From 92894a7482888708bc9421997fa1734dd0411b3c Mon Sep 17 00:00:00 2001 From: Tom Eastep Date: Wed, 15 Dec 2010 11:57:51 -0800 Subject: [PATCH] Step 1 of module re-org --- Shorewall/Perl/Shorewall/Actions.pm | 29 ++++++++-- .../Perl/Shorewall/{Rules.pm => Misc.pm} | 54 ++----------------- 2 files changed, 29 insertions(+), 54 deletions(-) rename Shorewall/Perl/Shorewall/{Rules.pm => Misc.pm} (98%) diff --git a/Shorewall/Perl/Shorewall/Actions.pm b/Shorewall/Perl/Shorewall/Actions.pm index 20604fb00..4e5f3a7b8 100644 --- a/Shorewall/Perl/Shorewall/Actions.pm +++ b/Shorewall/Perl/Shorewall/Actions.pm @@ -20,7 +20,8 @@ # along with this program; if not, write to the Free Software # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. # -# This module contains the mid-level processing code for the rules file. +# This module contains process_rule() and it's associated helpers for handling +# Actions and Macros. # package Shorewall::Actions; require Exporter; @@ -39,7 +40,7 @@ our @EXPORT = qw( process_actions2 process_actions3 - process_rule + process_ruleS isolate_basic_target get_target_param @@ -508,7 +509,8 @@ sub process_actions1() { my ($wholetarget, @rest ) = split_line1 1, 13, 'action file' , $rule_commands; # # When passed an action name in the first argument, process_rule_common() only - # deals with the target and the parameter. + # deals with the target and the parameter. We pass undef for the rest so we'll + # know if we try to use one of them. # process_rule_common( $action , $wholetarget , @@ -525,7 +527,7 @@ sub process_actions1() { undef, # connlimit undef, # time undef, # headers - 0 # wildcard + undef # wildcard ) unless $wholetarget eq 'FORMAT' || $wholetarget eq 'COMMENT'; } @@ -1617,4 +1619,23 @@ sub process_rule ( ) { progress_message qq( Rule "$thisline" $done); } +# +# Process the Rules File +# +sub process_rules() { + + my $fn = open_file 'rules'; + + if ( $fn ) { + + first_entry "$doing $fn..."; + + process_rule while read_a_line; + + clear_comment; + } + + $section = 'DONE'; +} + 1; diff --git a/Shorewall/Perl/Shorewall/Rules.pm b/Shorewall/Perl/Shorewall/Misc.pm similarity index 98% rename from Shorewall/Perl/Shorewall/Rules.pm rename to Shorewall/Perl/Shorewall/Misc.pm index 3d2c48b74..b0fa151bf 100644 --- a/Shorewall/Perl/Shorewall/Rules.pm +++ b/Shorewall/Perl/Shorewall/Misc.pm @@ -1,5 +1,5 @@ # -# Shorewall 4.4 -- /usr/share/shorewall/Shorewall/Rules.pm +# Shorewall 4.4 -- /usr/share/shorewall/Shorewall/Misc.pm # # This program is under GPL [http://www.gnu.org/licenses/old-licenses/gpl-2.0.txt] # @@ -20,9 +20,9 @@ # along with this program; if not, write to the Free Software # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. # -# This module contains the high-level code for dealing with rules. +# This module contains those routines that don't seem to fit well elsewhere. # -package Shorewall::Rules; +package Shorewall::Misc; require Exporter; use Shorewall::Config qw(:DEFAULT :internal); @@ -40,10 +40,9 @@ our @EXPORT = qw( process_tos setup_ecn add_common_rules setup_mac_lists - process_rules process_routestopped - generate_matrix compile_stop_firewall + generate_matrix ); our @EXPORT_OK = qw( initialize ); our $VERSION = '4.4_16'; @@ -874,51 +873,6 @@ sub setup_mac_lists( $ ) { } } -# -# Process the Rules File -# -sub process_rules() { - - my $fn = open_file 'rules'; - - if ( $fn ) { - - first_entry "$doing $fn..."; - - process_rule while read_a_line; - - clear_comment; - } - - $section = 'DONE'; -} - -# -# Helper functions for generate_matrix() -#----------------------------------------- -# -# Return the target for rules from $zone to $zone1. -# -sub rules_target( $$ ) { - my ( $zone, $zone1 ) = @_; - my $chain = rules_chain( ${zone}, ${zone1} ); - my $chainref = $filter_table->{$chain}; - - return $chain if $chainref && $chainref->{referenced}; - return 'ACCEPT' if $zone eq $zone1; - - assert( $chainref ); - - if ( $chainref->{policy} ne 'CONTINUE' ) { - my $policyref = $filter_table->{$chainref->{policychain}}; - assert( $policyref ); - return $policyref->{name} if $policyref ne $chainref; - return $chainref->{policy} eq 'REJECT' ? 'reject' : $chainref->{policy}; - } - - ''; # CONTINUE policy -} - # # Generate rules for one destination zone #