extern/shorewall_code
1
0
Fork 1
mirror of https://gitlab.com/shorewall/code.git synced 2025-06-01 23:45:53 +02:00
Code Issues Packages Projects Releases Wiki Activity

Fold IP_FORWARDING into the trivalue mechanism

Browse Source 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@6067 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
This commit is contained in:
teastep 2007-04-22 19:45:27 +00:00
parent 52f201b6b8
commit c0e5fcf6c6
3 changed files with 16 additions and 21 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
Shorewall-perl/Shorewall/Config.pm
View File

@ -483,9 +483,9 @@ sub check_trivalue( $$ ) {
if ( defined $val ) { if ( defined $val ) {
if ( $val eq 'yes' || $val eq 'on' ) { if ( $val eq 'yes' || $val eq 'on' ) {
$config{$var} = 'yes'; $config{$var} = 'on';
} elsif ( $val eq 'no' || $val eq 'off' ) { } elsif ( $val eq 'no' || $val eq 'off' ) {
$config{$var} = 'no'; $config{$var} = 'off';
} elsif ( $val eq 'keep' ) { } elsif ( $val eq 'keep' ) {
$config{$var} = ''; $config{$var} = '';
} elsif ( $val eq '' ) { } elsif ( $val eq '' ) {
@ -808,15 +808,10 @@ sub get_configuration( $ ) {
$globals{LOGLIMIT} = ''; $globals{LOGLIMIT} = '';
} }
if ( $config{IP_FORWARDING} ) { check_trivalue ( 'IP_FORWARDING', 'on' );
fatal_error "Invalid value ( $config{IP_FORWARDING} ) for IP_FORWARDING" check_trivalue ( 'ROUTE_FILTER', '' );
unless $config{IP_FORWARDING} =~ /^(On|Off|Keep)$/i; check_trivalue ( 'LOG_MARTIANS', '' );
} else {
$config{IP_FORWARDING} = 'On';
}
check_trivalue ( 'ROUTE_FILTER', '' );
check_trivalue ( 'LOG_MARTIANS', '' );
default_yes_no 'ADD_IP_ALIASES' , 'Yes'; default_yes_no 'ADD_IP_ALIASES' , 'Yes';
default_yes_no 'ADD_SNAT_ALIASES' , ''; default_yes_no 'ADD_SNAT_ALIASES' , '';

