extern/shorewall_code
1
0
Fork 1
mirror of https://gitlab.com/shorewall/code.git synced 2025-06-21 10:18:58 +02:00
Code Issues Packages Projects Releases Wiki Activity

Replace keyword 'object' with 'script'

Browse Source
This commit is contained in:
Tom Eastep 2009-10-12 08:24:47 -07:00
parent fe3b8be029
commit 80f41779f8
3 changed files with 103 additions and 183 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
Shorewall/Perl/Shorewall/Compiler.pm
View File

@ -545,7 +545,8 @@ sub compiler {
defined($val) && ($val == F_IPV4 || $val == F_IPV6); defined($val) && ($val == F_IPV4 || $val == F_IPV6);
} }
my %parms = ( object => { store => \$scriptfilename }, my %parms = ( object => { store => \$scriptfilename }, #Deprecated
script => { store => \$scriptfilename },
directory => { store => \$directory }, directory => { store => \$directory },
family => { store => \$family , validate => \&validate_family } , family => { store => \$family , validate => \&validate_family } ,
verbosity => { store => \$verbosity , validate => \&validate_verbosity } , verbosity => { store => \$verbosity , validate => \&validate_verbosity } ,

4
Shorewall/Perl/compiler.pl
View File

@ -61,7 +61,7 @@ sub usage( $ ) {
[ --family={4|6} ] [ --family={4|6} ]
'; ';
$returnval; exit $returnval;
} }
# #
@ -105,7 +105,7 @@ my $result = GetOptions('h' => \$help,
usage(1) unless $result && @ARGV < 2; usage(1) unless $result && @ARGV < 2;
usage(0) if $help; usage(0) if $help;
compiler( object => defined $ARGV[0] ? $ARGV[0] : '', compiler( script => defined $ARGV[0] ? $ARGV[0] : '',
directory => $shorewall_dir, directory => $shorewall_dir,
verbosity => $verbose, verbosity => $verbose,
timestamp => $timestamp, timestamp => $timestamp,

