From 82a74d7534d7d3910610b5920f7c0bea85c97741 Mon Sep 17 00:00:00 2001 From: Tom Eastep Date: Fri, 4 Jun 2010 08:46:29 -0700 Subject: [PATCH] Resolve Optional/Required interfaces with wildcard names Optional is allowed Required is not Signed-off-by: Tom Eastep --- Shorewall/Perl/Shorewall/Providers.pm | 2 +- Shorewall/Perl/Shorewall/Zones.pm | 28 +++++++++++++++++++++++---- Shorewall/changelog.txt | 2 +- Shorewall/releasenotes.txt | 2 +- 4 files changed, 27 insertions(+), 7 deletions(-) diff --git a/Shorewall/Perl/Shorewall/Providers.pm b/Shorewall/Perl/Shorewall/Providers.pm index abd637179..cc6d73396 100644 --- a/Shorewall/Perl/Shorewall/Providers.pm +++ b/Shorewall/Perl/Shorewall/Providers.pm @@ -845,7 +845,7 @@ sub handle_optional_interfaces() { my $returnvalue = verify_required_interfaces; - my $interfaces = find_interfaces_by_option 'optional'; + my $interfaces = find_interfaces_by_option1 'optional'; if ( @$interfaces ) { for my $interface ( @$interfaces ) { diff --git a/Shorewall/Perl/Shorewall/Zones.pm b/Shorewall/Perl/Shorewall/Zones.pm index 47ea6d1ee..481799d77 100644 --- a/Shorewall/Perl/Shorewall/Zones.pm +++ b/Shorewall/Perl/Shorewall/Zones.pm @@ -67,6 +67,7 @@ our @EXPORT = qw( NOTHING source_port_to_bridge interface_is_optional find_interfaces_by_option + find_interfaces_by_option1 get_interface_option set_interface_option verify_required_interfaces @@ -937,10 +938,10 @@ sub process_interface( $$ ) { $hostoptions{routeback} = $options{routeback} = 1; } - fatal_error "Optional and Required interfaces may not have wildcard names" if ( $wildcard || $physical =~ /\+/ ) && ( $options{optional} || $options{required} ); - $hostoptions{routeback} = $options{routeback} = is_a_bridge( $physical ) unless $export || $options{routeback}; + fatal_error "Required Interfaces may not have wildcard names ($physical)" if $options{required} && $physical =~ /\+/; + $hostoptionsref = \%hostoptions; } else { # @@ -1163,6 +1164,27 @@ sub find_interfaces_by_option( $ ) { \@ints; } +# +# Returns reference to array of interfaces with the passed option +# +sub find_interfaces_by_option1( $ ) { + my $option = $_[0]; + my @ints = (); + + for my $interface ( keys %interfaces ) { + my $interfaceref = $interfaces{$interface}; + + next if $interfaceref->{physical} =~ /\+/; + + my $optionsref = $interfaceref->{options}; + if ( $optionsref && defined $optionsref->{$option} ) { + push @ints , $interface + } + } + + \@ints; +} + # # Return the value of an option for an interface # @@ -1303,8 +1325,6 @@ sub compile_updown() { if ( @$required ) { my $interfaces = join '|', map $interfaces{$_}->{physical}, @$required; - $interfaces =~ s/\+/*/; - emit( "$interfaces)", ' if [ "$COMMAND" = up ]; then', ' COMMAND=start', diff --git a/Shorewall/changelog.txt b/Shorewall/changelog.txt index dbef932fd..f4180ac6f 100644 --- a/Shorewall/changelog.txt +++ b/Shorewall/changelog.txt @@ -14,7 +14,7 @@ Changes in Shorewall 4.4.10 7) Rename PREFIX to DESTDIR in install scripts -8) Optional/required interfaces with wildcard names disallowed. +8) Correct handling of optional/required interfaces with wildcard names. Changes in Shorewall 4.4.9 diff --git a/Shorewall/releasenotes.txt b/Shorewall/releasenotes.txt index 4bc9f24d9..7b30c241f 100644 --- a/Shorewall/releasenotes.txt +++ b/Shorewall/releasenotes.txt @@ -261,7 +261,7 @@ I I I. P R O B L E M S C O R R E C T E D I N T H I S R E L E A S E The XYZTEL provider was never usable. - This configuration now generates a compile-time error. + This configuration now works correctly. ---------------------------------------------------------------------------- I V. K N O W N P R O B L E M S R E M A I N I N G