extern/shorewall_code
1
0
Fork 1
mirror of https://gitlab.com/shorewall/code.git synced 2025-06-19 17:28:35 +02:00
Code Issues Packages Projects Releases Wiki Activity

Correct stop/start Docker handling

Browse Source 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
This commit is contained in:
Tom Eastep 2016-02-25 13:37:44 -08:00
parent ee5ef07035
commit 6e1cc0f1d0
2 changed files with 14 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
Shorewall/Perl/Shorewall/Chains.pm
View File

@ -264,6 +264,7 @@ our %EXPORT_TAGS = (
have_address_variables have_address_variables
set_global_variables set_global_variables
save_dynamic_chains save_dynamic_chains
save_docker_rules
load_ipsets load_ipsets
create_save_ipsets create_save_ipsets
validate_nfobject validate_nfobject
@ -8063,8 +8064,7 @@ sub emitr1( $$ ) {
sub save_docker_rules($) { sub save_docker_rules($) {
my $tool = $_[0]; my $tool = $_[0];
emit( qq(), emit( qq(if [ -n "\$g_docker" ]; then),
qq(if [ -n "\$g_docker" ]; then),
qq( $tool -t nat -S DOCKER | tail -n +2 > \$VARDIR/.nat_DOCKER), qq( $tool -t nat -S DOCKER | tail -n +2 > \$VARDIR/.nat_DOCKER),
qq( $tool -t nat -S POSTROUTING | tail -n +2 | fgrep -v SHOREWALL > \$VARDIR/.nat_POSTROUTING), qq( $tool -t nat -S POSTROUTING | tail -n +2 | fgrep -v SHOREWALL > \$VARDIR/.nat_POSTROUTING),
qq( $tool -t filter -S DOCKER | tail -n +2 > \$VARDIR/.filter_DOCKER), qq( $tool -t filter -S DOCKER | tail -n +2 > \$VARDIR/.filter_DOCKER),
@ -8109,7 +8109,7 @@ else
rm -f \${VARDIR}/.dynamic rm -f \${VARDIR}/.dynamic
fi fi
EOF EOF
save_docker_rules( $tool ) if $config{DOCKER}; emit(''), save_docker_rules( $tool ) if $config{DOCKER};
} else { } else {
emit <<"EOF"; emit <<"EOF";
if chain_exists 'UPnP -t nat'; then if chain_exists 'UPnP -t nat'; then
@ -8145,7 +8145,7 @@ EOF
emit( qq(if [ "\$COMMAND" = stop -o "\$COMMAND" = clear ]; then), emit( qq(if [ "\$COMMAND" = stop -o "\$COMMAND" = clear ]; then),
qq( if chain_exists dynamic; then), qq( if chain_exists dynamic; then),
qq( $tool -S dynamic | tail -n +2 > \${VARDIR}/.dynamic) ); qq( $tool -S dynamic | tail -n +2 > \${VARDIR}/.dynamic) );
save_docker_rules( $tool ) if $config{DOCKER}; emit( '' ), save_docker_rules( $tool ) if $config{DOCKER};
} else { } else {
emit( qq(if [ "\$COMMAND" = stop -o "\$COMMAND" = clear ]; then), emit( qq(if [ "\$COMMAND" = stop -o "\$COMMAND" = clear ]; then),
qq( if chain_exists dynamic; then), qq( if chain_exists dynamic; then),

10
Shorewall/Perl/Shorewall/Misc.pm
View File

@ -2488,6 +2488,16 @@ EOF
EOF EOF
if ( $config{DOCKER} ) {
push_indent;
emit( 'if [ $COMMAND = stop ]; then' );
push_indent;
save_docker_rules( $family == F_IPV4 ? '${IPTABLES}' : '${IP6TABLES}');
pop_indent;
emit( "fi\n");
pop_indent;
}
if ( have_capability( 'NAT_ENABLED' ) ) { if ( have_capability( 'NAT_ENABLED' ) ) {
emit<<'EOF'; emit<<'EOF';
if [ -f ${VARDIR}/nat ]; then if [ -f ${VARDIR}/nat ]; then