extern/shorewall_code
1
0
Fork 1
mirror of https://gitlab.com/shorewall/code.git synced 2024-12-15 10:51:02 +01:00
Code Issues Packages Projects Releases Wiki Activity

Fix line continuation in extension scripts

Browse Source 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@3726 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
This commit is contained in:
teastep 2006-03-24 17:26:56 +00:00
parent 7b2ffd5a00
commit abb6316601
2 changed files with 69 additions and 20 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

39
Shorewall/compiler
View File

@ -51,31 +51,20 @@ fatal_error() # $* = Error Message
} }
# #
# Write the passed args to $OUTPUT -- We need all of these varieties to support # Write the passed args to the compiler output file.
# extension scripts.
# #
save_command() save_command()
{ {
echo "${INDENT}${@}" >&3 echo "${INDENT}${@}" >&3
} }
run_and_save_command()
{
echo "${INDENT}${@}" >&3
}
ensure_and_save_command()
{
echo "${INDENT}${@}" >&3
}
save_command_unindented() save_command_unindented()
{ {
echo "${@}" >&3 echo "${@}" >&3
} }
# #
# Write a progress_message2 command to $OUTPUT # Write a progress_message2 command to the output file.
# #
save_progress_message() save_progress_message()
{ {
@ -100,7 +89,11 @@ progress_message_and_save()
# #
indent() { indent() {
if [ -n "$INDENT" ]; then if [ -n "$INDENT" ]; then
eval sed \'s\/^/"$INDENT"\/\' $1 if [ -n "$HAVEAWK" ]; then
eval awk \''BEGIN { indent=1; }; { nextindent=indent; indent=1; }; /\\$/ { indent=0; }; { if (nextindent == 1) print "'"$INDENT"'" $0; else print; };'\' $1
else
eval sed \'s\/^/"$INDENT"\/\' $1
fi
else else
cat $1 cat $1
fi fi
@ -8574,6 +8567,22 @@ run_tc() {
fi fi
} }
#
# Functions to appease unconverted extension scripts
#
save_command()
{
return 0
}
run_and_save_command() {
eval \$@
}
ensure_and_save_command() {
eval \$@ || fatal_error "Command \"\$@\" failed"
}
# #
# Initialize environment # Initialize environment
# #
@ -9213,6 +9222,8 @@ do_initialize() {
rm -f $TMP_DIR/physdev rm -f $TMP_DIR/physdev
rm -f $TMP_DIR/iprange rm -f $TMP_DIR/iprange
qt which awk && HAVEAWK=Yes || HAVEAWK=
} }
# #

50
Shorewall/releasenotes.txt
View File

@ -73,7 +73,12 @@ Other changes in 3.2.0 Beta 2
Migration Considerations: Migration Considerations:
1) A number of macros have been split into two. The macros affected are: 1) If you are upgrading from Shorewall 2.x, it is essential that you read
the Shorewall 3.0.5 release notes:
http://www.shorewall.net/pub/shorewall/3.0/shorewall-3.0.5/releasenotes.txt
2) A number of macros have been split into two. The macros affected are:
IMAP LDAP NNTP POP3 SMTP IMAP LDAP NNTP POP3 SMTP
@ -89,7 +94,7 @@ Migration Considerations:
These changes have been made to ensure no unexpected ports are opened due These changes have been made to ensure no unexpected ports are opened due
to the use of macros. to the use of macros.
2) In previous Shorewall releases, DNAT and REDIRECT rules supported a 3) In previous Shorewall releases, DNAT and REDIRECT rules supported a
special syntax for exclusion of a subnet from the effect of the rule. special syntax for exclusion of a subnet from the effect of the rule.
Example: Example:
@ -107,7 +112,7 @@ Migration Considerations:
Beginning with Shorewall 3.2.0, the special exclusion syntax will no Beginning with Shorewall 3.2.0, the special exclusion syntax will no
longer be supported. longer be supported.
3) Important if you use the QUEUE target. 4) Important if you use the QUEUE target.
In the /etc/shorewall/rules file and in actions, you may now specify In the /etc/shorewall/rules file and in actions, you may now specify
'tcpsyn' in the PROTO column. 'tcpsyn' is equivalent to 'tcp' but also 'tcpsyn' in the PROTO column. 'tcpsyn' is equivalent to 'tcp' but also
@ -117,10 +122,43 @@ Migration Considerations:
As part of this change, Shorewall no longer adds the "--syn" option As part of this change, Shorewall no longer adds the "--syn" option
to TCP rules that specify QUEUE as their target. to TCP rules that specify QUEUE as their target.
4) If you are upgrading from Shorewall 2.x, it is essential that you read 5) Extension Scripts may require change
the Shorewall 3.0.5 release notes:
http://www.shorewall.net/pub/shorewall/3.0/shorewall-3.0.5/releasenotes.txt In previous releases, extension scripts were executed during [re]start
by using the Bourne Shell "." operator. In addition to executing commands
during [re]start, these scripts had to "save" the commands to be executed
during "shorewall restore".
This clumsiness has been eliminated in Shorewall 3.2. In Shorewall 3.2,
extension scripts are copied in-line into the compiled program and are
executed in-line during "start", "restart" and "restore".
This new approach has two implications for existing scripts.
a) It is no longer necessary to save the commands; so functions like
'save_command', 'run_and_save_command' and 'ensure_and_save_command'
need no longer be called. The generated program will contain
functions with these names:
save_command() - does nothing
run_and_save_command() - runs the passed command
ensure_and_save_command() - runs the passed command and
stops the firewall if the command
fails.
These functions should provide for transparent migration of
scripts that use them until you can get around to eliminating
their use completely.
b) When the extension script is copied into the compiled program, it
is indented to line up with the surrounding code. If you have 'awk'
installed on your system, the Shorewall compiler will correctly handle
line continuation (last character on the line = "\"). If you do not
have awk, it will not be possible to use line-continuation in your
extension scripts.
In no case is it possible to continue a quoted string over multiple lines
without having additional whitespace inserted into the string.
New Features: New Features: