diff --git a/Shorewall/Perl/Shorewall/Config.pm b/Shorewall/Perl/Shorewall/Config.pm index 4135536d3..f5921c03f 100644 --- a/Shorewall/Perl/Shorewall/Config.pm +++ b/Shorewall/Perl/Shorewall/Config.pm @@ -100,6 +100,7 @@ our %EXPORT_TAGS = ( internal => [ qw( create_temp_script pop_open push_params pop_params + default_params read_a_line validate_level which @@ -1808,6 +1809,16 @@ sub pop_params( $ ) { %actparms = %$oldparms; } +sub default_params { + my $val; + + for ( my $i = 1; 1; $i++ ) { + last unless defined ( $val = shift ); + my $curval = $actparms{$i}; + $actparms{$i} =$val eq '-' ? '' : $val eq '--' ? '-' : $val unless defined $curval && $curval ne ''; + } +} + # # Read a line from the current include stack. # diff --git a/Shorewall/Perl/Shorewall/Rules.pm b/Shorewall/Perl/Shorewall/Rules.pm index 0b8d80519..fdfbc0d91 100644 --- a/Shorewall/Perl/Shorewall/Rules.pm +++ b/Shorewall/Perl/Shorewall/Rules.pm @@ -73,7 +73,7 @@ my @builtins; # # Commands that can be embedded in a basic rule and how many total tokens on the line (0 => unlimited). # -my $rule_commands = { COMMENT => 0, FORMAT => 2, SECTION => 2 }; +my $rule_commands = { COMMENT => 0, FORMAT => 2, SECTION => 2, DEFAULT => 2 }; use constant { MAX_MACRO_NEST_LEVEL => 5 }; @@ -1477,6 +1477,11 @@ sub process_action( $) { next; } + if ( $format == 2 && $target eq 'DEFAULTS' ) { + default_params( split_list $source, 'defaults' ); + next; + } + process_rule1( $chainref, merge_levels( "$action:$level:$tag", $target ), '',