From be1765f44d41270657c8e48c501d8dbfc703c78a Mon Sep 17 00:00:00 2001 From: Tom Eastep Date: Wed, 14 Sep 2011 08:25:47 -0700 Subject: [PATCH 1/3] Don't emit 'enable' code for required providers Signed-off-by: Tom Eastep --- Shorewall/Perl/Shorewall/Providers.pm | 68 +++++++++++++-------------- 1 file changed, 33 insertions(+), 35 deletions(-) diff --git a/Shorewall/Perl/Shorewall/Providers.pm b/Shorewall/Perl/Shorewall/Providers.pm index eaa5694b2..155067cee 100644 --- a/Shorewall/Perl/Shorewall/Providers.pm +++ b/Shorewall/Perl/Shorewall/Providers.pm @@ -615,46 +615,44 @@ sub add_a_provider( $$ ) { emit $_ for @{$providers{$table}->{routes}}; } - emit( '', - 'if [ $COMMAND = enable ]; then' - ); + emit( '' ); - push_indent; - - my ( $tbl, $weight ); - - if ( $balance || $default ) { - $tbl = $default || $config{USE_DEFAULT_RT} ? DEFAULT_TABLE : MAIN_TABLE; - $weight = $balance ? $balance : $default; - - if ( $gateway ) { - emit qq(add_gateway "nexthop via $gateway dev $physical weight $weight $realm" ) . $tbl; - } else { - emit qq(add_gateway "nexthop dev $physical weight $weight $realm" ) . $tbl; - } - - } else { - $weight = 1; - } - - emit( "setup_${dev}_tc" ) if $tcdevices->{$interface}; - - emit ( qq(progress_message2 " Provider $table ($number) Started") ); - - pop_indent; - - emit( 'else' ); + my ( $tbl, $weight ); if ( $optional ) { - emit " echo $weight > \${VARDIR}/${physical}_weight"; + emit( 'if [ $COMMAND = enable ]; then' ); + + push_indent; + + if ( $balance || $default ) { + $tbl = $default || $config{USE_DEFAULT_RT} ? DEFAULT_TABLE : MAIN_TABLE; + $weight = $balance ? $balance : $default; + + if ( $gateway ) { + emit qq(add_gateway "nexthop via $gateway dev $physical weight $weight $realm" ) . $tbl; + } else { + emit qq(add_gateway "nexthop dev $physical weight $weight $realm" ) . $tbl; + } + + } else { + $weight = 1; + } + + emit( "setup_${dev}_tc" ) if $tcdevices->{$interface}; + + emit ( qq(progress_message2 " Provider $table ($number) Started") ); + + pop_indent; + + emit( 'else' , + qq( echo $weight > \${VARDIR}/${physical}_weight) , + qq( progress_message " Provider $table ($number) Started"), + qq(fi\n) + ); } else { - emit " rm -f \${VARDIR}/${physical}_weight"; + emit( qq(progress_message "Provider $table ($number) Started") ); } - - emit( " progress_message " Provider $table ($number) Started"", - "fi\n" - ); - + pop_indent; emit 'else'; From 551f93762d133c7f50da2b5e1e40054f86495a93 Mon Sep 17 00:00:00 2001 From: Tom Eastep Date: Wed, 14 Sep 2011 13:37:55 -0700 Subject: [PATCH 2/3] Correct two typos in the Proxy ARP doc Signed-off-by: Tom Eastep --- docs/ProxyARP.xml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/docs/ProxyARP.xml b/docs/ProxyARP.xml index fdafc17f5..38fc2ac8a 100644 --- a/docs/ProxyARP.xml +++ b/docs/ProxyARP.xml @@ -305,7 +305,7 @@ shorewall start IPv6 - Proxy NDP The IPv6 analog of Proxy ARP is Proxy NDP (Neighbor Discovery - Protocol). Begiinning with Shorewall 4.4.16, Shorewall6 supports Proxy NDP + Protocol). Beginning