diff --git a/Shorewall/Perl/Shorewall/Config.pm b/Shorewall/Perl/Shorewall/Config.pm index 4f6a503bb..8786ab0cd 100644 --- a/Shorewall/Perl/Shorewall/Config.pm +++ b/Shorewall/Perl/Shorewall/Config.pm @@ -2786,7 +2786,7 @@ sub embedded_shell( $ ) { my $last = 0; while ( read_a_line( PLAIN_READ ) ) { - last if $last = $currentline =~ s/^\s*\??END(\s+SHELL)?\s*(?:;\s*)?$//; + last if $last = $currentline =~ s/^\s*\??END(\s+SHELL)?\s*(?:;\s*)?$//i; $command .= "$currentline\n"; } @@ -2820,7 +2820,7 @@ sub embedded_perl( $ ) { my $last = 0; while ( read_a_line( PLAIN_READ ) ) { - last if $last = $currentline =~ s/^\s*\??END(\s+PERL)?\s*(?:;\s*)?//; + last if $last = $currentline =~ s/^\s*\??END(\s+PERL)?\s*(?:;\s*)?//i; $command .= "$currentline\n"; } @@ -3117,15 +3117,15 @@ sub read_a_line($) { chop $currentline, next if ($currentline .= $_) =~ /\\$/; # # Must check for shell/perl before doing variable expansion - # + # if ( $options & EMBEDDED_ENABLED ) { - if ( $currentline =~ s/^\s*\??(BEGIN\s+)SHELL\s*;?// || $currentline =~ s/^\s*\??SHELL\s*// ) { + if ( $currentline =~ s/^\s*\??(BEGIN\s+)SHELL\s*;?//i || $currentline =~ s/^\s*\??SHELL\s*//i ) { handle_first_entry if $first_entry; embedded_shell( $1 ); next; } - if ( $currentline =~ s/^\s*\??(BEGIN\s+)PERL\s*;?// || $currentline =~ s/^\s*\??PERL\s*// ) { + if ( $currentline =~ s/^\s*\??(BEGIN\s+)PERL\s*;?//i || $currentline =~ s/^\s*\??PERL\s*//i ) { handle_first_entry if $first_entry; embedded_perl( $1 ); next; diff --git a/Shorewall/action.Broadcast b/Shorewall/action.Broadcast index 80f9737ef..96623ae9a 100644 --- a/Shorewall/action.Broadcast +++ b/Shorewall/action.Broadcast @@ -27,11 +27,11 @@ # Default action is DROP # ########################################################################################## -?FORMAT 2 +?format 2 DEFAULTS DROP,- -?BEGIN PERL; +?begin perl; use Shorewall::IPAddrs; use Shorewall::Config; @@ -71,4 +71,4 @@ add_jump $chainref, $target, 0, '-d 224.0.0.0/4 '; 1; -?END PERL; +?end perl; diff --git a/Shorewall/action.Drop b/Shorewall/action.Drop index bc1f55165..4b52beca9 100644 --- a/Shorewall/action.Drop +++ b/Shorewall/action.Drop @@ -28,12 +28,12 @@ # IF YOU ARE HAVING CONNECTION PROBLEMS, CHANGING THIS FILE WON'T HELP!!!!!!!!! # ############################################################################### -?FORMAT 2 +?format 2 # # The following magic provides different defaults for @2 thru @5, when @1 is # 'audit'. # -?BEGIN PERL; +?begin perl; use Shorewall::Config; my ( $p1, $p2, $p3 , $p4, $p5 ) = get_action_params( 5 ); @@ -50,7 +50,7 @@ if ( defined $p1 ) { 1; -?END PERL; +?end perl; DEFAULTS -,-,DROP,ACCEPT,DROP diff --git a/Shorewall/action.DropSmurfs b/Shorewall/action.DropSmurfs index 246927d94..317c023aa 100644 --- a/Shorewall/action.DropSmurfs +++ b/Shorewall/action.DropSmurfs @@ -9,11 +9,11 @@ # audit = Audit dropped packets. # ################################################################################# -?FORMAT 2 +?format 2 DEFAULTS - -?BEGIN PERL; +?begin perl; use strict; use Shorewall::Config qw(:DEFAULT F_IPV4 F_IPV6); use Shorewall::IPAddrs qw( IPv6_MULTICAST ); @@ -79,7 +79,7 @@ if ( $family == F_IPV4 ) { add_ijump( $chainref, g => $target, s => IPv6_MULTICAST ); } -?END PERL; +?end perl; diff --git