mirror of
https://gitlab.com/shorewall/code.git
synced 2024-12-22 22:30:58 +01:00
Document full logical interface implementation
This commit is contained in:
parent
06d3b2c692
commit
a4eb581d44
@ -440,7 +440,6 @@ sub initialize( $ ) {
|
||||
AUTOMAKE => undef ,
|
||||
WIDE_TC_MARKS => undef,
|
||||
TRACK_PROVIDERS => undef,
|
||||
LOGICAL_NAMES => undef,
|
||||
ZONE2ZONE => undef,
|
||||
#
|
||||
# Packet Disposition
|
||||
@ -549,7 +548,6 @@ sub initialize( $ ) {
|
||||
AUTOMAKE => undef ,
|
||||
WIDE_TC_MARKS => undef,
|
||||
TRACK_PROVIDERS => undef,
|
||||
LOGICAL_NAMES => undef,
|
||||
ZONE2ZONE => undef,
|
||||
#
|
||||
# Packet Disposition
|
||||
@ -2411,7 +2409,6 @@ sub get_configuration( $ ) {
|
||||
default_yes_no 'AUTOMAKE' , '';
|
||||
default_yes_no 'WIDE_TC_MARKS' , '';
|
||||
default_yes_no 'TRACK_PROVIDERS' , '';
|
||||
default_yes_no 'LOGICAL_NAMES' , '';
|
||||
|
||||
my $val;
|
||||
|
||||
|
@ -898,12 +898,8 @@ sub process_interface( $ ) {
|
||||
if ( $option eq 'physical' ) {
|
||||
fatal_error "Invalid Physical interface name ($value)" unless $value =~ /^[\w.@%-]+\+?$/;
|
||||
|
||||
unless ( $port ) {
|
||||
fatal_error "The 'physical' option is only allowed on bridge ports" unless $config{LOGICAL_NAMES};
|
||||
fatal_error "Duplicate physical interface name ($value)" if $physical{$value};
|
||||
}
|
||||
fatal_error "Duplicate physical interface name ($value)" if ( $physical{$value} && ! $port );
|
||||
|
||||
$physical{$value} = 1;
|
||||
fatal_error "The type of 'physical' name ($value) doesn't match the type of interface name ($interface)" if $wildcard && ! $value =~ /\+$/;
|
||||
$physical = $value;
|
||||
} else {
|
||||
@ -931,16 +927,16 @@ sub process_interface( $ ) {
|
||||
|
||||
}
|
||||
|
||||
$interfaces{$interface} = { name => $interface ,
|
||||
bridge => $bridge ,
|
||||
nets => 0 ,
|
||||
number => $nextinum ,
|
||||
root => $root ,
|
||||
broadcasts => $broadcasts ,
|
||||
options => \%options ,
|
||||
zone => '',
|
||||
physical => $physical
|
||||
};
|
||||
$physical{$physical} = $interfaces{$interface} = { name => $interface ,
|
||||
bridge => $bridge ,
|
||||
nets => 0 ,
|
||||
number => $nextinum ,
|
||||
root => $root ,
|
||||
broadcasts => $broadcasts ,
|
||||
options => \%options ,
|
||||
zone => '',
|
||||
physical => $physical
|
||||
};
|
||||
|
||||
if ( $zone ) {
|
||||
$netsref ||= [ allip ];
|
||||
|
@ -252,6 +252,15 @@ None.
|
||||
is, if the logical name ends in '+' then the physical name must
|
||||
also end in '+'.
|
||||
|
||||
This feature is not restricted to bridge ports. Beginning with this
|
||||
release, the interface name in the INTERFACE column can be
|
||||
considered a logical name for the interface where the actual
|
||||
interface name is specified using the 'physical' option. If no
|
||||
'physical' option is present, then the physical name is assumed to
|
||||
be the same as the logical name. As before, the logical interface
|
||||
name is used throughout the rest of the configuration to refer to
|
||||
the interface.
