mirror of
https://gitlab.com/shorewall/code.git
synced 2024-12-16 03:10:39 +01:00
Bypass processing logic when an optional config file is absent.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
This commit is contained in:
Tom Eastep
parent
47fbc83419
commit
68f537ac5b
@ -35,7 +35,7 @@ use strict;
|
|||||||
our @ISA = qw(Exporter);
|
our @ISA = qw(Exporter);
|
||||||
our @EXPORT = qw( setup_accounting );
|
our @EXPORT = qw( setup_accounting );
|
||||||
our @EXPORT_OK = qw( );
|
our @EXPORT_OK = qw( );
|
||||||
our $VERSION = '4.4.13';
|
our $VERSION = '4.4.14';
|
||||||
|
|
||||||
#
|
#
|
||||||
# Called by the compiler to [re-]initialize this module's state
|
# Called by the compiler to [re-]initialize this module's state
|
||||||
@ -224,7 +224,7 @@ sub process_accounting_rule( ) {
|
|||||||
|
|
||||||
sub setup_accounting() {
|
sub setup_accounting() {
|
||||||
|
|
||||||
my $fn = open_file 'accounting';
|
if ( my $fn = open_file 'accounting' ) {
|
||||||
|
|
||||||
first_entry "$doing $fn...";
|
first_entry "$doing $fn...";
|
||||||
|
|
||||||
@ -265,7 +265,7 @@ sub setup_accounting() {
|
|||||||
for ( accounting_chainrefs ) {
|
for ( accounting_chainrefs ) {
|
||||||
warning_message "Accounting chain $_->{name} has no references" unless keys %{$_->{references}};
|
warning_message "Accounting chain $_->{name} has no references" unless keys %{$_->{references}};
|
||||||
}
|
}
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
1;
|
1;
|
||||||
|
|||||||
@ -132,7 +132,7 @@ our %EXPORT_TAGS = ( internal => [ qw( create_temp_script
|
|||||||
|
|
||||||
Exporter::export_ok_tags('internal');
|
Exporter::export_ok_tags('internal');
|
||||||
|
|
||||||
our $VERSION = '4.4_13';
|
our $VERSION = '4.4_14';
|
||||||
|
|
||||||
#
|
#
|
||||||
# describe the current command, it's present progressive, and it's completion.
|
# describe the current command, it's present progressive, and it's completion.
|
||||||
|
|||||||
@ -36,7 +36,7 @@ use strict;
|
|||||||
our @ISA = qw(Exporter);
|
our @ISA = qw(Exporter);
|
||||||
our @EXPORT = qw( setup_masq setup_nat setup_netmap add_addresses );
|
our @EXPORT = qw( setup_masq setup_nat setup_netmap add_addresses );
|
||||||
our @EXPORT_OK = ();
|
our @EXPORT_OK = ();
|
||||||
our $VERSION = '4.4_13';
|
our $VERSION = '4.4_14';
|
||||||
|
|
||||||
our @addresses_to_add;
|
our @addresses_to_add;
|
||||||
our %addresses_to_add;
|
our %addresses_to_add;
|
||||||
@ -262,14 +262,14 @@ sub process_one_masq( )
|
|||||||
#
|
#
|
||||||
sub setup_masq()
|
sub setup_masq()
|
||||||
{
|
{
|
||||||
my $fn = open_file 'masq';
|
if ( my $fn = open_file 'masq' ) {
|
||||||
|
|
||||||
first_entry( sub { progress_message2 "$doing $fn..."; require_capability 'NAT_ENABLED' , 'a non-empty masq file' , 's'; } );
|
first_entry( sub { progress_message2 "$doing $fn..."; require_capability 'NAT_ENABLED' , 'a non-empty masq file' , 's'; } );
|
||||||
|
|
||||||
process_one_masq while read_a_line;
|
process_one_masq while read_a_line;
|
||||||
|
|
||||||
clear_comment;
|
clear_comment;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
#
|
#
|
||||||
@ -359,7 +359,7 @@ sub do_one_nat( $$$$$ )
|
|||||||
#
|
#
|
||||||
sub setup_nat() {
|
sub setup_nat() {
|
||||||
|
|
||||||
my $fn = open_file 'nat';
|
if ( my $fn = open_file 'nat' ) {
|
||||||
|
|
||||||
first_entry( sub { progress_message2 "$doing $fn..."; require_capability 'NAT_ENABLED' , 'a non-empty nat file' , 's'; } );
|
first_entry( sub { progress_message2 "$doing $fn..."; require_capability 'NAT_ENABLED' , 'a non-empty nat file' , 's'; } );
|
||||||
|
|
||||||
@ -381,10 +381,10 @@ sub setup_nat() {
|
|||||||
|
|
||||||
progress_message " NAT entry \"$currentline\" $done";
|
progress_message " NAT entry \"$currentline\" $done";
|
||||||
}
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
clear_comment;
|
clear_comment;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