16
Shorewall-perl/Shorewall/Proc.pm
View File

@ -103,7 +103,7 @@ sub setup_route_filtering() {
if ( $config{ROUTE_FILTER} ) { if ( $config{ROUTE_FILTER} ) {
my $val = $config{ROUTE_FILTER} eq 'yes' ? 1 : 0; my $val = $config{ROUTE_FILTER} eq 'on' ? 1 : 0;
emitj ( 'for file in /proc/sys/net/ipv4/conf/*; do', emitj ( 'for file in /proc/sys/net/ipv4/conf/*; do',
" [ -f \$file/rp_filter ] && echo $val > \$file/rp_filter", " [ -f \$file/rp_filter ] && echo $val > \$file/rp_filter",
@ -123,9 +123,9 @@ sub setup_route_filtering() {
emit 'echo 1 > /proc/sys/net/ipv4/conf/all/rp_filter'; emit 'echo 1 > /proc/sys/net/ipv4/conf/all/rp_filter';
if ( $config{ROUTE_FILTER} eq 'yes' ) { if ( $config{ROUTE_FILTER} eq 'on' ) {
emit 'echo 1 > /proc/sys/net/ipv4/conf/default/rp_filter'; emit 'echo 1 > /proc/sys/net/ipv4/conf/default/rp_filter';
} elsif ( $config{ROUTE_FILTER} eq 'no' ) { } elsif ( $config{ROUTE_FILTER} eq 'off' ) {
emit 'echo 0 > /proc/sys/net/ipv4/conf/default/rp_filter'; emit 'echo 0 > /proc/sys/net/ipv4/conf/default/rp_filter';
} }
@ -147,7 +147,7 @@ sub setup_martian_logging() {
save_progress_message "Setting up Martian Logging..."; save_progress_message "Setting up Martian Logging...";
if ( $config{LOG_MARTIANS} ) { if ( $config{LOG_MARTIANS} ) {
my $val = $config{LOG_MARTIANS} eq 'yes' ? 1 : 0; my $val = $config{LOG_MARTIANS} eq 'on' ? 1 : 0;
emitj ( 'for file in /proc/sys/net/ipv4/conf/*; do', emitj ( 'for file in /proc/sys/net/ipv4/conf/*; do',
" [ -f \$file/log_martians ] && echo $val > \$file/log_martians", " [ -f \$file/log_martians ] && echo $val > \$file/log_martians",
@ -166,10 +166,10 @@ sub setup_martian_logging() {
emit "fi\n"; emit "fi\n";
} }
if ( $config{LOG_MARTIANS} eq 'yes' ) { if ( $config{LOG_MARTIANS} eq 'on' ) {
emit 'echo 1 > /proc/sys/net/ipv4/conf/all/log_martians'; emit 'echo 1 > /proc/sys/net/ipv4/conf/all/log_martians';
emit 'echo 1 > /proc/sys/net/ipv4/conf/default/log_martians'; emit 'echo 1 > /proc/sys/net/ipv4/conf/default/log_martians';
} elsif ( $config{LOG_MARTIANS} eq 'no' ) { } elsif ( $config{LOG_MARTIANS} eq 'off' ) {
emit 'echo 0 > /proc/sys/net/ipv4/conf/all/log_martians'; emit 'echo 0 > /proc/sys/net/ipv4/conf/all/log_martians';
emit 'echo 0 > /proc/sys/net/ipv4/conf/default/log_martians'; emit 'echo 0 > /proc/sys/net/ipv4/conf/default/log_martians';
} }
@ -204,10 +204,10 @@ sub setup_source_routing() {
} }
sub setup_forwarding() { sub setup_forwarding() {
if ( "\L$config{IP_FORWARDING}" eq 'on' ) { if ( $config{IP_FORWARDING} eq 'on' ) {
emit 'echo 1 > /proc/sys/net/ipv4/ip_forward'; emit 'echo 1 > /proc/sys/net/ipv4/ip_forward';
emit 'progress_message2 IP Forwarding Enabled'; emit 'progress_message2 IP Forwarding Enabled';
} elsif ( "\L$config{IP_FORWARDING}" eq 'off' ) { } elsif ( $config{IP_FORWARDING} eq 'off' ) {
emit 'echo 0 > /proc/sys/net/ipv4/ip_forward'; emit 'echo 0 > /proc/sys/net/ipv4/ip_forward';
emit 'progress_message2 IP Forwarding Disabled!'; emit 'progress_message2 IP Forwarding Disabled!';
} }

4
Shorewall-perl/compiler.pl
View File

@ -429,10 +429,10 @@ EOF
emit ''; emit '';
if ( $config{IP_FORWARDING} =~ /on/i ) { if ( $config{IP_FORWARDING} eq 'on' ) {
emitj( 'echo 1 > /proc/sys/net/ipv4/ip_forward', emitj( 'echo 1 > /proc/sys/net/ipv4/ip_forward',
'progress_message2 IP Forwarding Enabled' ); 'progress_message2 IP Forwarding Enabled' );
} elsif ( $config{IP_FORWARDING} =~ /off/i ) { } elsif ( $config{IP_FORWARDING} eq 'off' ) {
emitj( 'echo 0 > /proc/sys/net/ipv4/ip_forward', emitj( 'echo 0 > /proc/sys/net/ipv4/ip_forward',
'progress_message2 IP Forwarding Disabled!' 'progress_message2 IP Forwarding Disabled!'
); );