Build $VARDIR/zones file

git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@5616 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb

New/Shorewall/Proxyarp.pm

@@ -32,13 +32,13 @@ use strict;
 our @ISA = qw(Exporter);
 our @EXPORT = qw( 
 		  setup_proxy_arp
-		  @proxyarp
+		  dump_proxy_arp
 		  );
 
 our @EXPORT_OK = qw( );
 our @VERSION = 1.00;
 
-our @proxyarp;
+my @proxyarp;
 
 sub setup_one_proxy_arp( $$$$$ ) {
     my ( $address, $interface, $external, $haveroute, $persistent) = @_;
@@ -128,4 +128,10 @@ fi\n";
     }
 }
 
+sub dump_proxy_arp() {
+    for $line ( @proxyarp ) {
+	emit_unindented $line;
+    }
+}
+
 1;

New/Shorewall/Rules.pm

@@ -44,8 +44,7 @@ our @EXPORT = qw( add_common_rules
 		  process_rules
 		  generate_matrix
 		  setup_mss
-
-		  @rule_chains
+		  dump_rule_chains
 		  );
 our @EXPORT_OK = qw( process_rule process_rule1 );
 our @VERSION = 1.00;
@@ -53,7 +52,7 @@ our @VERSION = 1.00;
 #
 # Keep track of chains for the /var/lib/shorewall[-lite]/chains file
 #
-our @rule_chains;
+my @rule_chains;
 #
 # Set to one if we find a SECTION
 #
@@ -1544,4 +1543,10 @@ sub setup_mss( $ ) {
     add_rule $filter_table->{FORWARD} , "-p tcp --tcp-flags SYN,RST SYN -j TCPMSS $option";
 }
 
+sub dump_rule_chains() {
+    for my $arrayref ( @rule_chains ) {
+	emit_unindented "@$arrayref";
+    }
+}    
+
 1;

New/Shorewall/Zones.pm

@@ -37,6 +37,7 @@ our @EXPORT = qw( NOTHING
 	     
 		  determine_zones
 		  zone_report
+		  dump_zone_contents
 
 		  @zones 
 		  %zones
@@ -304,4 +305,45 @@ sub zone_report()
     }
 }
 
+sub dump_zone_contents() 
+{
+    for my $zone ( @zones )
+    {
+	my $zoneref    = $zones{$zone};
+	my $hostref    = $zoneref->{hosts};
+	my $type       = $zoneref->{type};
+	my $optionref  = $zoneref->{options};
+	my $exclusions = $zoneref->{exclusions};
+	my $entry      =  "$zone $type";
+
+	if ( $hostref ) {
+	    for my $type ( sort keys %$hostref ) {
+		my $interfaceref = $hostref->{$type};
+		
+		for my $interface ( sort keys %$interfaceref ) {
+		    my $arrayref = $interfaceref->{$interface};
+		    for my $groupref ( @$arrayref ) {
+			my $hosts     = $groupref->{hosts};
+			if ( $hosts ) {
+			    my $grouplist = join ',', ( @$hosts );
+			    $entry .= " $interface:$grouplist";
+			}
+		    }
+
+		}
+	    }
+	}
+
+	if ( @$exclusions ) {
+	    $entry .= ' exclude';
+       
+	    for my $host ( @$exclusions ) {
+		$entry .= " $host";
+	    }
+	}   
+	
+	emit_unindented $entry;
+    }
+}
+
 1;

New/compiler.pl

@@ -509,19 +509,21 @@ sub generate_script_2 () {
 sub generate_script_3() {
 
     emit 'cat > ${VARDIR}/proxyarp << __EOF__';
-  
-    for $line ( @proxyarp ) {
-	emit_unindented $line;
-    }
 
+    dump_proxy_arp;
+  
     emit_unindented '__EOF__';
 
     emit 'cat > ${VARDIR}/chains << __EOF__';
-  
-    for my $arrayref ( @rule_chains ) {
-	emit_unindented "@$arrayref";
-    }
 
+    dump_rule_chains;
+    
+    emit_unindented '__EOF__';
+
+    emit 'cat > ${VARDIR}/zones << __EOF__';
+
+    dump_zone_contents;
+    
     emit_unindented '__EOF__';
 
     pop_indent;