mirror of
https://gitlab.com/shorewall/code.git
synced 2024-12-17 03:40:53 +01:00
Final batch of quoting changes for tonight
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@5715 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
This commit is contained in:
parent
f0c92595a3
commit
dd98eab8ee
@ -1407,8 +1407,9 @@ sub emitr( $ ) {
|
||||
|
||||
sub create_netfilter_load() {
|
||||
|
||||
emit 'setup_netfilter()';
|
||||
emit '{';
|
||||
emitj( 'setup_netfilter()',
|
||||
'{'
|
||||
);
|
||||
push_indent;
|
||||
|
||||
for ( values %interfaceaddrs ) {
|
||||
@ -1418,11 +1419,12 @@ sub create_netfilter_load() {
|
||||
emit '';
|
||||
|
||||
if ( $slowstart ) {
|
||||
emit 'TEMPFILE=$(mktempfile)';
|
||||
emit '[ -n "$TEMPFILE" ] || fatal_error "Cannot create temporary file in /tmp"';
|
||||
emit '';
|
||||
emit 'exec 3>>$TEMPFILE';
|
||||
emit '';
|
||||
emitj( 'TEMPFILE=$(mktempfile)',
|
||||
'[ -n "$TEMPFILE" ] || fatal_error "Cannot create temporary file in /tmp"',
|
||||
'',
|
||||
'exec 3>>$TEMPFILE',
|
||||
''
|
||||
);
|
||||
} else {
|
||||
emit 'iptables-restore << __EOF__';
|
||||
$state = CAT_STATE;
|
||||
@ -1464,14 +1466,16 @@ sub create_netfilter_load() {
|
||||
emit '';
|
||||
|
||||
if ( $slowstart ) {
|
||||
emit ' exec 3>&-';
|
||||
emit '';
|
||||
emit 'iptables-restore < $TEMPFILE';
|
||||
emitj( ' exec 3>&-',
|
||||
'',
|
||||
'iptables-restore < $TEMPFILE'
|
||||
);
|
||||
}
|
||||
|
||||
emit 'if [ $? != 0 ]; then';
|
||||
emit ' fatal_error "iptables-restore Failed"';
|
||||
emit "fi\n";
|
||||
emitj( 'if [ $? != 0 ]; then',
|
||||
' fatal_error "iptables-restore Failed"',
|
||||
"fi\n"
|
||||
);
|
||||
|
||||
emit 'rm -f $TEMPFILE' if $slowstart;
|
||||
|
||||
|
@ -82,15 +82,16 @@ sub setup_providers() {
|
||||
sub copy_table( $$ ) {
|
||||
my ( $duplicate, $number ) = @_;
|
||||
|
||||
emit "ip route show table $duplicate | while read net route; do";
|
||||
emit ' case $net in';
|
||||
emit ' default|nexthop)';
|
||||
emit ' ;;';
|
||||
emit ' *)';
|
||||
emit " run_ip route add table $number \$net \$route";
|
||||
emit ' ;;';
|
||||
emit ' esac';
|
||||
emit "done\n";
|
||||
emitj( "ip route show table $duplicate | while read net route; do",
|
||||
' case $net in',
|
||||
' default|nexthop)',
|
||||
' ;;',
|
||||
' *)',
|
||||
" run_ip route add table $number \$net \$route",
|
||||
' ;;',
|
||||
' esac',
|
||||
"done\n"
|
||||
);
|
||||
}
|
||||
|
||||
sub copy_and_edit_table( $$$ ) {
|
||||
@ -221,11 +222,12 @@ sub setup_providers() {
|
||||
fatal_error "Duplicate mark value ( $mark )" if $num == $val;
|
||||
}
|
||||
|
||||
|
||||
emit "qt ip rule del fwmark $mark";
|
||||
my $pref = 10000 + $val;
|
||||
emit "run_ip rule add fwmark $mark pref $pref table $number";
|
||||
emit "echo \"qt ip rule del fwmark $mark\" >> \${VARDIR}/undo_routing";
|
||||
|
||||
emitj( "qt ip rule del fwmark $mark",
|
||||
"run_ip rule add fwmark $mark pref $pref table $number",
|
||||
"echo \"qt ip rule del fwmark $mark\" >> \${VARDIR}/undo_routing"
|
||||
);
|
||||
}
|
||||
|
||||
$providers{$table} = {};
|
||||
@ -265,11 +267,13 @@ sub setup_providers() {
|
||||
" run_ip rule add from \$address pref \$(( $rulebase + \$rulenum )) table $number",
|
||||
" echo \"qt ip rule del from \$address\" >> \${VARDIR}/undo_routing",
|
||||
' rulenum=$(($rulenum + 1))',
|
||||
'done' );
|
||||
'done'
|
||||
);
|
||||
} else {
|
||||
emit "\nfind_interface_addresses $interface | while read address; do";
|
||||
emit ' qt ip rule del from $address';
|
||||
emit 'done';
|
||||
emitj( "\nfind_interface_addresses $interface | while read address; do",
|
||||
' qt ip rule del from $address',
|
||||
'done'
|
||||
);
|
||||
}
|
||||
|
||||
emit "\nprogress_message \" Provider $table ($number) Added\"\n";
|
||||
@ -278,8 +282,9 @@ sub setup_providers() {
|
||||
emit 'else';
|
||||
|
||||
if ( $optional ) {
|
||||
emit " error_message \"WARNING: Interface $interface is not configured -- Provider $table ($number) not Added\"";
|
||||
emit " ${iface}_up=";
|
||||
emitj( " error_message \"WARNING: Interface $interface is not configured -- Provider $table ($number) not Added\"",
|
||||
" ${iface}_up="