with Shorewall 4.4.16, Shorewall6 supports Proxy NDP in a manner similar to Proxy ARP support in Shorewall: @@ -328,8 +328,8 @@ shorewall start discoverey requests for IPv6 addresses configured on the interface receiving the request. So if eth0 has address 2001:470:b:227::44/128 and eth1 has address 2001:470:b:227::1/64 then in order for eth1 to respond to - neighbor discovery requests for 2001:470:b:227::44, the following entry in - /etc/shorewall6/proxyndp is required: + neighbor discoverey requests for 2001:470:b:227::44, the following entry + in /etc/shorewall6/proxyndp is required: #ADDRESS INTERFACE EXTERNAL HAVEROUTE PERSISTENT 2001:470:b:227::44 - eth1 Yes From 76fc55d750c08e64355745c907b0ffd2f2e48b98 Mon Sep 17 00:00:00 2001 From: Tom Eastep Date: Fri, 16 Sep 2011 06:50:34 -0700 Subject: [PATCH 3/3] Fix TC_ENABLED=Shared Signed-off-by: Tom Eastep --- Shorewall/Perl/Shorewall/Tc.pm | 53 +++++++++++++++++----------------- 1 file changed, 27 insertions(+), 26 deletions(-) diff --git a/Shorewall/Perl/Shorewall/Tc.pm b/Shorewall/Perl/Shorewall/Tc.pm index d80ef17f9..84b589fd3 100644 --- a/Shorewall/Perl/Shorewall/Tc.pm +++ b/Shorewall/Perl/Shorewall/Tc.pm @@ -1456,18 +1456,18 @@ sub process_traffic_shaping() { $device = physical_name $device; - my $dev = chain_base( $device ); - - emit( '', - '#', - "# Configure Traffic Shaping for $device", - '#', - "setup_${dev}_tc() {" ); - - push_indent; - unless ( $config{TC_ENABLED} eq 'Shared' ) { + my $dev = chain_base( $device ); + + emit( '', + '#', + "# Configure Traffic Shaping for $device", + '#', + "setup_${dev}_tc() {" ); + + push_indent; + emit "if interface_is_up $device; then"; push_indent; @@ -1589,25 +1589,25 @@ sub process_traffic_shaping() { emit ''; } - } - emit ''; + emit ''; - emit "$_" for @{$devref->{filters}}; + emit "$_" for @{$devref->{filters}}; - save_progress_message_short qq(" TC Device $device defined."); + save_progress_message_short qq(" TC Device $device defined."); - pop_indent; - emit 'else'; - push_indent; + pop_indent; + emit 'else'; + push_indent; - emit qq(error_message "WARNING: Device $device is not in the UP state -- traffic-shaping configuration skipped"); - emit "${dev}_exists="; - pop_indent; - emit "fi\n"; + emit qq(error_message "WARNING: Device $device is not in the UP state -- traffic-shaping configuration skipped"); + emit "${dev}_exists="; + pop_indent; + emit "fi\n"; - pop_indent; - emit "}\n"; + pop_indent; + emit "}\n"; + } } } @@ -1625,7 +1625,9 @@ sub process_tc() { # it can call the appropriate 'setup_x_tc" function when the device is # enabled. - \%tcdevices; + my %empty; + + $config{TC_ENABLED} eq 'Shared' ? \%empty : \%tcdevices; } # @@ -1640,7 +1642,6 @@ sub setup_traffic_shaping() { emit "setup_${dev}_tc"; } - } # @@ -1756,7 +1757,7 @@ sub setup_tc() { append_file $globals{TC_SCRIPT}; } else { process_tcpri if $config{TC_ENABLED} eq 'Simple'; - setup_traffic_shaping; + setup_traffic_shaping unless $config{TC_ENABLED} eq 'Shared'; } if ( $config{TC_ENABLED} ) {