mirror of
https://gitlab.com/shorewall/code.git
synced 2024-12-22 22:30:58 +01:00
Implement RENAME_COMBINED
Signed-off-by: Tom Eastep <teastep@shorewall.net>
This commit is contained in:
parent
88547f5140
commit
c1a74b54fc
@ -3980,7 +3980,7 @@ sub optimize_level8( $$$ ) {
|
||||
'', # Origin
|
||||
1 ); # Recalculate digests of modified chains
|
||||
|
||||
unless ( $chainref->{name} =~ /^~/ || $chainref1->{name} =~ /^%/ ) {
|
||||
if ( $config{RENAME_COMBINED} && $chainref->{name} !~ /^[~%]/ ) {
|
||||
#
|
||||
# For simple use of the BLACKLIST section, we can end up with many identical
|
||||
# chains. To distinguish them from other renamed chains, we keep track of
|
||||
|
@ -995,6 +995,7 @@ sub initialize( $;$$$) {
|
||||
BALANCE_PROVIDERS => undef ,
|
||||
PERL_HASH_SEED => undef ,
|
||||
USE_NFLOG_SIZE => undef ,
|
||||
RENAME_COMBINED => undef ,
|
||||
#
|
||||
# Packet Disposition
|
||||
#
|
||||
@ -6540,6 +6541,7 @@ sub get_configuration( $$$ ) {
|
||||
default_yes_no 'AUTOCOMMENT' , 'Yes';
|
||||
default_yes_no 'MULTICAST' , '';
|
||||
default_yes_no 'MARK_IN_FORWARD_CHAIN' , '';
|
||||
default_yes_no 'RENAME_COMBINED' , 'Yes';
|
||||
|
||||
if ( supplied ( $val = $config{TRACK_RULES} ) ) {
|
||||
if ( lc( $val ) eq 'file' ) {
|
||||
|
@ -217,6 +217,8 @@ PERL_HASH_SEED=0
|
||||
|
||||
REJECT_ACTION=
|
||||
|
||||
RENAME_COMBINED=Yes
|
||||
|
||||
REQUIRE_INTERFACE=Yes
|
||||
|
||||
RESTART=restart
|
||||
|
@ -228,6 +228,8 @@ PERL_HASH_SEED=0
|
||||
|
||||
REJECT_ACTION=
|
||||
|
||||
RENAME_COMBINED=Yes
|
||||
|
||||
REQUIRE_INTERFACE=No
|
||||
|
||||
RESTART=restart
|
||||
|
@ -225,6 +225,8 @@ PERL_HASH_SEED=0
|
||||
|
||||
REJECT_ACTION=
|
||||
|
||||
RENAME_COMBINED=Yes
|
||||
|
||||
REQUIRE_INTERFACE=No
|
||||
|
||||
RESTART=restart
|
||||
|
@ -228,6 +228,8 @@ PERL_HASH_SEED=0
|
||||
|
||||
REJECT_ACTION=
|
||||
|
||||
RENAME_COMBINED=Yes
|
||||
|
||||
REQUIRE_INTERFACE=No
|
||||
|
||||
RESTART=restart
|
||||
|
@ -217,6 +217,8 @@ PERL_HASH_SEED=0
|
||||
|
||||
REJECT_ACTION=
|
||||
|
||||
RENAME_COMBINED=Yes
|
||||
|
||||
REQUIRE_INTERFACE=No
|
||||
|
||||
RESTART=restart
|
||||
|
@ -2447,6 +2447,20 @@ INLINE - - - ;; -j REJECT
|
||||
</listitem>
|
||||
</varlistentry>
|
||||
|
||||
<varlistentry>
|
||||
<term><emphasis role="bold">RENAME_COMBINED=</emphasis>[<emphasis
|
||||
role="bold">Yes</emphasis>|<emphasis role="bold">No</emphasis>]</term>
|
||||
|
||||
<listitem>
|
||||
<para>Added in Shorewall 5.2.0. Traditionally, when OPTIMIZE
|
||||
category 8 is enabled, identical chains are combined under a name
|
||||
beginning with '~comb' or '~blacklist'. This behavior is maintained
|
||||
under the default setting RENAME_COMBINED=Yes. If
|
||||
RENAMED_COMBINED=No, the chains are combined under the original name
|
||||
of one of the chains.</para>
|
||||
</listitem>
|
||||
</varlistentry>
|
||||
|
||||
<varlistentry>
|
||||
<term><emphasis role="bold">REQUIRE_INTERFACE=</emphasis>[<emphasis
|
||||
role="bold">Yes</emphasis>|<emphasis role="bold">No</emphasis>]</term>
|
||||
|
@ -200,6 +200,8 @@ PERL_HASH_SEED=0
|
||||
|
||||
REJECT_ACTION=
|
||||
|
||||
RENAME_COMBINED=Yes
|
||||
|
||||
REQUIRE_INTERFACE=Yes
|
||||
|
||||
RESTART=restart
|
||||
|
@ -201,6 +201,8 @@ PERL_HASH_SEED=0
|
||||
|
||||
REJECT_ACTION=
|
||||
|
||||
RENAME_COMBINED=Yes
|
||||
|
||||
REQUIRE_INTERFACE=No
|
||||
|
||||
RESTART=restart
|
||||
|
@ -200,6 +200,8 @@ PERL_HASH_SEED=0
|
||||
|
||||
REJECT_ACTION=
|
||||
|
||||
RENAME_COMBINED=Yes
|
||||
|
||||
REQUIRE_INTERFACE=No
|
||||
|
||||
RESTART=restart
|
||||
|
@ -200,6 +200,8 @@ PERL_HASH_SEED=0
|
||||
|
||||
REJECT_ACTION=
|
||||
|
||||
RENAME_COMBINED=Yes
|
||||
|
||||
REQUIRE_INTERFACE=No
|
||||
|
||||
RESTART=restart
|
||||
|
@ -200,6 +200,8 @@ PERL_HASH_SEED=0
|
||||
|
||||
REJECT_ACTION=
|
||||
|
||||
RENAME_COMBINED=Yes
|
||||
|
||||
REQUIRE_INTERFACE=No
|
||||
|
||||
RESTART=restart
|
||||
|
Loading…
Reference in New Issue
Block a user