a/Shorewall/action.Established b/Shorewall/action.Established index 257a9e243..9f3dfe467 100644 --- a/Shorewall/action.Established +++ b/Shorewall/action.Established @@ -27,11 +27,11 @@ # Default action is ACCEPT # ########################################################################################## -?FORMAT 2 +?format 2 DEFAULTS ACCEPT -?BEGIN PERL; +?begin perl; use Shorewall::IPAddrs; use Shorewall::Config; @@ -46,4 +46,4 @@ if ( my $check = check_state( 'ESTABLISHED' ) ) { 1; -?END PERL; +?end perl; diff --git a/Shorewall/action.Invalid b/Shorewall/action.Invalid index df22a6464..fca11a662 100644 --- a/Shorewall/action.Invalid +++ b/Shorewall/action.Invalid @@ -27,11 +27,11 @@ # Default action is DROP # ########################################################################################## -?FORMAT 2 +?format 2 DEFAULTS DROP,- -?BEGIN PERL; +?begin perl; use Shorewall::IPAddrs; use Shorewall::Config; @@ -51,4 +51,4 @@ if ( my $check = check_state( 'INVALID' ) ) { 1; -?END PERL; +?end perl; diff --git a/Shorewall/action.New b/Shorewall/action.New index 4f454b531..9b77f16d9 100644 --- a/Shorewall/action.New +++ b/Shorewall/action.New @@ -27,11 +27,11 @@ # Default action is ACCEPT # ########################################################################################## -?FORMAT 2 +?format 2 DEFAULTS ACCEPT -?BEGIN PERL; +?begin perl; use Shorewall::IPAddrs; use Shorewall::Config; @@ -46,4 +46,4 @@ if ( my $check = check_state( 'NEW' ) ) { 1; -?END PERL; +?end perl; diff --git a/Shorewall/action.NotSyn b/Shorewall/action.NotSyn index b7a1f2634..b46edf433 100644 --- a/Shorewall/action.NotSyn +++ b/Shorewall/action.NotSyn @@ -27,11 +27,11 @@ # Default action is DROP # ########################################################################################## -?FORMAT 2 +?format 2 DEFAULTS DROP,- -?BEGIN PERL; +?begin perl; use strict; use Shorewall::IPAddrs; @@ -50,4 +50,4 @@ perl_action_tcp_helper( $action, '-p 6 ! --syn' ); 1; -?END PERL; +?end perl; diff --git a/Shorewall/action.RST b/Shorewall/action.RST index 499859b19..1f4f135f2 100644 --- a/Shorewall/action.RST +++ b/Shorewall/action.RST @@ -27,11 +27,11 @@ # Default action is DROP # ########################################################################################## -?FORMAT 2 +?format 2 DEFAULTS DROP,- -?BEGIN PERL; +?begin perl; use Shorewall::Config; use Shorewall::Chains; @@ -48,4 +48,4 @@ perl_action_tcp_helper( $action, '-p 6 --tcp-flags RST RST' ); 1; -?END PERL; +?end perl; diff --git a/Shorewall/action.Reject b/Shorewall/action.Reject index d94033e65..27a402de6 100644 --- a/Shorewall/action.Reject +++ b/Shorewall/action.Reject @@ -27,12 +27,12 @@ # # IF YOU ARE HAVING CONNECTION PROBLEMS, CHANGING THIS FILE WON'T HELP!!!!!!!!! ############################################################################### -?FORMAT 2 +?format 2 # # The following magic provides different defaults for @2 thru @5, when @1 is # 'audit'. # -?BEGIN PERL; +?begin perl; use Shorewall::Config; my ( $p1, $p2, $p3 , $p4, $p5 ) = get_action_params( 5 ); @@ -49,7 +49,7 @@ if ( defined $p1 ) { 1; -?END PERL; +?end perl; DEFAULTS -,-,REJECT,ACCEPT,DROP diff --git a/Shorewall/action.Related b/Shorewall/action.Related index 7e7a83582..6edc5ee68 100644 --- a/Shorewall/action.Related +++ b/Shorewall/action.Related @@ -27,11 +27,11 @@ # Default action is DROP # ########################################################################################## -?FORMAT 2 +?format 2 DEFAULTS DROP -?BEGIN PERL; +?begin perl; use strict; use Shorewall::IPAddrs; @@ -47,4 +47,4 @@ if ( my $check = check_state( 'RELATED' ) ) { 1; -?END PERL; +?end perl; diff --git a/Shorewall/action.TCPFlags b/Shorewall/action.TCPFlags index 95f7d4432..8efd5da0a 100644 --- a/Shorewall/action.TCPFlags +++ b/Shorewall/action.TCPFlags @@ -9,11 +9,11 @@ # audit = Audit dropped packets. # ################################################################################# -?FORMAT 2 +?format 2 DEFAULTS - -?BEGIN PERL; +?begin perl; use strict; use Shorewall::Config qw(:DEFAULT F_IPV4 F_IPV6); use Shorewall::Chains; @@ -34,7 +34,7 @@ perl_action_tcp_helper( $action, '-p tcp --tcp-flags SYN,RST SYN,RST' ); perl_action_tcp_helper( $action, '-p tcp --tcp-flags SYN,FIN SYN,FIN' ); perl_action_tcp_helper( $action, '-p tcp --syn --sport 0' ); -?END PERL; +?end perl; diff --git a/Shorewall/action.Untracked b/Shorewall/action.Untracked index 41efd25ef..0f4162db0 100644 --- a/Shorewall/action.Untracked +++ b/Shorewall/action.Untracked @@ -27,11 +27,11 @@ # Default action is DROP # ########################################################################################## -?FORMAT 2 +?format 2 DEFAULTS DROP -?BEGIN PERL; +?begin perl; use Shorewall::IPAddrs; use Shorewall::Config; @@ -46,4 +46,4 @@ if ( my $check = check_state( 'UNTRACKED' ) ) { 1; -?END PERL; +?end perl; diff --git a/Shorewall/action.allowInvalid b/Shorewall/action.allowInvalid index d1cb1e512..1c828b1a4 100644 --- a/Shorewall/action.allowInvalid +++ b/Shorewall/action.allowInvalid @@ -25,11 +25,11 @@ # allowInvalid[([audit])] # ########################################################################################## -?FORMAT 2 +?format 2 DEFAULTS - -?BEGIN PERL; +?begin perl; use strict; use Shorewall::IPAddrs; @@ -50,4 +50,4 @@ perl_action_helper( "Invalid($action)", '' ); 1; -?END PERL; +?end perl; diff --git a/Shorewall/action.dropInvalid b/Shorewall/action.dropInvalid index b10161163..eca1f6f82 100644 --- a/Shorewall/action.dropInvalid +++ b/Shorewall/action.dropInvalid @@ -25,11 +25,11 @@ # dropInvalid[([audit])] # ########################################################################################## -?FORMAT 2 +?format 2 DEFAULTS - -?BEGIN PERL; +?begin perl; use strict; use Shorewall::IPAddrs; @@ -50,4 +50,4 @@ perl_action_helper( "Invalid($action)", '' ); 1; -?END PERL; +?end perl; diff --git a/Shorewall/action.template b/Shorewall/action.template index 2153f9b33..7708ff188 100644 --- a/Shorewall/action.template +++ b/Shorewall/action.template @@ -20,7 +20,7 @@ # ####################################################################################################### # DO NOT REMOVE THE FOLLOWING LINE -?FORMAT 2 +?format 2 ################################################################################################################################################################################################# #ACTION SOURCE DEST PROTO DEST SOURCE ORIGINAL RATE USER/ MARK CONNLIMIT TIME HEADERS SWITCH HELPER # PORT PORT(S) DEST LIMIT GROUP diff --git a/Shorewall6/action.A_AllowICMPs