mirror of
https://gitlab.com/shorewall/code.git
synced 2024-12-24 23:28:59 +01:00
Improve performance of logical->physical mapping
This commit is contained in:
parent
92208251b7
commit
9b127e6e06
@ -673,7 +673,7 @@ sub chain_base($) {
|
|||||||
#
|
#
|
||||||
sub forward_chain($)
|
sub forward_chain($)
|
||||||
{
|
{
|
||||||
physical_name( $_[0] ) . '_fwd';
|
get_physical( $_[0] ) . '_fwd';
|
||||||
}
|
}
|
||||||
|
|
||||||
#
|
#
|
||||||
@ -709,7 +709,7 @@ sub use_forward_chain($) {
|
|||||||
#
|
#
|
||||||
sub input_chain($)
|
sub input_chain($)
|
||||||
{
|
{
|
||||||
physical_name( $_[0] ) . '_in';
|
get_physical( $_[0] ) . '_in';
|
||||||
}
|
}
|
||||||
|
|
||||||
#
|
#
|
||||||
@ -767,7 +767,7 @@ sub use_input_chain($) {
|
|||||||
#
|
#
|
||||||
sub output_chain($)
|
sub output_chain($)
|
||||||
{
|
{
|
||||||
physical_name( $_[0] ) . '_out';
|
get_physical( $_[0] ) . '_out';
|
||||||
}
|
}
|
||||||
|
|
||||||
#
|
#
|
||||||
@ -811,7 +811,7 @@ sub use_output_chain($) {
|
|||||||
#
|
#
|
||||||
sub masq_chain($)
|
sub masq_chain($)
|
||||||
{
|
{
|
||||||
physical_name( $_[0] ) . '_masq';
|
get_physical( $_[0] ) . '_masq';
|
||||||
}
|
}
|
||||||
|
|
||||||
#
|
#
|
||||||
@ -826,7 +826,7 @@ sub syn_flood_chain ( $ ) {
|
|||||||
#
|
#
|
||||||
sub mac_chain( $ )
|
sub mac_chain( $ )
|
||||||
{
|
{
|
||||||
physical_name( $_[0] ) . '_mac';
|
get_physical( $_[0] ) . '_mac';
|
||||||
}
|
}
|
||||||
|
|
||||||
sub macrecent_target($)
|
sub macrecent_target($)
|
||||||
@ -855,7 +855,7 @@ sub notrack_chain( $ )
|
|||||||
#
|
#
|
||||||
sub snat_chain( $ )
|
sub snat_chain( $ )
|
||||||
{
|
{
|
||||||
physical_name( $_[0] ) . '_snat';
|
get_physical( $_[0] ) . '_snat';
|
||||||
}
|
}
|
||||||
|
|
||||||
#
|
#
|
||||||
@ -863,7 +863,7 @@ sub snat_chain( $ )
|
|||||||
#
|
#
|
||||||
sub ecn_chain( $ )
|
sub ecn_chain( $ )
|
||||||
{
|
{
|
||||||
physical_name( $_[0] ) . '_ecn';
|
get_physical( $_[0] ) . '_ecn';
|
||||||
}
|
}
|
||||||
|
|
||||||
#
|
#
|
||||||
@ -871,7 +871,7 @@ sub ecn_chain( $ )
|
|||||||
#
|
#
|
||||||
sub first_chains( $ ) #$1 = interface
|
sub first_chains( $ ) #$1 = interface
|
||||||
{
|
{
|
||||||
my $c = physical_name $_[0];
|
my $c = get_physical $_[0];
|
||||||
|
|
||||||
( $c . '_fwd', $c . '_in' );
|
( $c . '_fwd', $c . '_in' );
|
||||||
}
|
}
|
||||||
@ -2138,7 +2138,7 @@ sub interface_address( $ ) {
|
|||||||
sub get_interface_address ( $ ) {
|
sub get_interface_address ( $ ) {
|
||||||
my ( $logical ) = $_[0];
|
my ( $logical ) = $_[0];
|
||||||
|
|
||||||
my $interface = physical_name( $logical );
|
my $interface = get_physical( $logical );
|
||||||
my $variable = interface_address( $interface );
|
my $variable = interface_address( $interface );
|
||||||
my $function = interface_is_optional( $logical ) ? 'find_first_interface_address_if_any' : 'find_first_interface_address';
|
my $function = interface_is_optional( $logical ) ? 'find_first_interface_address_if_any' : 'find_first_interface_address';
|
||||||
|
|
||||||
