mirror of
https://gitlab.com/shorewall/code.git
synced 2025-05-29 22:18:48 +02:00
Bring Shorewall-perl up to 4.0
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@7127 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
This commit is contained in:
teastep
parent
0a78e4f0fd
commit
7e236b256b
@ -35,7 +35,7 @@ use strict;
|
|||||||
our @ISA = qw(Exporter);
|
our @ISA = qw(Exporter);
|
||||||
our @EXPORT = qw( setup_providers @routemarked_interfaces);
|
our @EXPORT = qw( setup_providers @routemarked_interfaces);
|
||||||
our @EXPORT_OK = qw( initialize );
|
our @EXPORT_OK = qw( initialize );
|
||||||
our $VERSION = 4.02;
|
our $VERSION = 4.03;
|
||||||
|
|
||||||
use constant { LOCAL_NUMBER => 255,
|
use constant { LOCAL_NUMBER => 255,
|
||||||
MAIN_NUMBER => 254,
|
MAIN_NUMBER => 254,
|
||||||
@ -68,10 +68,10 @@ sub initialize() {
|
|||||||
$balance = 0;
|
$balance = 0;
|
||||||
$first_default_route = 1;
|
$first_default_route = 1;
|
||||||
|
|
||||||
%providers = ( 'local' => { number => LOCAL_NUMBER , mark => 0 } ,
|
%providers = ( 'local' => { number => LOCAL_NUMBER , mark => 0 , optional => 0 } ,
|
||||||
main => { number => MAIN_NUMBER , mark => 0 } ,
|
main => { number => MAIN_NUMBER , mark => 0 , optional => 0 } ,
|
||||||
default => { number => DEFAULT_NUMBER , mark => 0 } ,
|
default => { number => DEFAULT_NUMBER , mark => 0 , optional => 0 } ,
|
||||||
unspec => { number => UNSPEC_NUMBER , mark => 0 } );
|
unspec => { number => UNSPEC_NUMBER , mark => 0 , optional => 0 } );
|
||||||
@providers = ();
|
@providers = ();
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -169,6 +169,8 @@ sub add_a_provider( $$$$$$$$ ) {
|
|||||||
fatal_error "Duplicate provider number ($number)" if $providerref->{number} == $number;
|
fatal_error "Duplicate provider number ($number)" if $providerref->{number} == $number;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
my $provider = chain_base $table;
|
||||||
|
|
||||||
emit "#\n# Add Provider $table ($number)\n#";
|
emit "#\n# Add Provider $table ($number)\n#";
|
||||||
|
|
||||||
emit "if interface_is_usable $interface; then";
|
emit "if interface_is_usable $interface; then";
|
||||||
@ -267,6 +269,8 @@ sub add_a_provider( $$$$$$$$ ) {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
$providers{$table}{optional} = $optional;
|
||||||
|
|
||||||
if ( $loose ) {
|
if ( $loose ) {
|
||||||
my $rulebase = 20000 + ( 256 * ( $number - 1 ) );
|
my $rulebase = 20000 + ( 256 * ( $number - 1 ) );
|
||||||
|
|
||||||
@ -288,11 +292,14 @@ sub add_a_provider( $$$$$$$$ ) {
|
|||||||
|
|
||||||
emit "\nprogress_message \" Provider $table ($number) Added\"\n";
|
emit "\nprogress_message \" Provider $table ($number) Added\"\n";
|
||||||
|
|
||||||
|
emit ( "${provider}_is_up=Yes" ) if $optional;
|
||||||
|
|
||||||
pop_indent;
|
pop_indent;
|
||||||
emit 'else';
|
emit 'else';
|
||||||
|
|
||||||
if ( $optional ) {
|
if ( $optional ) {
|
||||||
emit ( " error_message \"WARNING: Interface $interface is not configured -- Provider $table ($number) not Added\"" );
|
emit ( " error_message \"WARNING: Interface $interface is not configured -- Provider $table ($number) not Added\"",
|
||||||
|
" ${provider}_is_up=" );
|
||||||
} else {
|
} else {
|
||||||
emit( " fatal_error \"Interface $interface is not configured -- Provider $table ($number) Cannot be Added\"" );
|
emit( " fatal_error \"Interface $interface is not configured -- Provider $table ($number) Cannot be Added\"" );
|
||||||
}
|
}
|
||||||
@ -340,10 +347,17 @@ sub add_an_rtrule( $$$$ ) {
|
|||||||
|
|
||||||
$priority = "priority $priority";
|
$priority = "priority $priority";
|
||||||
|
|
||||||
emit ( "qt ip rule del $source $dest $priority",
|