b/Shorewall6/action.A_AllowICMPs index 4784b4913..6091d6956 100644 --- a/Shorewall6/action.A_AllowICMPs +++ b/Shorewall6/action.A_AllowICMPs @@ -8,7 +8,7 @@ ############################################################################### #TARGET SOURCE DEST PROTO DEST # PORT(S) -?COMMENT Needed ICMP types (RFC4890) +?comment Needed ICMP types (RFC4890) A_ACCEPT - - ipv6-icmp destination-unreachable A_ACCEPT - - ipv6-icmp packet-too-big diff --git a/Shorewall6/action.AllowICMPs b/Shorewall6/action.AllowICMPs index 135ca0dfb..610059533 100644 --- a/Shorewall6/action.AllowICMPs +++ b/Shorewall6/action.AllowICMPs @@ -9,7 +9,7 @@ #TARGET SOURCE DEST PROTO DEST # PORT(S) -?FORMAT 2 +?format 2 DEFAULTS ACCEPT ?COMMENT Needed ICMP types (RFC4890) diff --git a/Shorewall6/action.Broadcast b/Shorewall6/action.Broadcast index dc96006de..bbbd14834 100644 --- a/Shorewall6/action.Broadcast +++ b/Shorewall6/action.Broadcast @@ -27,11 +27,11 @@ # Default action is DROP # ########################################################################################## -?FORMAT 2 +?format 2 DEFAULTS DROP,- -?BEGIN PERL; +?begin perl; use Shorewall::IPAddrs; use Shorewall::Config; @@ -68,4 +68,4 @@ add_jump $chainref, $target, 0, join( ' ', '-d', IPv6_MULTICAST . ' ' ); 1; -?END PERL; +?end perl; diff --git a/Shorewall6/action.Drop b/Shorewall6/action.Drop index 3bce62ac5..5e4b6e6d6 100644 --- a/Shorewall6/action.Drop +++ b/Shorewall6/action.Drop @@ -31,12 +31,12 @@ # IF YOU ARE HAVING CONNECTION PROBLEMS, CHANGING THIS FILE WON'T HELP!!!!!!!!! # ############################################################################### -?FORMAT 2 +?format 2 # # The following magic provides different defaults for $2 thru $5, when $1 is # 'audit'. # -?BEGIN PERL; +?begin perl; use Shorewall::Config; my ( $p1, $p2, $p3 , $p4, $p5 ) = get_action_params( 5 ); @@ -54,7 +54,7 @@ if ( defined $p1 ) { 1; -?END PERL; +?end perl; DEFAULTS -,REJECT,DROP,ACCEPT,DROP diff --git a/Shorewall6/action.Reject b/Shorewall6/action.Reject index 66a73860d..a55ddb466 100644 --- a/Shorewall6/action.Reject +++ b/Shorewall6/action.Reject @@ -27,12 +27,12 @@ # # IF YOU ARE HAVING CONNECTION PROBLEMS, CHANGING THIS FILE WON'T HELP!!!!!!!!! ############################################################################### -?FORMAT 2 +?format 2 # # The following magic provides different defaults for $2 thru $5, when $1 is # 'audit'. # -?BEGIN PERL; +?begin perl; use Shorewall::Config; my ( $p1, $p2, $p3 , $p4, $p5 ) = get_action_params( 5 ); @@ -50,7 +50,7 @@ if ( defined $p1 ) { 1; -?END PERL; +?end perl; DEFAULTS -,REJECT,REJECT,ACCEPT,DROP diff --git a/Shorewall6/action.template b/Shorewall6/action.template index 8f611bd7c..030532500 100644 --- a/Shorewall6/action.template +++ b/Shorewall6/action.template @@ -20,7 +20,7 @@ # ####################################################################################################### # DO NOT REMOVE THE FOLLOWING LINE -?FORMAT 2 +?format 2 ##################################################################################################################################################################################### #ACTION SOURCE DEST PROTO DEST SOURCE ORIGINAL RATE USER/ MARK CONNLIMIT TIME HEADERS SWITCH HELPER # PORT PORT(S) DEST LIMIT GROUP