@ -2161,7 +2161,7 @@ sub interface_bcasts( $ ) {
|
|||||||
# Record that the ruleset requires the broadcast addresses on the passed interface
|
# Record that the ruleset requires the broadcast addresses on the passed interface
|
||||||
#
|
#
|
||||||
sub get_interface_bcasts ( $ ) {
|
sub get_interface_bcasts ( $ ) {
|
||||||
my ( $interface ) = physical_name $_[0];
|
my ( $interface ) = get_physical $_[0];
|
||||||
|
|
||||||
my $variable = interface_bcasts( $interface );
|
my $variable = interface_bcasts( $interface );
|
||||||
|
|
||||||
@ -2184,7 +2184,7 @@ sub interface_acasts( $ ) {
|
|||||||
# Record that the ruleset requires the anycast addresses on the passed interface
|
# Record that the ruleset requires the anycast addresses on the passed interface
|
||||||
#
|
#
|
||||||
sub get_interface_acasts ( $ ) {
|
sub get_interface_acasts ( $ ) {
|
||||||
my ( $interface ) = physical_name $_[0];
|
my ( $interface ) = get_physical $_[0];
|
||||||
|
|
||||||
$global_variables |= NOT_RESTORE;
|
$global_variables |= NOT_RESTORE;
|
||||||
|
|
||||||
@ -2209,7 +2209,7 @@ sub interface_gateway( $ ) {
|
|||||||
sub get_interface_gateway ( $ ) {
|
sub get_interface_gateway ( $ ) {
|
||||||
my ( $logical ) = $_[0];
|
my ( $logical ) = $_[0];
|
||||||
|
|
||||||
my $interface = physical_name $logical;
|
my $interface = get_physical $logical;
|
||||||
my $variable = interface_gateway( $interface );
|
my $variable = interface_gateway( $interface );
|
||||||
|
|
||||||
my $routine = $config{USE_DEFAULT_RT} ? 'detect_dynamic_gateway' : 'detect_gateway';
|
my $routine = $config{USE_DEFAULT_RT} ? 'detect_dynamic_gateway' : 'detect_gateway';
|
||||||
@ -2241,7 +2241,7 @@ sub interface_addresses( $ ) {
|
|||||||
sub get_interface_addresses ( $ ) {
|
sub get_interface_addresses ( $ ) {
|
||||||
my ( $logical ) = $_[0];
|
my ( $logical ) = $_[0];
|
||||||
|
|
||||||
my $interface = physical_name( $logical );
|
my $interface = get_physical( $logical );
|
||||||
my $variable = interface_addresses( $interface );
|
my $variable = interface_addresses( $interface );
|
||||||
|
|
||||||
$global_variables |= NOT_RESTORE;
|
$global_variables |= NOT_RESTORE;
|
||||||
@ -2271,7 +2271,7 @@ sub interface_nets( $ ) {
|
|||||||
sub get_interface_nets ( $ ) {
|
sub get_interface_nets ( $ ) {
|
||||||
my ( $logical ) = $_[0];
|
my ( $logical ) = $_[0];
|
||||||
|
|
||||||
my $interface = physical_name( $logical );
|
my $interface = get_physical( $logical );
|
||||||
my $variable = interface_nets( $interface );
|
my $variable = interface_nets( $interface );
|
||||||
|
|
||||||
$global_variables |= ALL_COMMANDS;
|
$global_variables |= ALL_COMMANDS;
|
||||||
@ -2302,7 +2302,7 @@ sub interface_mac( $$ ) {
|
|||||||
sub get_interface_mac( $$$ ) {
|
sub get_interface_mac( $$$ ) {
|
||||||
my ( $ipaddr, $logical , $table ) = @_;
|
my ( $ipaddr, $logical , $table ) = @_;
|
||||||
|
|
||||||
my $interface = physical_name( $logical );
|
my $interface = get_physical( $logical );
|
||||||