|
||||
|
||||
4) Previously, Shorewall has used the character '2' to form the name
|
||||
of chains involving zones and/or the word 'all' (e.g., fw2net,
|
||||
all2all). When zones names are given numeric suffixes, these
|
||||
|
@ -63,10 +63,12 @@ loc eth2 -</programlisting>
|
||||
role="bold">]</emphasis></term>
|
||||
|
||||
<listitem>
|
||||
<para>Name of interface. Each interface may be listed only once in
|
||||
this file. You may NOT specify the name of a "virtual" interface
|
||||
(e.g., eth0:0) here; see <ulink
|
||||
url="http://www.shorewall.net/FAQ.htm#faq18">http://www.shorewall.net/FAQ.htm#faq18</ulink></para>
|
||||
<para>Logical name of interface. Each interface may be listed only
|
||||
once in this file. You may NOT specify the name of a "virtual"
|
||||
interface (e.g., eth0:0) here; see <ulink
|
||||
url="http://www.shorewall.net/FAQ.htm#faq18">http://www.shorewall.net/FAQ.htm#faq18</ulink>.
|
||||
If the <option>physical</option> option is not specified, then the
|
||||
logical name is also the name of the actual interface.</para>
|
||||
|
||||
<para>You may use wildcards here by specifying a prefix followed by
|
||||
the plus sign ("+"). For example, if you want to make an entry that
|
||||
@ -440,13 +442,11 @@ loc eth2 -</programlisting>
|
||||
role="bold"><emphasis>name</emphasis></emphasis></term>
|
||||
|
||||
<listitem>
|
||||
<para>Added in Shorewall 4.4.4. This option may only be used
|
||||
when defining a bridge port (:<emphasis>port</emphasis>
|
||||
appeared in the INTERFACE column). When specified, the port
|
||||
name in the INTERFACE column is a logical name that refers to
|
||||
the name given in this option. It is useful when you want to
|
||||
specify the same wildcard port name on two or more bridges.
|
||||
See <ulink
|
||||
<para>Added in Shorewall 4.4.4. When specified, the interface
|
||||
or port name in the INTERFACE column is a logical name that
|
||||
refers to the name given in this option. It is useful when you
|
||||
want to specify the same wildcard port name on two or more
|
||||
bridges. See <ulink
|
||||
url="http://www.shorewall.net/bridge-Shorewall-perl.html#Multiple">http://www.shorewall.net/bridge-Shorewall-perl.html#Multiple</ulink>.</para>
|
||||
|
||||
<para>If the <emphasis>interface</emphasis> name is a wildcard
|
||||
|
@ -63,10 +63,12 @@ loc eth2 -</programlisting>
|
||||
role="bold">]</emphasis></term>
|
||||
|
||||
<listitem>
|
||||
<para>Name of interface. Each interface may be listed only once in
|
||||
this file. You may NOT specify the name of a "virtual" interface
|
||||
(e.g., eth0:0) here; see <ulink
|
||||
url="http://www.shorewall.net/FAQ.htm#faq18">http://www.shorewall.net/FAQ.htm#faq18</ulink></para>
|
||||
<para>Logical name of interface. Each interface may be listed only
|
||||
once in this file. You may NOT specify the name of a "virtual"
|
||||
interface (e.g., eth0:0) here; see <ulink
|
||||
url="http://www.shorewall.net/FAQ.htm#faq18">http://www.shorewall.net/FAQ.htm#faq18</ulink>.
|
||||
If the <option>physical</option> option is not specified, then the
|
||||
logical name is also the name of the actual interface.</para>
|
||||
|
||||
<para>You may use wildcards here by specifying a prefix followed by
|
||||
the plus sign ("+"). For example, if you want to make an entry that
|
||||
@ -180,12 +182,11 @@ loc eth2 -</programlisting>
|
||||
role="bold"><emphasis>name</emphasis></emphasis></term>
|
||||
|
||||
<listitem>
|
||||
<para>Added in Shorewall 4.4.4. This option may only be used
|
||||
when defining a bridge port (:port appeared in the INTERFACE
|
||||
column). When specified, the port name in the INTERFACE column
|
||||
is a logical name that refers to the name given in this
|
||||
option. It is useful when you want to specify the same
|
||||
wildcard port name on two or more bridges. See <ulink
|
||||
<para>Added in Shorewall 4.4.4. When specified, the interface
|
||||
or port name in the INTERFACE column is a logical name that
|
||||
refers to the name given in this option. It is useful when you
|
||||
want to specify the same wildcard port name on two or more
|
||||
bridges. See <ulink
|
||||
url="http://www.shorewall.net/bridge-Shorewall-perl.html#Multiple">http://www.shorewall.net/bridge-Shorewall-perl.html#Multiple</ulink>.</para>
|
||||
|
||||
<para>If the <emphasis>interface</emphasis> name is a wildcard
|
||||
|
Loading…
Reference in New Issue
Block a user