From db0f52c7853229c499f821e4812d6003896edee4 Mon Sep 17 00:00:00 2001 From: teastep Date: Sat, 24 Mar 2007 21:12:10 +0000 Subject: [PATCH] Some inconsequential cleanup git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@5672 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb --- New/Shorewall/Actions.pm | 15 +++++---------- New/releasenotes.txt | 26 +++++++++++++++++++++++++- 2 files changed, 30 insertions(+), 11 deletions(-) diff --git a/New/Shorewall/Actions.pm b/New/Shorewall/Actions.pm index abd7ac220..2fd4c49e9 100644 --- a/New/Shorewall/Actions.pm +++ b/New/Shorewall/Actions.pm @@ -143,11 +143,11 @@ sub new_action( $ ) { } # -# Add an entry to the requiredby hash +# Record a 'requires' relationship between a pair of actions. # sub add_requiredby ( $$ ) { - my ($requires , $requiredby ) = @_; - $actions{$requiredby}{requires}{$requires} = 1; + my ($requiredby , $requires ) = @_; + $actions{$requires}{requires}{$requiredby} = 1; } # @@ -159,15 +159,10 @@ sub add_requiredby ( $$ ) { # set CHAIN to the name of the iptables chain where rules are to be added. # Similarly, LEVEL and TAG contain the log level and log tag respectively. # -# For each , we maintain two variables: -# -# _actchain - The action chain number. -# _chains - List of ( level[:tag] , chainname ) pairs -# # The maximum length of a chain name is 30 characters -- since the log # action chain name is 2-3 characters longer than the base chain name, # this function truncates the original chain name where necessary before -# it adds the leading "%" and trailing sequence number.# +# it adds the leading "%" and trailing sequence number. # sub createlogactionchain( $$ ) { my ( $action, $level ) = @_; @@ -388,6 +383,7 @@ sub process_actions2 () { # Generate chain for non-builtin action invocation # sub process_action3( $$$$$ ) { + my ( $chainref, $wholeaction, $action, $level, $tag ) = @_; # # This function is called to process each rule generated from an action file. # @@ -408,7 +404,6 @@ sub process_action3( $$$$$ ) { '' ); } - my ( $chainref, $wholeaction, $action, $level, $tag ) = @_; my $actionfile = find_file "action.$action"; my $standard = ( $actionfile =~ /^($env{SHAREDIR})/ ); diff --git a/New/releasenotes.txt b/New/releasenotes.txt index 2b3394e05..292db9a4f 100644 --- a/New/releasenotes.txt +++ b/New/releasenotes.txt @@ -3,6 +3,30 @@ Shorewall-pl 3.9.0 This companion product to Shorewall 3.4.2 and later includes a complete rewrite of the compiler in Perl. +Shorewall-pl depends on Shorewall (3.4.2 or later). So if you want to use the +new compiler, you must install both Shorewall and Shorewall-pl. + +Even if you install Shorewall-pl, you have a choice of which compiler you use. +The choice is specified in the shorewall.conf file so you can select the +compiler to use on a system-by-system basis when running Shorewall Lite on +remote systems. + +I decided to make Shorewall-pl a separate product for several reasons: + +a) Embedded applications are unlikely to adopt Shorewall-pl; even Mini-Perl +has a substantial disk and Ram footprint. + +b) Because of the gross incompatibilities between the new compiler and the +old (see below), migration to the new compiler must be voluntary. + +c) By allowing Shorewall-pl to co-exist with the current Shorewall stable +release (3.4), I'm hoping that the new compiler will get more testing and +validation than it would if I were to package it with a new development +version of Shorewall itself. + +d) Along the same vein, I think that users will be more likely to experiment +with the new compiler if they can easily fall back to the old one if things +get sticky. The good news: @@ -99,7 +123,7 @@ variables that you set or create. To actually use the new compiler, add this to shorewall.conf: - SHOREWALL4=Yes + SHOREWALL_PL=Yes If you add this setting to /etc/shorewall/shorewall.conf then by default, the new compiler will be used on the system. If you add it to