Move IPSEC option constants to the Zones module; Add Rules module

git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@5528 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb

New/Shorewall/Chains.pm

@@ -416,7 +416,7 @@ sub finish_section ( $ ) {
 
     for my $zone ( @zones ) {
 	for my $zone1 ( @zones ) {
-	    my $chainref = $chain_table{'filter'}{"${zone}2${zone1}"};
+	    my $chainref = $chain_table{'filter'}{"$zone}2${zone1}"};
 	    if ( $chainref->{referenced} ) {
 		finish_chain_section $chainref, $sections;
 	    }

New/Shorewall/Rules.pm

@@ -0,0 +1,64 @@
+package Shorewall::Rules;
+require Exporter;
+
+our @ISA = qw(Exporter);
+our @EXPORT = qw( STANDARD
+		  NATRULE
+		  BUILTIN
+		  NONAT
+		  NATONLY
+		  REDIRECT
+		  ACTION
+		  MACRO
+		  LOGRULE
+		  
+		  %targets
+		  );
+our @EXPORT_OK = ();
+our @VERSION = 1.00;
+
+#
+#  Target Table. Each entry maps a target to a set of flags defined as follows.
+#
+use constant { STANDARD => 1,              #defined by Netfilter
+	       NATRULE  => 2,              #Involved NAT
+	       BUILTIN  => 4,              #A built-in action
+	       NONAT    => 8,              #'NONAT' or 'ACCEPT+'
+	       NATONLY  => 16,             #'DNAT-' or 'REDIRECT-'
+	       REDIRECT => 32,             #'REDIRECT'
+	       ACTION   => 64,             #An action
+	       MACRO    => 128,            #A Macro
+	       LOGRULE  => 256,            #'LOG'
+	   };
+#
+#   As new targets (Actions and Macros) are discovered, they are added to the table
+#
+our %targets = ('ACCEPT'       => STANDARD,
+		'ACCEPT+'      => STANDARD  + NONAT,
+		'ACCEPT!'      => STANDARD,
+		'NONAT'        => STANDARD  + NONAT,
+		'DROP'         => STANDARD,
+		'DROP!'        => STANDARD,
+		'REJECT'       => STANDARD,
+		'REJECT!'      => STANDARD,
+		'DNAT'         => NATRULE,
+		'DNAT-'        => NATRULE  + NATONLY,
+		'REDIRECT'     => NATRULE  + REDIRECT,
+		'REDIRECT-'    => NATRULE  + REDIRECT + NATONLY,
+		'LOG'          => STANDARD + LOGRULE,
+		'CONTINUE'     => STANDARD,
+		'QUEUE'        => STANDARD,
+		'SAME'         => NATRULE,
+		'SAME-'        => NATRULE  + NATONLY,
+		'dropBcast'    => BUILTIN  + ACTION,
+		'allowBcast'   => BUILTIN  + ACTION,
+		'dropNotSyn'   => BUILTIN  + ACTION,
+		'rejNotSyn'    => BUILTIN  + ACTION,
+		'dropInvalid'  => BUILTIN  + ACTION,
+		'allowInvalid' => BUILTIN  + ACTION,
+		'allowinUPnP'  => BUILTIN  + ACTION,
+		'forwardUPnP'  => BUILTIN  + ACTION,
+		'Limit'        => BUILTIN  + ACTION,
+		);
+
+1;

New/Shorewall/Zones.pm

@@ -4,10 +4,33 @@ use Shorewall::Common;
 use Shorewall::Config;
 
 our @ISA = qw(Exporter);
-our @EXPORT = qw( determine_zones add_group_to_zone dump_zone_info zone_report @zones %zones $firewall_zone );
+our @EXPORT = qw( NOTHING
+		  NUMERIC
+		  NETWORK
+		  IPSECPROTO
+		  IPSECMODE
+	     
+		  determine_zones
+		  add_group_to_zone
+		  dump_zone_info
+		  zone_report
+
+		  @zones 
+		  %zones
+		  $firewall_zone );
 our @EXPORT_OK = ();
 our @VERSION = 1.00;
 