emit ( "qt ip rule del $source $dest $priority" );
|
||||||
"run_ip rule add $source $dest $priority table $provider",
|
|
||||||
"echo \"qt ip rule del $source $dest $priority\" >> \${VARDIR}/undo_routing"
|
my ( $base, $optional, $number ) = ( chain_base( $provider ), $providers{$provider}{optional} , $providers{$provider}{number} );
|
||||||
);
|
|
||||||
|
emit ( '', "if [ -n \$${base}_is_up ]; then" ), push_indent if $optional;
|
||||||
|
|
||||||
|
emit ( "run_ip rule add $source $dest $priority table $number",
|
||||||
|
"echo \"qt ip rule del $source $dest $priority\" >> \${VARDIR}/undo_routing" );
|
||||||
|
|
||||||
|
pop_indent, emit ( "fi\n" ) if $optional;
|
||||||
|
|
||||||
progress_message " Routing rule \"$currentline\" $done";
|
progress_message " Routing rule \"$currentline\" $done";
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -364,12 +378,18 @@ sub setup_providers() {
|
|||||||
emit ( '#',
|
emit ( '#',
|
||||||
'# Undo any changes made since the last time that we [re]started -- this will not restore the default route',
|
'# Undo any changes made since the last time that we [re]started -- this will not restore the default route',
|
||||||
'#',
|
'#',
|
||||||
'undo_routing',
|
'undo_routing' );
|
||||||
'#',
|
|
||||||
'# Save current routing table database so that it can be restored later',
|
unless ( $config{KEEP_RT_TABLES} ) {
|
||||||
'#',
|
emit (
|
||||||
'cp /etc/iproute2/rt_tables ${VARDIR}/',
|
'#',
|
||||||
'#',
|
'# Save current routing table database so that it can be restored later',
|
||||||
|
'#',
|
||||||
|
'cp /etc/iproute2/rt_tables ${VARDIR}/' );
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
emit ( '#',
|
||||||
'# Capture the default route(s) if we don\'t have it (them) already.',
|
'# Capture the default route(s) if we don\'t have it (them) already.',
|
||||||
'#',
|
'#',
|
||||||
'[ -f ${VARDIR}/default_route ] || ip route list | grep -E \'^\s*(default |nexthop )\' > ${VARDIR}/default_route',
|
'[ -f ${VARDIR}/default_route ] || ip route list | grep -E \'^\s*(default |nexthop )\' > ${VARDIR}/default_route',
|
||||||
@ -412,34 +432,36 @@ sub setup_providers() {
|
|||||||
'restore_default_route' );
|
'restore_default_route' );
|
||||||
}
|
}
|
||||||
|
|
||||||
emit( 'if [ -w /etc/iproute2/rt_tables ]; then',
|
unless ( $config{KEEP_RT_TABLES} ) {
|
||||||
' cat > /etc/iproute2/rt_tables <<EOF' );
|
emit( 'if [ -w /etc/iproute2/rt_tables ]; then',
|
||||||
|
' cat > /etc/iproute2/rt_tables <<EOF' );
|
||||||
|
|
||||||
push_indent;
|
push_indent;
|
||||||
|
|
||||||
emit_unindented join( "\n",
|
emit_unindented join( "\n",
|
||||||
'#',
|
'#',
|
||||||
'# reserved values',
|
'# reserved values',
|
||||||
'#',
|
'#',
|
||||||
"255\tlocal",
|
"255\tlocal",
|
||||||
"254\tmain",
|
"254\tmain",
|
||||||
"253\tdefault",
|
"253\tdefault",
|
||||||
"0\tunspec",
|
"0\tunspec",
|
||||||
'#',
|
'#',
|
||||||
'# local',
|
'# local',
|
||||||
'#',
|
'#',
|
||||||
"EOF\n" );
|
"EOF\n" );
|
||||||
|
|
||||||
|
emit "echocommand=\$(find_echo)\n";
|
||||||
|
|
||||||
|
for my $table ( @providers ) {
|
||||||
|
emit "\$echocommand \"$providers{$table}{number}\\t$table\" >> /etc/iproute2/rt_tables";
|
||||||
|
}
|
||||||
|
|
||||||
emit "echocommand=\$(find_echo)\n";
|
pop_indent;
|
||||||
|
|
||||||
for my $table ( @providers ) {
|
emit "fi\n";
|
||||||
emit "\$echocommand \"$providers{$table}{number}\\t$table\" >> /etc/iproute2/rt_tables";
|
|
||||||
}
|
}
|
||||||
|
|
||||||
pop_indent;
|
|
||||||
|
|
||||||
emit "fi\n";
|
|
||||||
|
|
||||||
my $fn = open_file 'route_rules';
|
my $fn = open_file 'route_rules';
|
||||||
|
|
||||||
if ( $fn ) {
|
if ( $fn ) {
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user