279
docs/Shorewall-perl.xml
View File

@ -670,15 +670,15 @@ DNAT- net 192.168.1.3 tcp 21</programl
<section id="Modules"> <section id="Modules">
<title>The Shorewall Perl Modules</title> <title>The Shorewall Perl Modules</title>
<para>Shorewall's Perl modules are installed in <para>In Shorewall 4.4 and later, Shorewall's Perl modules are installed
/usr/share/shorewall-perl/Shorewall and the names of the packages are of in /usr/share/shorewall/Shorewall and the names of the packages are of the
the form Shorewall::<firstterm>name</firstterm>. So by using this form Shorewall::<firstterm>name</firstterm>. So by using this
directive<programlisting>use lib '/usr/share/shorewall-perl';</programlisting></para> directive<programlisting>use lib '/usr/share/shorewall';</programlisting></para>
<para>You can then load the modules via normal Perl use statements.</para> <para>You can then load the modules via normal Perl use statements.</para>
<section id="compiler.pl"> <section id="compiler.pl">
<title>/usr/share/shorewall-perl/compiler.pl</title> <title>/usr/share/shorewall/compiler.pl</title>
<para>While the compiler is normally run indirectly using <para>While the compiler is normally run indirectly using
/sbin/shorewall, it can be run directly as well.<programlisting><command>compiler.pl</command> [ <emphasis>option</emphasis> ... ] [ <emphasis>filename</emphasis> ]</programlisting></para> /sbin/shorewall, it can be run directly as well.<programlisting><command>compiler.pl</command> [ <emphasis>option</emphasis> ... ] [ <emphasis>filename</emphasis> ]</programlisting></para>
@ -734,25 +734,25 @@ DNAT- net 192.168.1.3 tcp 21</programl
role="bold">--log</emphasis>=&lt;logfile&gt;</member> role="bold">--log</emphasis>=&lt;logfile&gt;</member>
</simplelist></para> </simplelist></para>
<para>Added in Shorewall 4.2. If given, compiler will log to this file <para>If given, compiler will log to this file provider that
provider that --log_verbosity is &gt; -1.<simplelist> --log_verbosity is &gt; -1.<simplelist>
<member><emphasis <member><emphasis
role="bold">--log_verbosity</emphasis>=-1|0|1|2</member> role="bold">--log_verbosity</emphasis>=-1|0|1|2</member>
</simplelist></para> </simplelist></para>
<para>Added in Shorewall 4.1. If given, controls the verbosity of <para>If given, controls the verbosity of logging to the log specified
logging to the log specified by the --log parameter.</para> by the --log parameter.</para>
<simplelist> <simplelist>
<member><emphasis role="bold">--family=</emphasis>4|6</member> <member><emphasis role="bold">--family=</emphasis>4|6</member>
</simplelist> </simplelist>
<para>Added in Shorewall 4.2.4. Specifies whether an IPv4 or an IPv6 <para>Specifies whether an IPv4 or an IPv6 firewall is to be
firewall is to be created.</para> created.</para>
<para>Example (compiles the configuration in the current directory <para>Example (compiles the configuration in the current directory
generating a script named 'firewall' and using VERBOSITY generating a script named 'firewall' and using VERBOSITY
2).<programlisting><emphasis role="bold">/usr/share/shorewall-perl/compiler.pl -v 2 -d . firewall</emphasis></programlisting><note> 2).<programlisting><emphasis role="bold">/usr/share/shorewall/compiler.pl -v 2 -d . firewall</emphasis></programlisting><note>
<para>The Perl-based compiler does not process <para>The Perl-based compiler does not process
<filename>/etc/shorewall/params</filename>. To include definitions <filename>/etc/shorewall/params</filename>. To include definitions
in that file, you would need to do something like the in that file, you would need to do something like the
@ -760,216 +760,135 @@ DNAT- net 192.168.1.3 tcp 21</programl
set -a # Export all variables set in /etc/shorewall/params set -a # Export all variables set in /etc/shorewall/params
. /etc/shorewall/params . /etc/shorewall/params
set +a set +a
/usr/share/shorewall-perl/compiler.pl ...</command></programlisting></para> /usr/share/compiler.pl ...</command></programlisting></para>
</note></para> </note></para>
</section> </section>
<section id="Compiler"> <section id="Compiler">
<title>Shorewall::Compiler</title> <title>Shorewall::Compiler</title>
<section id="Compiler-4.0"> <para>To avoid a proliferation of parameters to
<title>Shorewall 4.0</title> Shorewall::Compiler::compile(), that function uses named parameters.
Parameter names are:</para>
<para><programlisting> use lib '/usr/share/shorewall-perl'; <variablelist>
use Shorewall::Compiler; <varlistentry>
<term>script ('object' is also accepted but deprecated)</term>
compiler $filename, $directory, $verbose, $options $chains</programlisting>Arguments <listitem>
to the compiler are:</para> <para>Output script file. If omitted or '', the configuration is
syntax checked.</para>
</listitem>
</varlistentry>
<variablelist> <varlistentry>
<varlistentry> <term>directory</term>
<term>$filename</term>
<listitem> <listitem>
<para>Name of the compiled script to be created. If the <para>Directory. If omitted or '', configuration files are located
arguments evaluates to false, the configuration is syntax using CONFIG_PATH. Otherwise, the directory named by this
checked.</para> parameter is searched first.</para>
</listitem> </listitem>
</varlistentry> </varlistentry>
<varlistentry> <varlistentry>
<term>$directory</term> <term>verbosity</term>
<listitem> <listitem>
<para>The directory containing the configuration. If passed as <para>Verbosity; range -1 to 2</para>
'', then <filename class="directory">/etc/shorewall/</filename> </listitem>
is assumed.</para> </varlistentry>
</listitem>
</varlistentry>
<varlistentry> <varlistentry>
<term>$verbose</term> <term>timestamp</term>
<listitem> <listitem>
<para>The verbosity level that the compiler will run with <para>0|1 -- timestamp messages.</para>
(0-2).<note> </listitem>
<para>The VERBOSITY setting in the </varlistentry>
<filename>shorewall.conf</filename> file read by the
compiler will determine the default verbosity for the
compiled program.</para>
</note></para>
</listitem>
</varlistentry>