#
|
#
|
||||||
@ -392,7 +392,7 @@ sub setup_nat() {
|
|||||||
#
|
#
|
||||||
sub setup_netmap() {
|
sub setup_netmap() {
|
||||||
|
|
||||||
my $fn = open_file 'netmap';
|
if ( my $fn = open_file 'netmap' ) {
|
||||||
|
|
||||||
first_entry( sub { progress_message2 "$doing $fn..."; require_capability 'NAT_ENABLED' , 'a non-empty netmap file' , 's'; } );
|
first_entry( sub { progress_message2 "$doing $fn..."; require_capability 'NAT_ENABLED' , 'a non-empty netmap file' , 's'; } );
|
||||||
|
|
||||||
@ -428,6 +428,9 @@ sub setup_netmap() {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
clear_comment;
|
||||||
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
sub add_addresses () {
|
sub add_addresses () {
|
||||||
|
|||||||
@ -35,7 +35,7 @@ use strict;
|
|||||||
our @ISA = qw(Exporter);
|
our @ISA = qw(Exporter);
|
||||||
our @EXPORT = qw( setup_providers @routemarked_interfaces handle_stickiness handle_optional_interfaces );
|
our @EXPORT = qw( setup_providers @routemarked_interfaces handle_stickiness handle_optional_interfaces );
|
||||||
our @EXPORT_OK = qw( initialize lookup_provider );
|
our @EXPORT_OK = qw( initialize lookup_provider );
|
||||||
our $VERSION = '4.4_13';
|
our $VERSION = '4.4_14';
|
||||||
|
|
||||||
use constant { LOCAL_TABLE => 255,
|
use constant { LOCAL_TABLE => 255,
|
||||||
MAIN_TABLE => 254,
|
MAIN_TABLE => 254,
|
||||||
@ -757,7 +757,7 @@ sub setup_providers() {
|
|||||||
|
|
||||||
$lastmark = 0;
|
$lastmark = 0;
|
||||||
|
|
||||||
my $fn = open_file 'providers';
|
if ( my $fn = open_file 'providers' ) {
|
||||||
|
|
||||||
first_entry sub() {
|
first_entry sub() {
|
||||||
progress_message2 "$doing $fn...";
|
progress_message2 "$doing $fn...";
|
||||||
@ -766,6 +766,7 @@ sub setup_providers() {
|
|||||||
start_providers; };
|
start_providers; };
|
||||||
|
|
||||||
add_a_provider, $providers++ while read_a_line;
|
add_a_provider, $providers++ while read_a_line;
|
||||||
|
}
|
||||||
|
|
||||||
if ( $providers ) {
|
if ( $providers ) {
|
||||||
finish_providers;
|
finish_providers;
|
||||||
|
|||||||
@ -34,7 +34,7 @@ use strict;
|
|||||||
our @ISA = qw(Exporter);
|
our @ISA = qw(Exporter);
|
||||||
our @EXPORT = qw( setup_notrack );
|
our @EXPORT = qw( setup_notrack );
|
||||||
our @EXPORT_OK = qw( );
|
our @EXPORT_OK = qw( );
|
||||||
our $VERSION = '4.4_13';
|
our $VERSION = '4.4_14';
|
||||||
|
|
||||||
#
|
#
|
||||||
# Notrack
|
# Notrack
|
||||||
@ -76,7 +76,7 @@ sub process_notrack_rule( $$$$$$ ) {
|
|||||||
|
|
||||||
sub setup_notrack() {
|
sub setup_notrack() {
|
||||||
|
|
||||||
my $fn = open_file 'notrack';
|
if ( my $fn = open_file 'notrack' ) {
|
||||||
|
|
||||||
first_entry "$doing $fn...";
|
first_entry "$doing $fn...";
|
||||||
|
|
||||||
@ -94,6 +94,7 @@ sub setup_notrack() {
|
|||||||
}
|
}
|
||||||
|
|
||||||
clear_comment;
|
clear_comment;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
1;
|
1;
|
||||||
|
|||||||
@ -46,7 +46,7 @@ our @EXPORT = qw( process_tos
|
|||||||
compile_stop_firewall
|
compile_stop_firewall
|
||||||
);
|
);
|
||||||
our @EXPORT_OK = qw( process_rule process_rule1 initialize );
|
our @EXPORT_OK = qw( process_rule process_rule1 initialize );
|
||||||
our $VERSION = '4.4_13';
|
our $VERSION = '4.4_14';
|
||||||
|
|
||||||
our $macro_nest_level;
|
our $macro_nest_level;
|
||||||
our $current_param;
|
our $current_param;
|
||||||
@ -322,10 +322,9 @@ sub setup_blacklist() {
|
|||||||
|
|
||||||
sub process_routestopped() {
|
sub process_routestopped() {
|
||||||
|
|
||||||
|
if ( my $fn = open_file 'routestopped' ) {
|
||||||
my ( @allhosts, %source, %dest , %notrack, @rule );
|
my ( @allhosts, %source, %dest , %notrack, @rule );
|
||||||
|
|
||||||
my $fn = open_file 'routestopped';
|
|
||||||
|
|
||||||
my $seq = 0;
|
my $seq = 0;
|
||||||
|
|
||||||
first_entry "$doing $fn...";
|
first_entry "$doing $fn...";
|
||||||
@ -354,6 +353,7 @@ sub process_routestopped() {
