extern/shorewall_code
1
0
Fork 1
mirror of https://gitlab.com/shorewall/code.git synced 2025-06-07 10:16:42 +02:00
Code Issues Packages Projects Releases Wiki Activity

Add a section => name function map

Browse Source 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
This commit is contained in:
Tom Eastep 2013-02-10 09:27:43 -08:00
parent c35e753b1d
commit a312bfbb42
1 changed files with 14 additions and 29 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

43
Shorewall/Perl/Shorewall/Rules.pm
View File

@ -75,6 +75,16 @@ use constant { NULL_SECTION => 0x00,
NEW_SECTION => 0x40, NEW_SECTION => 0x40,
DEFAULTACTION_SECTION => 0x80 }; DEFAULTACTION_SECTION => 0x80 };
# #
# Section => name function
#
our %section_functions = ( ALL_SECTION , \&rules_chain,
BLACKLIST_SECTION , \&blacklist_chain,
ESTABLISHED_SECTION, \&established_chain,
RELATED_SECTION, \&related_chain,
INVALID_SECTION, \&invalid_chain,
UNTRACKED_SECTION, \&untracked_chain,
NEW_SECTION, \&rules_chain );
#
# These are the sections that may appear in a section header # These are the sections that may appear in a section header
# #
our %section_map = ( ALL => ALL_SECTION, our %section_map = ( ALL => ALL_SECTION,
@ -94,6 +104,7 @@ our %section_rmap = ( ALL_SECTION , 'ALL',
UNTRACKED_SECTION, 'UNTRACKED', UNTRACKED_SECTION, 'UNTRACKED',
NEW_SECTION, 'NEW' ); NEW_SECTION, 'NEW' );
our @policy_chains; our @policy_chains;
our %default_actions; our %default_actions;
@ -1041,19 +1052,7 @@ sub finish_section ( $ ) {
$sections{$_} = 1 for split /,/, $sections; $sections{$_} = 1 for split /,/, $sections;
my $function; my $function = $section_functions{$section} || \&rules_chain;
if ( $section == RELATED_SECTION ) {
$function = \&related_chain;
} elsif ( $section == INVALID_SECTION ) {
$function = \&invalid_chain;
} elsif ( $section == UNTRACKED_SECTION ) {
$function = \&untracked_chain;
} elsif ( $section == ESTABLISHED_SECTION ) {
$function = \&established_chain;
} else {
$function = \&rules_chain;
}
for my $zone ( all_zones ) { for my $zone ( all_zones ) {
for my $zone1 ( all_zones ) { for my $zone1 ( all_zones ) {
@ -2360,22 +2359,8 @@ sub process_rule ( $$$$$$$$$$$$$$$$$$$ ) {
# Handle rules in the BLACKLIST, ESTABLISHED, RELATED and INVALID sections # Handle rules in the BLACKLIST, ESTABLISHED, RELATED and INVALID sections
# #
if ( $section & ( BLACKLIST_SECTION | ESTABLISHED_SECTION | RELATED_SECTION | INVALID_SECTION | UNTRACKED_SECTION ) ) { if ( $section & ( BLACKLIST_SECTION | ESTABLISHED_SECTION | RELATED_SECTION | INVALID_SECTION | UNTRACKED_SECTION ) ) {
my $auxchain; my $auxchain = $section_functions{$section}->( $sourcezone, $destzone );
my $auxref; my $auxref = $filter_table->{$auxchain};
if ( $blacklist ) {
$auxchain = blacklist_chain( ${sourcezone}, ${destzone} );
} elsif ( $section == INVALID_SECTION ) {
$auxchain = invalid_chain( ${sourcezone}, ${destzone} );
} elsif ( $section == UNTRACKED_SECTION ) {
$auxchain = untracked_chain( ${sourcezone}, ${destzone} );
} elsif ( $section == RELATED_SECTION ) {
$auxchain = related_chain( ${sourcezone}, ${destzone} );
} else {
$auxchain = established_chain( ${sourcezone}, ${destzone} );
}
$auxref = $filter_table->{$auxchain};
unless ( $auxref ) { unless ( $auxref ) {
my @state; my @state;