<varlistentry> <varlistentry>
<term>$options</term> <term>debug</term>
<listitem> <listitem>
<para>A bitmap of options. Shorewall::Compiler exports three <para>0|1 -- include stack trace in warning/error messages.</para>
constants to help building this argument:<simplelist> </listitem>
<member>EXPORT = 0x01</member> </varlistentry>
<member>TIMESTAMP = 0x02</member> <varlistentry>
<term>export</term>
<member>DEBUG = 0x04</member> <listitem>
</simplelist></para> <para>0|1 -- compile for export.</para>
</listitem> </listitem>
</varlistentry> </varlistentry>
<varlistentry> <varlistentry>
<term>$chains</term> <term>chains</term>
<listitem> <listitem>
<para>A comma-separated list of chains that the generated <para>List of chains to be reloaded by 'refresh'</para>
script's 'refresh' command will reload. If passed as an empty </listitem>
string, then 'blacklist' is assumed.</para> </varlistentry>
</listitem>
</varlistentry>
</variablelist>
<para>The compiler raises an exception with 'die' if it encounters an <varlistentry>
error; $@ contains the 'ERROR' messages describing the problem. The <term>log</term>
compiler function can be called repeatedly with different
inputs.</para>
</section>
<section> <listitem>
<title>Shorewall 4.2 and Later</title> <para>File to log compiler messages to.</para>
</listitem>
</varlistentry>
<para>To avoid a proliferation of parameters to <varlistentry>
Shorewall::Compiler::compile(), that function has been changed to use <term>log_verbosity</term>
named parameters. Parameter names are:</para>
<variablelist> <listitem>
<varlistentry> <para>Log Verbosity; range -1 to 2.</para>
<term>object</term> </listitem>
</varlistentry>
<listitem> <varlistentry>
<para>Object file. If omitted or '', the configuration is syntax <term>family</term>
checked.</para>
</listitem>
</varlistentry>
<varlistentry> <listitem>
<term>directory</term> <para>Address family: 4 or 6</para>
</listitem>
</varlistentry>
</variablelist>
<listitem> <para>Those parameters that are supplied must have defined values.
<para>Directory. If omitted or '', configuration files are Defaults are: <simplelist>
located using CONFIG_PATH. Otherwise, the directory named by <member>script '' ('check' command)</member>
this parameter is searched first.</para>
</listitem>
</varlistentry>
<varlistentry> <member>directory ''</member>
<term>verbosity</term>
<listitem> <member>verbosity 1</member>
<para>Verbosity; range -1 to 2</para>
</listitem>
</varlistentry>
<varlistentry> <member>timestamp 0</member>
<term>timestamp</term>
<listitem> <member>debug 0</member>
<para>0|1 -- timestamp messages.</para>
</listitem>
</varlistentry>
<varlistentry> <member>export 0</member>
<term>debug</term>
<listitem> <member>chains ''</member>
<para>0|1 -- include stack trace in warning/error
messages.</para>
</listitem>
</varlistentry>
<varlistentry> <member>log ''</member>
<term>export</term>
<listitem> <member>log_verbosity -1</member>
<para>0|1 -- compile for export.</para>
</listitem>
</varlistentry>
<varlistentry> <member>family 4</member>
<term>chains</term> </simplelist></para>
<listitem> <para>Example: <programlisting>use lib '/usr/share/shorewall/';
<para>List of chains to be reloaded by 'refresh'</para>
</listitem>
</varlistentry>
<varlistentry>
<term>log</term>
<listitem>
<para>File to log compiler messages to.</para>
</listitem>
</varlistentry>
<varlistentry>
<term>log_verbosity</term>
<listitem>
<para>Log Verbosity; range -1 to 2.</para>
</listitem>
</varlistentry>
<varlistentry>
<term>family</term>
<listitem>
<para>Address family: 4 or 6</para>
</listitem>
</varlistentry>
</variablelist>
<para>Those parameters that are supplied must have defined values.
Defaults are: <simplelist>
<member>object '' ('check' command)</member>
<member>directory ''</member>
<member>verbosity 1</member>
<member>timestamp 0</member>
<member>debug 0</member>
<member>export 0</member>
<member>chains ''</member>
<member>log ''</member>
<member>log_verbosity -1</member>
<member>family 4</member>
</simplelist></para>
<para>Example: <programlisting>use lib '/usr/share/shorewall-perl/';
use Shorewall::Compiler; use Shorewall::Compiler;
compiler( object =&gt; '/root/firewall', log =&gt; '/root/compile.log', log_verbosity =&gt; 2 ); </programlisting></para> compiler( script =&gt; '/root/firewall', log =&gt; '/root/compile.log', log_verbosity =&gt; 2 ); </programlisting></para>
</section>
</section> </section>
<section id="Chains"> <section id="Chains">
<title>Shorewall::Chains</title> <title>Shorewall::Chains</title>
<para><programlisting>use lib '/usr/share/shorewall-perl'; <para><programlisting>use lib '/usr/share/shorewall';
use Shorewall::Chains; use Shorewall::Chains;
my $chainref1 = chain_new $table, $name1; my $chainref1 = chain_new $table, $name1;
@ -1208,7 +1127,7 @@ my $chainref7 = $filter_table{$name};</programlisting>Shorewall::Chains is
<section id="Config"> <section id="Config">
<title>Shorewall::Config</title> <title>Shorewall::Config</title>
<para><programlisting>use lib '/usr/share/shorewall-perl'; <para><programlisting>use lib '/usr/share/shorewall';
use Shorewall::Config; use Shorewall::Config;
warning message "This entry is bogus"; warning message "This entry is bogus";
@ -1218,7 +1137,7 @@ progress_message "This will only be seen if VERBOSITY &gt;= 2";
progress_message2 "This will only be seen if VERBOSITY &gt;= 1"; progress_message2 "This will only be seen if VERBOSITY &gt;= 1";
progress_message3 "This will be seen unless VERBOSITY &lt; 0"; progress_message3 "This will be seen unless VERBOSITY &lt; 0";
</programlisting>The <emphasis role="bold">shorewall()</emphasis> function may </programlisting>The <emphasis role="bold">shorewall()</emphasis> function may
be optionally included:<programlisting>use lib '/usr/share/shorewall-perl'; be optionally included:<programlisting>use lib '/usr/share/shorewall';
use Shorewall::Config qw/shorewall/; use Shorewall::Config qw/shorewall/;
shorewall $config_file_entry;</programlisting>The Shorewall::Config module shorewall $config_file_entry;</programlisting>The Shorewall::Config module