extern/shorewall_code
1
0
Fork 1
mirror of https://gitlab.com/shorewall/code.git synced 2025-01-28 08:29:28 +01:00
Code Issues Packages Projects Releases Wiki Activity

Create $VARDIR/chains

Browse Source 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@5615 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
This commit is contained in:
teastep 2007-03-21 20:08:05 +00:00
parent 8ca5af9f5a
commit 7dbdee5573
2 changed files with 32 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

23
New/Shorewall/Rules.pm
View File

@ -37,10 +37,23 @@ use Shorewall::Proc;
use strict;
our @ISA = qw(Exporter);
our @EXPORT = qw( add_common_rules setup_mac_lists process_criticalhosts process_routestopped process_rules generate_matrix setup_mss );
our @EXPORT = qw( add_common_rules
setup_mac_lists
process_criticalhosts
process_routestopped
process_rules
generate_matrix
setup_mss
@rule_chains
);
our @EXPORT_OK = qw( process_rule process_rule1 );
our @VERSION = 1.00;
#
# Keep track of chains for the /var/lib/shorewall[-lite]/chains file
#
our @rule_chains;
#
# Set to one if we find a SECTION
#
@ -1265,6 +1278,12 @@ sub generate_matrix() {
insert_exclusions $dnat_ref, $exclusions if $dnat_ref->{referenced};
}
}
if ( $config{DYNAMIC_ZONES} ) {
push @rule_chains , [ $firewall_zone , $zone , $chain1 ];
push @rule_chains , [ $zone , $firewall_zone , $chain2 ];
}
#
# Take care of PREROUTING, INPUT and OUTPUT jumps
#
@ -1373,6 +1392,8 @@ sub generate_matrix() {
my $chain = rules_target $zone, $zone1;
next unless $chain;
push @rule_chains, [ $zone , $zone1 , $chain ] if $config{DYNAMIC_ZONES};
my $num_ifaces = 0;

10
New/compiler.pl
View File

@ -143,6 +143,8 @@ sub generate_script_1 {
emit '[ -n "$IPTABLES" -a -x "$IPTABLES" ] || startup_error "Can\'t find iptables executable"';
}
append_file 'params' if $config{EXPORTPARAMS};
emit '';
emit "STOPPING=";
emit "COMMENT=\n"; # Fixme -- eventually this goes but it's ok now to maintain compability with lib.base
@ -514,6 +516,14 @@ sub generate_script_3() {
emit_unindented '__EOF__';
emit 'cat > ${VARDIR}/chains << __EOF__';
for my $arrayref ( @rule_chains ) {
emit_unindented "@$arrayref";
}
emit_unindented '__EOF__';
pop_indent;
emit "}\n";