+#
+# IPSEC Option types
+#
+use constant { NOTHING    => 'NOTHING',
+	       NUMERIC    => '0x[\da-fA-F]+|\d+',
+	       NETWORK    => '\d+.\d+.\d+.\d+(\/\d+)?',
+	       IPSECPROTO => 'ah|esp|ipcomp',
+	       IPSECMODE  => 'tunnel|transport'
+	       };
+
 #
 # Zone Table. 
 #

New/compiler.pl

@@ -10,16 +10,8 @@ use Shorewall::Chains;
 use Shorewall::Zones;
 use Shorewall::Interfaces;
 use Shorewall::Hosts;
+use Shorewall::Rules;
 
-#
-# IPSEC Option types
-#
-use constant { NOTHING    => 'NOTHING',
-	       NUMERIC    => '0x[\da-fA-F]+|\d+',
-	       NETWORK    => '\d+.\d+.\d+.\d+(\/\d+)?',
-	       IPSECPROTO => 'ah|esp|ipcomp',
-	       IPSECMODE  => 'tunnel|transport'
-	       };
 
 my ( $command, $doing, $done ) = qw/ compile Compiling Compiled/; #describe the current command, it's present progressive, and it's completion.
 
@@ -57,50 +49,7 @@ my @allipv4 = ( '0.0.0.0/0' );
 use constant { ALLIPv4 => '0.0.0.0/0' };
 
 my @rfc1918_networks = ( "10.0.0.0/24", "172.16.0.0/12", "192.168.0.0/16" );
-#
+
-#  Target Table. Each entry maps a target to a set of flags defined as follows.
-#
-use constant { STANDARD => 1,              #defined by Netfilter
-	       NATRULE  => 2,              #Involved NAT
-	       BUILTIN  => 4,              #A built-in action
-	       NONAT    => 8,              #'NONAT' or 'ACCEPT+'
-	       NATONLY  => 16,             #'DNAT-' or 'REDIRECT-'
-	       REDIRECT => 32,             #'REDIRECT'
-	       ACTION   => 64,             #An action
-	       MACRO    => 128,            #A Macro
-	       LOGRULE  => 256,            #'LOG'
-	   };
-#
-#   As new targets (Actions and Macros) are discovered, they are added to the table
-#
-my %targets = ('ACCEPT'       => STANDARD,
-	       'ACCEPT+'      => STANDARD  + NONAT,
-	       'ACCEPT!'      => STANDARD,
-	       'NONAT'        => STANDARD  + NONAT,
-	       'DROP'         => STANDARD,
-	       'DROP!'        => STANDARD,
-	       'REJECT'       => STANDARD,
-	       'REJECT!'      => STANDARD,
-	       'DNAT'         => NATRULE,
-	       'DNAT-'        => NATRULE  + NATONLY,
-	       'REDIRECT'     => NATRULE  + REDIRECT,
-	       'REDIRECT-'    => NATRULE  + REDIRECT + NATONLY,
-	       'LOG'          => STANDARD + LOGRULE,
-	       'CONTINUE'     => STANDARD,
-	       'QUEUE'        => STANDARD,
-	       'SAME'         => NATRULE,
-	       'SAME-'        => NATRULE  + NATONLY,
-	       'dropBcast'    => BUILTIN  + ACTION,
-	       'allowBcast'   => BUILTIN  + ACTION,
-	       'dropNotSyn'   => BUILTIN  + ACTION,
-	       'rejNotSyn'    => BUILTIN  + ACTION,
-	       'dropInvalid'  => BUILTIN  + ACTION,
-	       'allowInvalid' => BUILTIN  + ACTION,
-	       'allowinUPnP'  => BUILTIN  + ACTION,
-	       'forwardUPnP'  => BUILTIN  + ACTION,
-	       'Limit'        => BUILTIN  + ACTION,
-	       );
-#
 #  Action Table
 #
 #     %actions{ <action1> =>  { requires => { <requisite1> = 1,