|
||||
);
|
||||
} else {
|
||||
emit " fatal_error \"ERROR: Interface $interface is not configured -- Provider $table ($number) Cannot be Added\"";
|
||||
}
|
||||
@ -329,9 +334,10 @@ sub setup_providers() {
|
||||
|
||||
$priority = "priority $priority";
|
||||
|
||||
emit "qt ip rule del $source $dest $priority";
|
||||
emit "run_ip rule add $source $dest $priority table $provider";
|
||||
emit "echo \"qt ip rule del $source $dest $priority\" >> \${VARDIR}/undo_routing";
|
||||
emitj( "qt ip rule del $source $dest $priority",
|
||||
"run_ip rule add $source $dest $priority table $provider",
|
||||
"echo \"qt ip rule del $source $dest $priority\" >> \${VARDIR}/undo_routing"
|
||||
);
|
||||
progress_message " Routing rule \"$line\" $done";
|
||||
}
|
||||
#
|
||||
@ -340,6 +346,7 @@ sub setup_providers() {
|
||||
progress_message2 "$doing $fn ...";
|
||||
|
||||
emit "\nif [ -z \"\$NOROUTES\" ]; then";
|
||||
|
||||
push_indent;
|
||||
|
||||
emitj ( '#',
|
||||
@ -399,6 +406,7 @@ sub setup_providers() {
|
||||
}
|
||||
|
||||
emit 'cat > /etc/iproute2/rt_tables <<EOF';
|
||||
|
||||
emit_unindented join( "\n",
|
||||
'#',
|
||||
'# reserved values',
|
||||
@ -412,8 +420,7 @@ sub setup_providers() {
|
||||
'#',
|
||||
"EOF\n" );
|
||||
|
||||
emit 'echocommand=$(find_echo)';
|
||||
emit '';
|
||||
emit "echocommand=\$(find_echo)\n";
|
||||
|
||||
for my $table ( @providers ) {
|
||||
emit "\$echocommand \"$providers{$table}{number}\\t$table\" >> /etc/iproute2/rt_tables";
|
||||
@ -437,8 +444,7 @@ sub setup_providers() {
|
||||
}
|
||||
}
|
||||
|
||||
emit '';
|
||||
emit 'run_ip route flush cache';
|
||||
emit "\nrun_ip route flush cache";
|
||||
pop_indent;
|
||||
emit "fi\n";
|
||||
|
||||
|
@ -398,18 +398,20 @@ sub setup_traffic_shaping() {
|
||||
|
||||
push_indent;
|
||||
|
||||
emit "${dev}_exists=Yes";
|
||||
emit "qt tc qdisc del dev $device root";
|
||||
emit "qt tc qdisc del dev $device ingress";
|
||||
emit "run_tc qdisc add dev $device root handle $devnum: htb default ${prefix}${defmark}";
|
||||
emit "${dev}_mtu=\$(get_device_mtu $device)";
|
||||
emit "run_tc class add dev $device parent $devnum: classid $devnum:1 htb rate $devref->{out_bandwidth} mtu \$${dev}_mtu";
|
||||
emitj( "${dev}_exists=Yes",
|
||||
"qt tc qdisc del dev $device root",
|
||||
"qt tc qdisc del dev $device ingress",
|
||||
"run_tc qdisc add dev $device root handle $devnum: htb default ${prefix}${defmark}",
|
||||
"${dev}_mtu=\$(get_device_mtu $device)",
|
||||
"run_tc class add dev $device parent $devnum: classid $devnum:1 htb rate $devref->{out_bandwidth} mtu \$${dev}_mtu"
|
||||
);
|
||||
|
||||
my $inband = rate_to_kbit $devref->{in_bandwidth};
|
||||
|
||||
if ( $inband ) {
|
||||
emit "run_tc qdisc add dev $device handle ffff: ingress";
|
||||
emit "run_tc filter add dev $device parent ffff: protocol ip prio 50 u32 match ip src 0.0.0.0/0 police rate ${inband}kbit burst 10k drop flowid :1";
|
||||
emitj( "run_tc qdisc add dev $device handle ffff: ingress",
|
||||
"run_tc filter add dev $device parent ffff: protocol ip prio 50 u32 match ip src 0.0.0.0/0 police rate ${inband}kbit burst 10k drop flowid :1"
|
||||
);
|
||||
}
|
||||
|
||||
$devref->{number} = $devnum++;
|
||||
@ -449,9 +451,10 @@ sub setup_traffic_shaping() {
|
||||
$lastdevice = $device;
|
||||
}
|
||||
|
||||
emit "[ \$${dev}_mtu -gt $quantum ] && quantum=\$${dev}_mtu || quantum=$quantum";
|
||||
emit "run_tc class add dev $device parent $devref->{number}:1 classid $classid htb rate $rate ceil $tcref->{ceiling} prio $tcref->{priority} mtu \$${dev}_mtu quantum \$quantum";
|
||||
emit "run_tc qdisc add dev $device parent $classid handle ${prefix}${mark}: sfq perturb 10";
|
||||
emitj( "[ \$${dev}_mtu -gt $quantum ] && quantum=\$${dev}_mtu || quantum=$quantum",
|
||||
"run_tc class add dev $device parent $devref->{number}:1 classid $classid htb rate $rate ceil $tcref->{ceiling} prio $tcref->{priority} mtu \$${dev}_mtu quantum \$quantum",
|
||||
"run_tc qdisc add dev $device parent $classid handle ${prefix}${mark}: sfq perturb 10"
|
||||
);
|
||||
#
|
||||
# add filters
|
||||
#
|
||||
|
Loading…
Reference in New Issue
Block a user