUE_DEFAULT ACCEPT_DEFAULT/ {
|
||||||
$config{$default} = 'none' if "\L$config{$default}" eq 'none';
|
$config{$default} = 'none' if "\L$config{$default}" eq 'none';
|
||||||
|
@ -57,7 +57,7 @@ sub validate_hosts_file()
|
|||||||
|
|
||||||
while ( read_a_line ) {
|
while ( read_a_line ) {
|
||||||
|
|
||||||
my ($zone, $hosts, $options ) = split_line 3, 'hosts file';
|
my ($zone, $hosts, $options ) = split_line 2, 3, 'hosts file';
|
||||||
|
|
||||||
if ( $first_entry ) {
|
if ( $first_entry ) {
|
||||||
progress_message2 "$doing $fn...";
|
progress_message2 "$doing $fn...";
|
||||||
|
@ -139,7 +139,7 @@ sub validate_interfaces_file()
|
|||||||
|
|
||||||
while ( read_a_line ) {
|
while ( read_a_line ) {
|
||||||
|
|
||||||
my ($zone, $interface, $networks, $options ) = split_line 4, 'interfaces file';
|
my ($zone, $interface, $networks, $options ) = split_line 2, 4, 'interfaces file';
|
||||||
my $zoneref;
|
my $zoneref;
|
||||||
|
|
||||||
if ( $first_entry ) {
|
if ( $first_entry ) {
|
||||||
|
@ -244,7 +244,7 @@ sub setup_masq()
|
|||||||
|
|
||||||
while ( read_a_line ) {
|
while ( read_a_line ) {
|
||||||
|
|
||||||
my ($fullinterface, $networks, $addresses, $proto, $ports, $ipsec) = split_line 6, 'masq file';
|
my ($fullinterface, $networks, $addresses, $proto, $ports, $ipsec) = split_line 2, 6, 'masq file';
|
||||||
|
|
||||||
if ( $first_entry ) {
|
if ( $first_entry ) {
|
||||||
progress_message2 "$doing $fn...";
|
progress_message2 "$doing $fn...";
|
||||||
@ -358,7 +358,7 @@ sub setup_nat() {
|
|||||||
|
|
||||||
while ( read_a_line ) {
|
while ( read_a_line ) {
|
||||||
|
|
||||||
my ( $external, $interface, $internal, $allints, $localnat ) = split_line 5, 'nat file';
|
my ( $external, $interface, $internal, $allints, $localnat ) = split_line 3, 5, 'nat file';
|
||||||
|
|
||||||
if ( $first_entry ) {
|
if ( $first_entry ) {
|
||||||
progress_message2 "$doing $fn...";
|
progress_message2 "$doing $fn...";
|
||||||
@ -393,7 +393,7 @@ sub setup_netmap() {
|
|||||||
|
|
||||||
while ( read_a_line ) {
|
while ( read_a_line ) {
|
||||||
|
|
||||||
my ( $type, $net1, $interface, $net2 ) = split_line 4, 'netmap file';
|
my ( $type, $net1, $interface, $net2 ) = split_line 4, 4, 'netmap file';
|
||||||
|
|
||||||
if ( $first_entry ) {
|
if ( $first_entry ) {
|
||||||
progress_message2 "$doing $fn...";
|
progress_message2 "$doing $fn...";
|
||||||
|
@ -134,7 +134,7 @@ sub validate_policy()
|
|||||||
|
|
||||||
while ( read_a_line ) {
|
while ( read_a_line ) {
|
||||||
|
|
||||||
my ( $client, $server, $policy, $loglevel, $synparams ) = split_line 5, 'policy file';
|
my ( $client, $server, $policy, $loglevel, $synparams ) = split_line 3, 5, 'policy file';
|
||||||
|
|
||||||
if ( $first_entry ) {
|
if ( $first_entry ) {
|
||||||
progress_message2 "$doing $fn...";
|
progress_message2 "$doing $fn...";
|
||||||
|
@ -163,9 +163,6 @@ sub setup_providers() {
|
|||||||
emit "qt ip route flush table $number";
|
emit "qt ip route flush table $number";
|
||||||
emit "echo \"qt ip route flush table $number\" >> \${VARDIR}/undo_routing";
|
emit "echo \"qt ip route flush table $number\" >> \${VARDIR}/undo_routing";
|
||||||
|
|
||||||
$duplicate = '-' unless $duplicate;
|
|
||||||
$copy = '-' unless $copy;
|
|
||||||
|
|
||||||
if ( $duplicate ne '-' ) {
|
if ( $duplicate ne '-' ) {
|
||||||
if ( $copy ne '-' ) {
|
if ( $copy ne '-' ) {
|
||||||
if ( $copy eq 'none' ) {
|
if ( $copy eq 'none' ) {
|
||||||
@ -312,9 +309,6 @@ sub setup_providers() {
|
|||||||
fatal_error "Unknown provider ($provider)" unless $found;
|
fatal_error "Unknown provider ($provider)" unless $found;
|
||||||
}
|
}
|
||||||
|
|
||||||
$source = '-' unless $source;
|
|
||||||
$dest = '-' unless $dest;
|
|
||||||
|
|
||||||
fatal_error "You must specify either the source or destination in a route_rules entry" if $source eq '-' && $dest eq '-';
|
fatal_error "You must specify either the source or destination in a route_rules entry" if $source eq '-' && $dest eq '-';
|
||||||
|
|
||||||
$dest = $dest eq '-' ? '' : "to $dest";
|
$dest = $dest eq '-' ? '' : "to $dest";
|
||||||
@ -376,7 +370,7 @@ sub setup_providers() {
|
|||||||
emit 'DEFAULT_ROUTE=';
|
emit 'DEFAULT_ROUTE=';
|
||||||
}
|
}
|
||||||
|
|
||||||
my ( $table, $number, $mark, $duplicate, $interface, $gateway, $options, $copy ) = split_line 8, 'providers file';
|
my ( $table, $number, $mark, $duplicate, $interface, $gateway, $options, $copy ) = split_line 6, 8, 'providers file';
|
||||||
|
|
||||||
add_a_provider( $table, $number, $mark, $duplicate, $interface, $gateway, $options, $copy );
|
add_a_provider( $table, $number, $mark, $duplicate, $interface, $gateway, $options, $copy );
|
||||||
|
|
||||||
@ -441,7 +435,7 @@ sub setup_providers() {
|
|||||||
$first_entry = 0;
|
$first_entry = 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
my ( $source, $dest, $provider, $priority ) = split_line 4, 'route_rules file';
|
my ( $source, $dest, $provider, $priority ) = split_line 4, 4, 'route_rules file';
|
||||||
|
|
||||||
add_an_rtrule( $source, $dest, $provider , $priority );
|
add_an_rtrule( $source, $dest, $provider , $priority );
|
||||||
}
|
}
|
||||||
|
@ -93,7 +93,7 @@ sub setup_proxy_arp() {
|
|||||||
|
|
||||||
while ( read_a_line ) {
|
while ( read_a_line ) {
|
||||||
|
|
||||||
my ( $address, $interface, $external, $haveroute, $persistent ) = split_line 5, 'proxyarp file';
|
my ( $address, $interface, $external, $haveroute, $persistent ) = split_line 3, 5, 'proxyarp file';
|
||||||
|
|
||||||
if ( $first_entry ) {
|
if ( $first_entry ) {
|
||||||
progress_message2 "$doing $fn...";
|
progress_message2 "$doing $fn...";
|
||||||
|
@ -71,7 +71,7 @@ sub process_tos() {
|
|||||||
|
|
||||||
while ( read_a_line ) {
|
while ( read_a_line ) {
|
||||||
|
|
||||||
my ($src, $dst, $proto, $sports, $ports , $tos ) = split_line 6, 'tos file';
|
my ($src, $dst, $proto, $sports, $ports , $tos ) = split_line 6, 6, 'tos file';
|
||||||
|
|
||||||
if ( $first_entry ) {
|
if ( $first_entry ) {
|
||||||
progress_message2 "$doing $fn...";
|
progress_message2 "$doing $fn...";
|
||||||
@ -133,7 +133,7 @@ sub setup_ecn()
|
|||||||
|
|
||||||
while ( read_a_line ) {
|
while ( read_a_line ) {
|
||||||
|
|
||||||
my ($interface, $hosts ) = split_line 2, 'ecn file';
|
my ($interface, $hosts ) = split_line 1, 2, 'ecn file';
|
||||||
|
|
||||||
if ( $first_entry ) {
|
if ( $first_entry ) {
|
||||||
progress_message2 "$doing $fn...";
