extern/shorewall_code
1
0
Fork 1
mirror of https://gitlab.com/shorewall/code.git synced 2024-11-29 11:04:03 +01:00
Code Issues Packages Projects Releases Wiki Activity

Convert Providers.pm to use the new rules interface.

Browse Source 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
This commit is contained in:
Tom Eastep 2011-07-18 07:43:25 -07:00
parent 3c60f107b7
commit 7aa7cd54c2
1 changed files with 7 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
Shorewall/Perl/Shorewall/Providers.pm
View File

@ -100,7 +100,7 @@ sub setup_route_marking() {
require_capability( $_ , q(The provider 'track' option) , 's' ) for qw/CONNMARK_MATCH CONNMARK/; require_capability( $_ , q(The provider 'track' option) , 's' ) for qw/CONNMARK_MATCH CONNMARK/;
add_rule $mangle_table->{$_} , "-m connmark ! --mark 0/$mask -j CONNMARK --restore-mark --mask $mask" for qw/PREROUTING OUTPUT/; add_irule $mangle_table->{$_} , j => "CONNMARK --restore-mark --mask $mask", connmark => "! --mark 0/$mask" for qw/PREROUTING OUTPUT/;
my $chainref = new_chain 'mangle', 'routemark'; my $chainref = new_chain 'mangle', 'routemark';
my $chainref1 = new_chain 'mangle', 'setsticky'; my $chainref1 = new_chain 'mangle', 'setsticky';
@ -114,22 +114,22 @@ sub setup_route_marking() {
my $mark = $providerref->{mark}; my $mark = $providerref->{mark};
unless ( $marked_interfaces{$interface} ) { unless ( $marked_interfaces{$interface} ) {
add_jump $mangle_table->{PREROUTING} , $chainref, 0, "-i $physical -m mark --mark 0/$mask "; add_ijump $mangle_table->{PREROUTING} , j => $chainref, i => $physical, mark => "--mark 0/$mask";
add_jump $mangle_table->{PREROUTING} , $chainref1, 0, "! -i $physical -m mark --mark $mark/$mask "; add_ijump $mangle_table->{PREROUTING} , j => $chainref1, i => "! $physical", mark => "--mark $mark/$mask";
add_jump $mangle_table->{OUTPUT} , $chainref2, 0, "-m mark --mark $mark/$mask "; add_ijump $mangle_table->{OUTPUT} , j => $chainref2, mark => "--mark $mark/$mask";
$marked_interfaces{$interface} = 1; $marked_interfaces{$interface} = 1;
} }
if ( $providerref->{shared} ) { if ( $providerref->{shared} ) {
add_commands( $chainref, qq(if [ -n "$providerref->{mac}" ]; then) ), incr_cmd_level( $chainref ) if $providerref->{optional}; add_commands( $chainref, qq(if [ -n "$providerref->{mac}" ]; then) ), incr_cmd_level( $chainref ) if $providerref->{optional};
add_rule $chainref, match_source_dev( $interface ) . "-m mac --mac-source $providerref->{mac} -j MARK --set-mark $providerref->{mark}"; add_irule $chainref, j => "MARK --set-mark $providerref->{mark}", imatch_source_dev( $interface ), mac => "--mac-source $providerref->{mac}";
decr_cmd_level( $chainref ), add_commands( $chainref, "fi\n" ) if $providerref->{optional}; decr_cmd_level( $chainref ), add_commands( $chainref, "fi\n" ) if $providerref->{optional};
} else { } else {
add_rule $chainref, match_source_dev( $interface ) . "-j MARK --set-mark $providerref->{mark}"; add_irule $chainref, j => "MARK --set-mark $providerref->{mark}", imatch_source_dev( $interface );
} }
} }
add_rule $chainref, "-m mark ! --mark 0/$mask -j CONNMARK --save-mark --mask $mask"; add_irule $chainref, j => "CONNMARK --save-mark --mask $mask", mark => "! --mark 0/$mask";
} }
sub copy_table( $$$ ) { sub copy_table( $$$ ) {