extern/shorewall_code
1
0
Fork 1
mirror of https://gitlab.com/shorewall/code.git synced 2024-11-15 12:14:32 +01:00
Code Issues Packages Projects Releases Wiki Activity

Adjust exported variables; make iptables restoration into a function

Browse Source 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@5498 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
This commit is contained in:
teastep 2007-03-11 22:12:41 +00:00
parent c50bbf2255
commit bbeee2943e
1 changed files with 24 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

32
New/compiler.pl
View File

@ -105,6 +105,11 @@ my %config = ( STARTUP_ENABLED => undef,
ORIGINAL_POLICY_MATCH => undef, ORIGINAL_POLICY_MATCH => undef,
); );
# #
# Config options and global settings that are to be copied to object
#
my @propagateconfig = qw/ CLEAR_TC DISABLE_IPV6 ADMINISABSENTMINDED IP_FORWARDING MODULESDIR MODULE_SUFFIX LOGFORMAT /;
my @propagateenv = qw/ LOGLIMIT LOGTAGONLY LOGRULENUMBERS /;
#
# From parsing the capabilities file # From parsing the capabilities file
# #
my %capabilities = my %capabilities =
@ -5127,17 +5132,19 @@ sub generate_matrix() {
} }
sub create_iptables_restore_file() { sub create_iptables_restore_file() {
print $object "#Generated by Shorewall $env{VERSION} - " . ( localtime ) . "\n"; emit 'restore_iptables()';
emit '{';
emit ' iptables-restore << __EOF__';
for my $table qw/raw nat mangle filter/ { for my $table qw/raw nat mangle filter/ {
print $object "*$table\n"; emit "*$table";
my @chains; my @chains;
for my $chain ( grep $chain_table{$table}{$_}->{referenced} , ( sort keys %{$chain_table{$table}} ) ) { for my $chain ( grep $chain_table{$table}{$_}->{referenced} , ( sort keys %{$chain_table{$table}} ) ) {
my $chainref = $chain_table{$table}{$chain}; my $chainref = $chain_table{$table}{$chain};
if ( $chainref->{builtin} ) { if ( $chainref->{builtin} ) {
print $object ":$chainref->{name} $chainref->{policy} [0:0]\n"; emit ":$chainref->{name} $chainref->{policy} [0:0]";
} else { } else {
print $object ":$chainref->{name} - [0:0]\n"; emit ":$chainref->{name} - [0:0]";
} }
push @chains, $chainref; push @chains, $chainref;
@ -5146,11 +5153,15 @@ sub create_iptables_restore_file() {
for my $chainref ( @chains ) { for my $chainref ( @chains ) {
my $name = $chainref->{name}; my $name = $chainref->{name};
for my $rule ( @{$chainref->{rules}} ) { for my $rule ( @{$chainref->{rules}} ) {
print $object "-A $name $rule\n"; emit "-A $name $rule";
} }
} }
print $object "COMMIT\n";
emit 'COMMIT';
emit '__EOF__';
} }
emit '}';
} }
# #
@ -5475,8 +5486,13 @@ sub compile_firewall( $ ) {
$indent = ' '; $indent = ' ';
while ( my ( $option, $value ) = ( each %config ) ) { for my $option ( @propagateconfig ) {
$value |= ''; my $value = $config{$option} || '';
emit "${option}=\"${value}\"";
}
for my $option ( @propagateenv ) {
my $value = $env{$option} || '';
emit "${option}=\"${value}\""; emit "${option}=\"${value}\"";
} }