|
progress_message2 "$doing $fn...";
|
||||||
@ -200,7 +200,7 @@ sub setup_rfc1918_filteration( $ ) {
|
|||||||
|
|
||||||
while ( read_a_line ) {
|
while ( read_a_line ) {
|
||||||
|
|
||||||
my ( $networks, $target ) = split_line 2, 'rfc1918 file';
|
my ( $networks, $target ) = split_line 2, 2, 'rfc1918 file';
|
||||||
|
|
||||||
my $s_target;
|
my $s_target;
|
||||||
|
|
||||||
@ -282,7 +282,7 @@ sub setup_blacklist() {
|
|||||||
|
|
||||||
while ( read_a_line ) {
|
while ( read_a_line ) {
|
||||||
|
|
||||||
my ( $networks, $protocol, $ports ) = split_line 3, 'blacklist file';
|
my ( $networks, $protocol, $ports ) = split_line 1, 3, 'blacklist file';
|
||||||
|
|
||||||
if ( $first_entry ) {
|
if ( $first_entry ) {
|
||||||
unless ( @$hosts ) {
|
unless ( @$hosts ) {
|
||||||
@ -341,14 +341,14 @@ sub process_criticalhosts() {
|
|||||||
|
|
||||||
my $routeback = 0;
|
my $routeback = 0;
|
||||||
|
|
||||||
my ($interface, $hosts, $options ) = split_line 3, 'routestopped file';
|
my ($interface, $hosts, $options ) = split_line 1, 3, 'routestopped file';
|
||||||
|
|
||||||
if ( $first_entry ) {
|
if ( $first_entry ) {
|
||||||
progress_message2 "$doing $fn for critical hosts...";
|
progress_message2 "$doing $fn for critical hosts...";
|
||||||
$first_entry = 0;
|
$first_entry = 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
$hosts = ALLIPv4 unless $hosts && $hosts ne '-';
|
$hosts = ALLIPv4 unless $hosts ne '-';
|
||||||
|
|
||||||
my @hosts;
|
my @hosts;
|
||||||
|
|
||||||
@ -384,7 +384,7 @@ sub process_routestopped() {
|
|||||||
|
|
||||||
my $routeback = 0;
|
my $routeback = 0;
|
||||||
|
|
||||||
my ($interface, $hosts, $options ) = split_line 3, 'routestopped file';
|
my ($interface, $hosts, $options ) = split_line 1, 3, 'routestopped file';
|
||||||
|
|
||||||
if ( $first_entry ) {
|
if ( $first_entry ) {
|
||||||
progress_message2 "$doing $fn...";
|
progress_message2 "$doing $fn...";
|
||||||
@ -673,7 +673,7 @@ sub setup_mac_lists( $ ) {
|
|||||||
|
|
||||||
while ( read_a_line ) {
|
while ( read_a_line ) {
|
||||||
|
|
||||||
my ( $disposition, $interface, $mac, $addresses ) = split_line 4, 'maclist file';
|
my ( $disposition, $interface, $mac, $addresses ) = split_line 3, 4, 'maclist file';
|
||||||
|
|
||||||
if ( $first_entry ) {
|
if ( $first_entry ) {
|
||||||
progress_message2 "$doing $fn...";
|
progress_message2 "$doing $fn...";
|
||||||
@ -785,7 +785,7 @@ sub process_macro ( $$$$$$$$$$$ ) {
|
|||||||
|
|
||||||
while ( read_a_line ) {
|
while ( read_a_line ) {
|
||||||
|
|
||||||
my ( $mtarget, $msource, $mdest, $mproto, $mports, $msports, $mrate, $muser ) = split_line 8, 'macro file';
|
my ( $mtarget, $msource, $mdest, $mproto, $mports, $msports, $mrate, $muser ) = split_line 1, 8, 'macro file';
|
||||||
|
|
||||||
$mtarget = merge_levels $target, $mtarget;
|
$mtarget = merge_levels $target, $mtarget;
|
||||||
|
|
||||||
@ -1212,7 +1212,7 @@ sub process_rules() {
|
|||||||
|
|
||||||
while ( read_a_line ) {
|
while ( read_a_line ) {
|
||||||
|
|
||||||
my ( $target, $source, $dest, $proto, $ports, $sports, $origdest, $ratelimit, $user ) = split_line 9, 'rules file';
|
my ( $target, $source, $dest, $proto, $ports, $sports, $origdest, $ratelimit, $user ) = split_line 3, 9, 'rules file';
