From 74a4d488404ce4ef578bf3fe167535bb567f9c85 Mon Sep 17 00:00:00 2001 From: Tom Eastep Date: Sat, 19 Dec 2009 15:38:12 -0800 Subject: [PATCH] Add Kernel Version to detected capabilities --- Shorewall/Perl/Shorewall/Config.pm | 27 ++++++++++++++++++++++++--- Shorewall/lib.base | 4 +++- 2 files changed, 27 insertions(+), 4 deletions(-) diff --git a/Shorewall/Perl/Shorewall/Config.pm b/Shorewall/Perl/Shorewall/Config.pm index 71686e3fa..da6cb750b 100644 --- a/Shorewall/Perl/Shorewall/Config.pm +++ b/Shorewall/Perl/Shorewall/Config.pm @@ -243,6 +243,7 @@ our %capdesc = ( NAT_ENABLED => 'NAT', PERSISTENT_SNAT => 'Persistent SNAT', OLD_HL_MATCH => 'Old Hash Limit Match', CAPVERSION => 'Capability Version', + KERNELVERSION => 'Kernel Version', ); # # Directories to search for configuration files @@ -328,7 +329,7 @@ sub initialize( $ ) { EXPORT => 0, UNTRACKED => 0, VERSION => "4.4.5.1", - CAPVERSION => 40402 , + CAPVERSION => 40406 , ); # @@ -1844,8 +1845,8 @@ sub check_trivalue( $$ ) { sub report_capability( $ ) { my $cap = $_[0]; print " $capdesc{$cap}: "; - if ( $cap eq 'CAPVERSION' ) { - my $version = $capabilities{CAPVERSION}; + if ( $cap eq 'CAPVERSION' || $cap eq 'KERNELVERSION') { + my $version = $capabilities{$cap}; printf "%d.%d.%d\n", int( $version / 10000 ) , int ( ( $version % 10000 ) / 100 ) , int ( $version % 100 ); } else { print $capabilities{$cap} ? "Available\n" : "Not Available\n"; @@ -1947,6 +1948,19 @@ sub qt1( $ ) { $? == 0; } +# +# Get the current kernel version +# +sub determine_kernelversion() { + my $kernelversion=`uname -r`; + + if ( $kernelversion =~ /^(\d+)\.(\d+).(\d+)/ ) { + $capabilities{KERNELVERSION} = sprintf "%d%02d%02d", $1 , $2 , $3; + } else { + fatal_error "Inrecognized Kernel Version Format ($kernelversion)"; + } +} + # # Determine which optional facilities are supported by iptables/netfilter # @@ -2106,6 +2120,8 @@ sub determine_capabilities( $ ) { qt1( "$iptables -X $sillyname1" ); $capabilities{CAPVERSION} = $globals{CAPVERSION}; + + determine_kernelversion; } # @@ -2221,6 +2237,11 @@ sub read_capabilities() { } else { warning_message "Your capabilities file may not contain all of the capabilities defined by $Product version $globals{VERSION}"; } + + unless ( $capabilities{KERNELVERSION} ) { + warning_message "Your capabilities file does not contain a Kernel Version -- using the local kernel's version"; + determine_kernelversion; + } } # diff --git a/Shorewall/lib.base b/Shorewall/lib.base index 80e54b1cf..11ab4d7ba 100644 --- a/Shorewall/lib.base +++ b/Shorewall/lib.base @@ -30,7 +30,7 @@ # SHOREWALL_LIBVERSION=40000 -SHOREWALL_CAPVERSION=40402 +SHOREWALL_CAPVERSION=40406 [ -n "${VARDIR:=/var/lib/shorewall}" ] [ -n "${SHAREDIR:=/usr/share/shorewall}" ] @@ -965,6 +965,7 @@ determine_capabilities() { qt $IPTABLES -X $chain1 CAPVERSION=$SHOREWALL_CAPVERSION + KERNELVERSION=$(printf "%d%02d%02d" $(uname -r 2> /dev/null | sed -e 's/-.*//' -e 's/^\([0-9][0-9]*\)\.\([0-9][0-9]*\)\.\([0-9][0-9]*\).*$/\1 \2 \3/g')) } report_capabilities() { @@ -1087,6 +1088,7 @@ report_capabilities1() { report_capability1 PERSISTENT_SNAT echo CAPVERSION=$SHOREWALL_CAPVERSION + echo KERNELVERSION=$KERNELVERSION } # Function to truncate a string -- It uses 'cut -b -'