mirror of
https://gitlab.com/shorewall/code.git
synced 2025-01-29 00:49:34 +01:00
Call user actions
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@5641 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
This commit is contained in:
teastep
parent
27a8fa3843
commit
8b6f2616d0
@ -36,7 +36,7 @@ our @EXPORT = qw( merge_levels
|
||||
split_action
|
||||
isolate_basic_target
|
||||
add_requiredby
|
||||
createlogactionchain
|
||||
createlogactionchain
|
||||
createactionchain
|
||||
find_logactionchain
|
||||
process_actions1
|
||||
@ -185,11 +185,21 @@ sub createlogactionchain( $$ ) {
|
||||
|
||||
$level = 'none' unless $level;
|
||||
|
||||
$logactionchains{"$action:$level"} = new_chain 'filter', '%' . $chain . $actionref->{actchain}++;
|
||||
$logactionchains{"$action:$level"} = $chainref = new_chain 'filter', '%' . $chain . $actionref->{actchain}++;
|
||||
|
||||
#
|
||||
# Fixme -- action file
|
||||
#
|
||||
unless ( $targets{$action} & STANDARD ) {
|
||||
my $file = find_file $chain;
|
||||
|
||||
if ( -f $file ) {
|
||||
progress_message "Processing $file...";
|
||||
|
||||
unless ( my $return = do $file ) {
|
||||
fatal_error "Couldn't parse $file: $@" if $@;
|
||||
fatal_error "Couldn't do $file: $!" unless defined $return;
|
||||
fatal_error "Couldn't run $file" unless $return;
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
#
|
||||
|
||||
@ -28,7 +28,7 @@ use warnings;
|
||||
use Shorewall::Common;
|
||||
|
||||
our @ISA = qw(Exporter);
|
||||
our @EXPORT = qw(find_file get_configuration report_capabilities propagateconfig append_file generate_aux_config %config %env %capabilities );
|
||||
our @EXPORT = qw(find_file get_configuration report_capabilities propagateconfig append_file run_user_exit generate_aux_config %config %env %capabilities );
|
||||
our @EXPORT_OK = ();
|
||||
our @VERSION = 1.00;
|
||||
|
||||
@ -525,6 +525,24 @@ sub append_file( $ ) {
|
||||
}
|
||||
}
|
||||
|
||||
#
|
||||
# Run a Perl extension script
|
||||
#
|
||||
sub run_user_exit( $ ) {
|
||||
my $chainref = $_[0];
|
||||
my $file = find_file $chainref->{name};
|
||||
|
||||
if ( -f $file ) {
|
||||
progress_message "Processing $file...";
|
||||
|
||||
unless (my $return = do $file) {
|
||||
fatal_error "Couldn't parse $file: $@" if $@;
|
||||
fatal_error "Couldn't do $file: $!" unless defined $return;
|
||||
fatal_error "Couldn't run $file" unless $return;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
sub generate_aux_config() {
|
||||
sub conditionally_add_option( $ ) {
|
||||
my $option = $_[0];
|
||||
|
||||
@ -302,6 +302,7 @@ sub apply_policy_rules() {
|
||||
}
|
||||
|
||||
if ( $name =~ /^all2|2all$/ ) {
|
||||
run_user_exit $chainref;
|
||||
policy_rules $chainref , $policy, $loglevel , $default;
|
||||
}
|
||||
|
||||
@ -311,7 +312,11 @@ sub apply_policy_rules() {
|
||||
for my $zone ( @zones ) {
|
||||
for my $zone1 ( @zones ) {
|
||||
my $chainref = $filter_table->{"${zone}2${zone1}"};
|
||||
default_policy $chainref, $zone, $zone1 if $chainref->{referenced};
|
||||
|
||||
if ( $chainref->{referenced} ) {
|
||||
run_user_exit $chainref;
|
||||
default_policy $chainref, $zone, $zone1;
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
@ -328,6 +333,8 @@ sub apply_policy_rules() {
|
||||
sub complete_standard_chain ( $$$ ) {
|
||||
my ( $stdchainref, $zone, $zone2 ) = @_;
|
||||
|
||||
run_user_exit $stdchainref;
|
||||
|
||||
my $ruleschainref = $filter_table->{"${zone}2${zone2}"};
|
||||
my ( $policy, $loglevel, $default ) = ( 'DROP', 'info', $config{DROP_DEFAULT} );
|
||||
my $policychainref;
|
||||
|
||||
Loading…
Reference in New Issue
Block a user