|
||||||
|
|
||||||
if ( $first_entry ) {
|
if ( $first_entry ) {
|
||||||
progress_message2 "$doing $fn...";
|
progress_message2 "$doing $fn...";
|
||||||
|
@ -320,7 +320,7 @@ sub validate_tc_class( $$$$$$ ) {
|
|||||||
$tcref->{tos} = [];
|
$tcref->{tos} = [];
|
||||||
$tcref->{rate} = convert_rate $full, $rate;
|
$tcref->{rate} = convert_rate $full, $rate;
|
||||||
$tcref->{ceiling} = convert_rate $full, $ceil;
|
$tcref->{ceiling} = convert_rate $full, $ceil;
|
||||||
$tcref->{priority} = defined $prio ? $prio : 1;
|
$tcref->{priority} = $prio eq '-' ? 1 : $prio;
|
||||||
|
|
||||||
unless ( $options eq '-' ) {
|
unless ( $options eq '-' ) {
|
||||||
for my $option ( split /,/, "\L$options" ) {
|
for my $option ( split /,/, "\L$options" ) {
|
||||||
@ -358,7 +358,7 @@ sub setup_traffic_shaping() {
|
|||||||
|
|
||||||
while ( read_a_line ) {
|
while ( read_a_line ) {
|
||||||
|
|
||||||
my ( $device, $inband, $outband ) = split_line 3, 'tcdevices';
|
my ( $device, $inband, $outband ) = split_line 3, 3, 'tcdevices';
|
||||||
|
|
||||||
if ( $first_entry ) {
|
if ( $first_entry ) {
|
||||||
progress_message2 "$doing $fn...";
|
progress_message2 "$doing $fn...";
|
||||||
@ -382,7 +382,7 @@ sub setup_traffic_shaping() {
|
|||||||
$first_entry = 0;
|
$first_entry = 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
my ( $device, $mark, $rate, $ceil, $prio, $options ) = split_line 6, 'tcclasses file';
|
my ( $device, $mark, $rate, $ceil, $prio, $options ) = split_line 4, 6, 'tcclasses file';
|
||||||
|
|
||||||
validate_tc_class( $device, $mark, $rate, $ceil, $prio, $options );
|
validate_tc_class( $device, $mark, $rate, $ceil, $prio, $options );
|
||||||
}
|
}
|
||||||
@ -509,7 +509,7 @@ sub setup_tc() {
|
|||||||
|
|
||||||
while ( read_a_line ) {
|
while ( read_a_line ) {
|
||||||
|
|
||||||
my ( $mark, $source, $dest, $proto, $ports, $sports, $user, $testval, $length, $tos ) = split_line 10, 'tcrules file';
|
my ( $mark, $source, $dest, $proto, $ports, $sports, $user, $testval, $length, $tos ) = split_line 2, 10, 'tcrules file';
|
||||||
|
|
||||||
if ( $first_entry ) {
|
if ( $first_entry ) {
|
||||||
progress_message2 "$doing $fn...";
|
progress_message2 "$doing $fn...";
|
||||||
|
@ -237,7 +237,7 @@ sub setup_tunnels() {
|
|||||||
|
|
||||||
while ( read_a_line ) {
|
while ( read_a_line ) {
|
||||||
|
|
||||||
my ( $kind, $zone, $gateway, $gatewayzones ) = split_line 4, 'tunnels file';
|
my ( $kind, $zone, $gateway, $gatewayzones ) = split_line 2, 4, 'tunnels file';
|
||||||
|
|
||||||
if ( $first_entry ) {
|
if ( $first_entry ) {
|
||||||
progress_message2 "$doing $fn...";
|
progress_message2 "$doing $fn...";
|
||||||
|
@ -188,7 +188,7 @@ sub determine_zones()
|
|||||||
|
|
||||||
my @parents;
|
my @parents;
|
||||||
|
|
||||||
my ($zone, $type, $options, $in_options, $out_options ) = split_line 5, 'zones file';
|
my ($zone, $type, $options, $in_options, $out_options ) = split_line 1, 5, 'zones file';
|
||||||
|
|
||||||
if ( $first_entry ) {
|
if ( $first_entry ) {
|
||||||
progress_message2 "$doing $fn...";
|
progress_message2 "$doing $fn...";
|
||||||
|
Loading…
Reference in New Issue
Block a user