Detect bridges

Signed-off-by: Tom Eastep <teastep@shorewall.net>
This commit is contained in:
Tom Eastep 2010-03-23 08:38:54 -07:00
parent 8fc1a08766
commit 5e9aceae68

View File

@ -76,7 +76,7 @@ our @EXPORT = qw( NOTHING
); );
our @EXPORT_OK = qw( initialize ); our @EXPORT_OK = qw( initialize );
our $VERSION = '4.4_7'; our $VERSION = '4.4_9';
# #
# IPSEC Option types # IPSEC Option types
@ -727,11 +727,18 @@ sub firewall_zone() {
$firewall_zone; $firewall_zone;
} }
#
# Determine if the passed physical device is a bridge
#
sub is_a_bridge( $ ) {
qt( "brctl show | tail -n+2 | grep -q '^$_[0]\[\[:space:\]\]'" );
}
# #
# Process a record in the interfaces file # Process a record in the interfaces file
# #
sub process_interface( $ ) { sub process_interface( $$ ) {
my $nextinum = $_[0]; my ( $nextinum, $export ) = @_;
my $netsref = ''; my $netsref = '';
my ($zone, $originalinterface, $bcasts, $options ) = split_line 2, 4, 'interfaces file'; my ($zone, $originalinterface, $bcasts, $options ) = split_line 2, 4, 'interfaces file';
my $zoneref; my $zoneref;
@ -926,9 +933,11 @@ sub process_interface( $ ) {
if ( $options{bridge} ) { if ( $options{bridge} ) {
require_capability( 'PHYSDEV_MATCH', 'The "bridge" option', 's'); require_capability( 'PHYSDEV_MATCH', 'The "bridge" option', 's');
fatal_error "Bridges may not have wildcard names" if $wildcard; fatal_error "Bridges may not have wildcard names" if $wildcard;
$options{routeback} = 1; $hostoptions{routeback} = $options{routeback} = 1;
} }
$hostoptions{routeback} = $options{routeback} = is_a_bridge( $physical ) unless $export || $options{routeback};
$zoneref->{options}{in_out}{routeback} = 1 if $zoneref && $options{routeback}; $zoneref->{options}{in_out}{routeback} = 1 if $zoneref && $options{routeback};
$hostoptionsref = \%hostoptions; $hostoptionsref = \%hostoptions;
@ -974,7 +983,7 @@ sub validate_interfaces_file( $ ) {
first_entry "$doing $fn..."; first_entry "$doing $fn...";
push @ifaces, process_interface( $nextinum++) while read_a_line; push @ifaces, process_interface( $nextinum++, $export ) while read_a_line;
# #
# We now assemble the @interfaces array such that bridge ports immediately precede their associated bridge # We now assemble the @interfaces array such that bridge ports immediately precede their associated bridge