mirror of
https://gitlab.com/shorewall/code.git
synced 2025-01-12 08:38:14 +01:00
Step 1 of module re-org
This commit is contained in:
parent
9db42bf3da
commit
92894a7482
@ -20,7 +20,8 @@
|
||||
# along with this program; if not, write to the Free Software
|
||||
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
|
||||
#
|
||||
# This module contains the mid-level processing code for the rules file.
|
||||
# This module contains process_rule() and it's associated helpers for handling
|
||||
# Actions and Macros.
|
||||
#
|
||||
package Shorewall::Actions;
|
||||
require Exporter;
|
||||
@ -39,7 +40,7 @@ our @EXPORT = qw(
|
||||
process_actions2
|
||||
process_actions3
|
||||
|
||||
process_rule
|
||||
process_ruleS
|
||||
|
||||
isolate_basic_target
|
||||
get_target_param
|
||||
@ -508,7 +509,8 @@ sub process_actions1() {
|
||||
my ($wholetarget, @rest ) = split_line1 1, 13, 'action file' , $rule_commands;
|
||||
#
|
||||
# When passed an action name in the first argument, process_rule_common() only
|
||||
# deals with the target and the parameter.
|
||||
# deals with the target and the parameter. We pass undef for the rest so we'll
|
||||
# know if we try to use one of them.
|
||||
#
|
||||
process_rule_common( $action ,
|
||||
$wholetarget ,
|
||||
@ -525,7 +527,7 @@ sub process_actions1() {
|
||||
undef, # connlimit
|
||||
undef, # time
|
||||
undef, # headers
|
||||
0 # wildcard
|
||||
undef # wildcard
|
||||
) unless $wholetarget eq 'FORMAT' || $wholetarget eq 'COMMENT';
|
||||
}
|
||||
|
||||
@ -1617,4 +1619,23 @@ sub process_rule ( ) {
|
||||
progress_message qq( Rule "$thisline" $done);
|
||||
}
|
||||
|
||||
#
|
||||
# Process the Rules File
|
||||
#
|
||||
sub process_rules() {
|
||||
|
||||
my $fn = open_file 'rules';
|
||||
|
||||
if ( $fn ) {
|
||||
|
||||
first_entry "$doing $fn...";
|
||||
|
||||
process_rule while read_a_line;
|
||||
|
||||
clear_comment;
|
||||
}
|
||||
|
||||
$section = 'DONE';
|
||||
}
|
||||
|
||||
1;
|
||||
|
@ -1,5 +1,5 @@
|
||||
#
|
||||
# Shorewall 4.4 -- /usr/share/shorewall/Shorewall/Rules.pm
|
||||
# Shorewall 4.4 -- /usr/share/shorewall/Shorewall/Misc.pm
|
||||
#
|
||||
# This program is under GPL [http://www.gnu.org/licenses/old-licenses/gpl-2.0.txt]
|
||||
#
|
||||
@ -20,9 +20,9 @@
|
||||
# along with this program; if not, write to the Free Software
|
||||
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
|
||||
#
|
||||
# This module contains the high-level code for dealing with rules.
|
||||
# This module contains those routines that don't seem to fit well elsewhere.
|
||||
#
|
||||
package Shorewall::Rules;
|
||||
package Shorewall::Misc;
|
||||
require Exporter;
|
||||
|
||||
use Shorewall::Config qw(:DEFAULT :internal);
|
||||
@ -40,10 +40,9 @@ our @EXPORT = qw( process_tos
|
||||
setup_ecn
|
||||
add_common_rules
|
||||
setup_mac_lists
|
||||
process_rules
|
||||
process_routestopped
|
||||
generate_matrix
|
||||
compile_stop_firewall
|
||||
generate_matrix
|
||||
);
|
||||
our @EXPORT_OK = qw( initialize );
|
||||
our $VERSION = '4.4_16';
|
||||
@ -874,51 +873,6 @@ sub setup_mac_lists( $ ) {
|
||||
}
|
||||
}
|
||||
|
||||
#
|
||||
# Process the Rules File
|
||||
#
|
||||
sub process_rules() {
|
||||
|
||||
my $fn = open_file 'rules';
|
||||
|
||||
if ( $fn ) {
|
||||
|
||||
first_entry "$doing $fn...";
|
||||
|
||||
process_rule while read_a_line;
|
||||
|
||||
clear_comment;
|
||||
}
|
||||
|
||||
$section = 'DONE';
|
||||
}
|
||||
|
||||
#
|
||||
# Helper functions for generate_matrix()
|
||||
#-----------------------------------------
|
||||
#
|
||||
# Return the target for rules from $zone to $zone1.
|
||||
#
|
||||
sub rules_target( $$ ) {
|
||||
my ( $zone, $zone1 ) = @_;
|
||||
my $chain = rules_chain( ${zone}, ${zone1} );
|
||||
my $chainref = $filter_table->{$chain};
|
||||
|
||||
return $chain if $chainref && $chainref->{referenced};
|
||||
return 'ACCEPT' if $zone eq $zone1;
|
||||
|
||||
assert( $chainref );
|
||||
|
||||
if ( $chainref->{policy} ne 'CONTINUE' ) {
|
||||
my $policyref = $filter_table->{$chainref->{policychain}};
|
||||
assert( $policyref );
|
||||
return $policyref->{name} if $policyref ne $chainref;
|
||||
return $chainref->{policy} eq 'REJECT' ? 'reject' : $chainref->{policy};
|
||||
}
|
||||
|
||||
''; # CONTINUE policy
|
||||
}
|
||||
|
||||
#
|
||||
# Generate rules for one destination zone
|
||||
#
|
Loading…
Reference in New Issue
Block a user