Add AUTO_COMMENT option

git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8214 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
This commit is contained in:
teastep 2008-02-23 01:46:50 +00:00
parent d39cb6c1c1
commit a81ce26230
6 changed files with 28 additions and 4 deletions

View File

@ -19,6 +19,8 @@ Changes in 4.1.5
9) Automatic macro comments.
10) But make automatic macro comments optional.
Changes in 4.1.4
1) Fix do_test() to accept 0 and to use the same mask as

View File

@ -123,9 +123,11 @@ New Features in 4.1.5.
4) Shorewall-perl now generates an error when a MAC address appears in
a traffic shaping rule in the OUTPUT or POSTROUTING chains.
5) Macros are now self-commenting. If there is not a current comment
when a macro is invoked, the behavior under Shorewall-perl is as if
the first line of the macro file was "COMMENT <macro name>".
5) Macros are now self-commenting under control of a new AUTO_COMMENT
option in shorewall.conf. When this option is set, if there is not
a current comment when a macro is invoked, the behavior under
Shorewall-perl is as if the first line of the macro file was
"COMMENT <macro name>".
So, if you have this rule:
@ -135,6 +137,10 @@ New Features in 4.1.5.
viewed with 'iptables -L' or 'shorewall show loc2fw' or 'shorewall
dump'.
The AUTO_COMMENT option has a default value of 'Yes' and is only
available under Shorewall-perl The option is ignored by
Shorewall-shell.
New Features in Shorewall 4.1.
1) Shorewall 4.1 contains experimental support for multiple Internet

View File

@ -179,6 +179,8 @@ MULTICAST=No
DONT_LOAD=
AUTO_COMMENT=Yes
###############################################################################
# P A C K E T D I S P O S I T I O N
###############################################################################

View File

@ -375,7 +375,7 @@ sub clear_comment() {
sub macro_comment( $ ) {
my $macro = $_[0];
$comment = $macro unless $comment || ! $capabilities{COMMENTS};
$comment = $macro unless $comment || ! ( $capabilities{COMMENTS} && $config{AUTO_COMMENT} );
}
#

View File

@ -353,6 +353,7 @@ sub initialize() {
MULTICAST => undef,
DONT_LOAD => '',
BROKEN_ROUTING => '',
AUTO_COMMENT => '' ,
#
# Packet Disposition
#
@ -1880,6 +1881,7 @@ sub get_configuration( $ ) {
default_yes_no 'KEEP_RT_TABLES' , '';
default_yes_no 'DELETE_THEN_ADD' , 'Yes';
default_yes_no 'BROKEN_ROUTING' , '';
default_yes_no 'AUTO_COMMENT' , 'Yes';
default_yes_no 'MULTICAST' , '';
default_yes_no 'MARK_IN_FORWARD_CHAIN' , '';

View File

@ -240,6 +240,18 @@
</listitem>
</varlistentry>
<varlistentry>
<term><emphasis role="bold">AUTO_COMMENT=</emphasis>[<emphasis
role="bold">Yes</emphasis>|<emphasis role="bold">No</emphasis>]</term>
<listitem>
<para>Added in Shorewall-perl 4.1.5. If set, if there is not a
current comment when a macro is invoked, the behavior is as if the
first line of the macro file was "COMMENT &lt;macro name&gt;". The
AUTO_COMMENT option has a default value of 'Yes'.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><emphasis role="bold">BIGDPORTLISTS=</emphasis>[<emphasis
role="bold">Yes</emphasis>|<emphasis role="bold">No</emphasis>]</term>