my $variable = interface_mac( $interface , $table );
|
my $variable = interface_mac( $interface , $table );
|
||||||
|
|
||||||
$global_variables |= NOT_RESTORE;
|
$global_variables |= NOT_RESTORE;
|
||||||
|
@ -813,7 +813,7 @@ sub handle_optional_interfaces() {
|
|||||||
if ( @$interfaces ) {
|
if ( @$interfaces ) {
|
||||||
for my $interface ( @$interfaces ) {
|
for my $interface ( @$interfaces ) {
|
||||||
my $provider = $provider_interfaces{$interface};
|
my $provider = $provider_interfaces{$interface};
|
||||||
my $physical = physical_name $interface;
|
my $physical = get_physical $interface;
|
||||||
my $base = uc chain_base( $physical );
|
my $base = uc chain_base( $physical );
|
||||||
|
|
||||||
emit '';
|
emit '';
|
||||||
|
@ -723,7 +723,7 @@ sub firewall_zone() {
|
|||||||
sub process_interface( $ ) {
|
sub process_interface( $ ) {
|
||||||
my $nextinum = $_[0];
|
my $nextinum = $_[0];
|
||||||
my $nets;
|
my $nets;
|
||||||
my ($zone, $originalinterface, $networks, $options ) = split_line 2, 4, 'interfaces file';
|
my ($zone, $originalinterface, $bcasts, $options ) = split_line 2, 4, 'interfaces file';
|
||||||
my $zoneref;
|
my $zoneref;
|
||||||
my $bridge = '';
|
my $bridge = '';
|
||||||
|
|
||||||
@ -736,7 +736,7 @@ sub process_interface( $ ) {
|
|||||||
fatal_error "Firewall zone not allowed in ZONE column of interface record" if $zoneref->{type} == FIREWALL;
|
fatal_error "Firewall zone not allowed in ZONE column of interface record" if $zoneref->{type} == FIREWALL;
|
||||||
}
|
}
|
||||||
|
|
||||||
$networks = '' if $networks eq '-';
|
$bcasts = '' if $bcasts eq '-';
|
||||||
$options = '' if $options eq '-';
|
$options = '' if $options eq '-';
|
||||||
|
|
||||||
my ($interface, $port, $extra) = split /:/ , $originalinterface, 3;
|
my ($interface, $port, $extra) = split /:/ , $originalinterface, 3;
|
||||||
@ -785,8 +785,8 @@ sub process_interface( $ ) {
|
|||||||
my $physical = $interface;
|
my $physical = $interface;
|
||||||
my $broadcasts;
|
my $broadcasts;
|
||||||
|
|
||||||
unless ( $networks eq '' || $networks eq 'detect' ) {
|
unless ( $bcasts eq '' || $bcasts eq 'detect' ) {
|
||||||
my @broadcasts = split_list $networks, 'address';
|
my @broadcasts = split_list $bcasts, 'address';
|
||||||
|
|
||||||
for my $address ( @broadcasts ) {
|
for my $address ( @broadcasts ) {
|
||||||
fatal_error 'Invalid BROADCAST address' unless $address =~ /^(\d+)\.(\d+)\.(\d+)\.(\d+)$/;
|
fatal_error 'Invalid BROADCAST address' unless $address =~ /^(\d+)\.(\d+)\.(\d+)\.(\d+)$/;
|
||||||
@ -1064,7 +1064,7 @@ sub find_interface( $ ) {
|
|||||||
# Returns the physical interface associated with the passed logical name
|
# Returns the physical interface associated with the passed logical name
|
||||||
#
|
#
|
||||||
sub get_physical( $ ) {
|
sub get_physical( $ ) {
|
||||||
known_interface( $_[0] )->{physical};
|
$interfaces{ $_[0] }->{physical};
|
||||||
}
|
}
|
||||||
|
|
||||||
#
|
#
|
||||||
|
Loading…
Reference in New Issue
Block a user