extern/shorewall_code
1
0
Fork 1
mirror of https://gitlab.com/shorewall/code.git synced 2025-04-25 19:58:21 +02:00
Code Issues Packages Projects Releases Wiki Activity

Pass many fewer arguments while processing a record in /etc/shorewall/rules

Browse Source
This commit is contained in:
Tom Eastep 2009-05-05 11:14:53 -07:00
parent 1177ae556c
commit a23fc3c46c
1 changed files with 35 additions and 34 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

69
Shorewall/Perl/Shorewall/Rules.pm
View File

@ -1384,8 +1384,40 @@ sub process_rule1 ( $$$$$$$$$$$$$ ) {
# #
# Deals with the ugliness of wildcard zones ('all' in SOURCE and/or DEST column). # Deals with the ugliness of wildcard zones ('all' in SOURCE and/or DEST column).
# #
sub process_rule ( $$$$$$$$$$$$ ) { sub process_rule ( ) {
my ( $target, $source, $dest, $proto, $ports, $sports, $origdest, $ratelimit, $user, $mark, $connlimit , $time ) = @_; my ( $target, $source, $dest, $proto, $ports, $sports, $origdest, $ratelimit, $user, $mark, $connlimit, $time ) = split_line1 1, 12, 'rules file', \%rules_commands;
if ( $target eq 'COMMENT' ) {
process_comment;
return 1;
}
if ( $target eq 'SECTION' ) {
#
# read_a_line has already verified that there are exactly two tokens on the line
#
fatal_error "Invalid SECTION ($source)" unless defined $sections{$source};
fatal_error "Duplicate or out of order SECTION $source" if $sections{$source};
$sectioned = 1;
$sections{$source} = 1;
if ( $source eq 'RELATED' ) {
$sections{ESTABLISHED} = 1;
finish_section 'ESTABLISHED';
} elsif ( $source eq 'NEW' ) {
@sections{'ESTABLISHED','RELATED'} = ( 1, 1 );
finish_section ( ( $section eq 'RELATED' ) ? 'RELATED' : 'ESTABLISHED,RELATED' );
}
$section = $source;
return 1;
}
if ( $source =~ /^none(:.*)?$/i || $dest =~ /^none(:.*)?$/i ) {
progress_message "Rule \"$currentline\" ignored.";
return 1;
}
my $intrazone = 0; my $intrazone = 0;
my $includesrcfw = 1; my $includesrcfw = 1;
my $includedstfw = 1; my $includedstfw = 1;
@ -1483,38 +1515,7 @@ sub process_rules() {
first_entry "$doing $fn..."; first_entry "$doing $fn...";
while ( read_a_line ) { process_rule while read_a_line;
my ( $target, $source, $dest, $proto, $ports, $sports, $origdest, $ratelimit, $user, $mark, $connlimit, $time ) = split_line1 1, 12, 'rules file', \%rules_commands;
if ( $target eq 'COMMENT' ) {
process_comment;
} elsif ( $target eq 'SECTION' ) {
#
# read_a_line has already verified that there are exactly two tokens on the line
#
fatal_error "Invalid SECTION ($source)" unless defined $sections{$source};
fatal_error "Duplicate or out of order SECTION $source" if $sections{$source};
$sectioned = 1;
$sections{$source} = 1;
if ( $source eq 'RELATED' ) {
$sections{ESTABLISHED} = 1;
finish_section 'ESTABLISHED';
} elsif ( $source eq 'NEW' ) {
@sections{'ESTABLISHED','RELATED'} = ( 1, 1 );
finish_section ( ( $section eq 'RELATED' ) ? 'RELATED' : 'ESTABLISHED,RELATED' );
}
$section = $source;
} else {
if ( "\L$source" =~ /^none(:.*)?$/ || "\L$dest" =~ /^none(:.*)?$/ ) {
progress_message "Rule \"$currentline\" ignored."
} else {
process_rule $target, $source, $dest, $proto, $ports, $sports, $origdest, $ratelimit, $user, $mark, $connlimit, $time;
}
}
}
clear_comment; clear_comment;
$section = 'DONE'; $section = 'DONE';