|
|||||||
push @rule, $rule;
|
push @rule, $rule;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
unless ( $options eq '-' ) {
|
unless ( $options eq '-' ) {
|
||||||
for my $option (split /,/, $options ) {
|
for my $option (split /,/, $options ) {
|
||||||
if ( $option eq 'routeback' ) {
|
if ( $option eq 'routeback' ) {
|
||||||
@ -437,6 +437,7 @@ sub process_routestopped() {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
sub setup_mss();
|
sub setup_mss();
|
||||||
@ -759,7 +760,7 @@ sub setup_mac_lists( $ ) {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
my $fn = open_file 'maclist';
|
if ( my $fn = open_file 'maclist' ) {
|
||||||
|
|
||||||
first_entry "$doing $fn...";
|
first_entry "$doing $fn...";
|
||||||
|
|
||||||
@ -807,6 +808,7 @@ sub setup_mac_lists( $ ) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
clear_comment;
|
clear_comment;
|
||||||
|
}
|
||||||
#
|
#
|
||||||
# Generate jumps from the input and forward chains
|
# Generate jumps from the input and forward chains
|
||||||
#
|
#
|
||||||
@ -1653,11 +1655,15 @@ sub process_rules() {
|
|||||||
|
|
||||||
my $fn = open_file 'rules';
|
my $fn = open_file 'rules';
|
||||||
|
|
||||||
|
if ( $fn ) {
|
||||||
|
|
||||||
first_entry "$doing $fn...";
|
first_entry "$doing $fn...";
|
||||||
|
|
||||||
process_rule while read_a_line;
|
process_rule while read_a_line;
|
||||||
|
|
||||||
clear_comment;
|
clear_comment;
|
||||||
|
}
|
||||||
|
|
||||||
$section = 'DONE';
|
$section = 'DONE';
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -1739,7 +1745,7 @@ sub generate_source_rules( $$$$ ) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
#
|
#
|
||||||
# Loopback traffic -- this is where we assemble the intra-firewall traffic routing
|
# Loopback traffic -- this is where we assemble the intra-firewall chains
|
||||||
#
|
#
|
||||||
sub handle_loopback_traffic() {
|
sub handle_loopback_traffic() {
|
||||||
my @zones = ( vserver_zones, firewall_zone );
|
my @zones = ( vserver_zones, firewall_zone );
|
||||||
|
|||||||
@ -34,7 +34,7 @@ use strict;
|
|||||||
our @ISA = qw(Exporter);
|
our @ISA = qw(Exporter);
|
||||||
our @EXPORT = qw( setup_tunnels );
|
our @EXPORT = qw( setup_tunnels );
|
||||||
our @EXPORT_OK = ( );
|
our @EXPORT_OK = ( );
|
||||||
our $VERSION = '4.4_13';
|
our $VERSION = '4.4_14';
|
||||||
|
|
||||||
#
|
#
|
||||||
# Here starts the tunnel stuff -- we really should get rid of this crap...
|
# Here starts the tunnel stuff -- we really should get rid of this crap...
|
||||||
@ -277,7 +277,7 @@ sub setup_tunnels() {
|
|||||||
#
|
#
|
||||||
# Setup_Tunnels() Starts Here
|
# Setup_Tunnels() Starts Here
|
||||||
#
|
#
|
||||||
my $fn = open_file 'tunnels';
|
if ( my $fn = open_file 'tunnels' ) {
|
||||||
|
|
||||||
first_entry "$doing $fn...";
|
first_entry "$doing $fn...";
|
||||||
|
|
||||||
@ -293,6 +293,7 @@ sub setup_tunnels() {
|
|||||||
}
|
}
|
||||||
|
|
||||||
clear_comment;
|
clear_comment;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
1;
|
1;
|
||||||
|
|||||||
@ -84,7 +84,7 @@ our @EXPORT = qw( NOTHING
|
|||||||
);
|
);
|
||||||
|
|
||||||
our @EXPORT_OK = qw( initialize );
|
our @EXPORT_OK = qw( initialize );
|
||||||
our $VERSION = '4.4_13';
|
our $VERSION = '4.4_14';
|
||||||
|
|
||||||
#
|
#
|
||||||
# IPSEC Option types
|
# IPSEC Option types
|
||||||
@ -1774,11 +1774,12 @@ sub validate_hosts_file()
|
|||||||
{
|
{
|
||||||
my $ipsec = 0;
|
my $ipsec = 0;
|
||||||
|
|
||||||
my $fn = open_file 'hosts';
|
if ( my $fn = open_file 'hosts' ) {
|
||||||
|
|
||||||
first_entry "$doing $fn...";
|
first_entry "$doing $fn...";
|
||||||
|
|
||||||
$ipsec |= process_host while read_a_line;
|
$ipsec |= process_host while read_a_line;
|
||||||
|
}
|
||||||
|
|
||||||
$have_ipsec = $ipsec || haveipseczones;
|
$have_ipsec = $ipsec || haveipseczones;
|
||||||
|
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user