From e756820ca16dd6dd96be039410a07ce825390cb4 Mon Sep 17 00:00:00 2001
From: Tom Eastep <teastep@shorewall.net>
Date: Tue, 26 Jan 2016 11:49:26 -0800
Subject: [PATCH] Revert "Unify TRACK_RULES settings implementation"

This reverts commit 866cb04cbb368580d38fae6ba4f59c8a1e183f45.
---
 Shorewall/Perl/Shorewall/Chains.pm | 35 ++++++++++--------------------
 Shorewall/Perl/Shorewall/Config.pm | 30 +++++++++++++++++++++----
 Shorewall/Perl/Shorewall/Zones.pm  |  4 ++--
 3 files changed, 39 insertions(+), 30 deletions(-)

diff --git a/Shorewall/Perl/Shorewall/Chains.pm b/Shorewall/Perl/Shorewall/Chains.pm
index 026447ed0..0112d5b67 100644
--- a/Shorewall/Perl/Shorewall/Chains.pm
+++ b/Shorewall/Perl/Shorewall/Chains.pm
@@ -919,7 +919,7 @@ sub set_rule_option( $$$ ) {
 
 sub transform_rule( $;\$ ) {
     my ( $input, $completeref ) = @_;
-    my $ruleref  = { mode => CAT_MODE, matches => [], target => '' , origin => shortlineinfo( '' ) };
+    my $ruleref  = { mode => CAT_MODE, matches => [], target => '' , origin => shortlineinfo1( '' ) };
     my $simple   = 1;
     my $target   = '';
     my $jump     = '';
@@ -1243,19 +1243,6 @@ sub add_commands ( $$;@ ) {
     $chainref->{optflags} |= ( DONT_OPTIMIZE | DONT_MOVE );
 }
 
-sub set_rule_comment( $$ ) {
-    my ( $chainref, $ruleref ) = @_;
-
-    if ( $config{TRACK_RULES} eq 'Yes' && ( $ruleref->{origin} ||= $chainref->{origin} ) ) {
-	if ( length( my $origin = join( ' ', '@@@' , $ruleref->{origin}, '@@@' ) ) <= 255 ) {
-	    $ruleref->{comment} = $origin;
-	} else {
-	    $ruleref->{comment} = $comment;
-	}
-    } else {
-	$ruleref->{comment} = $comment;
-    }
-}
 #
 # Transform the passed rule and add it to the end of the passed chain's rule list.
 #
@@ -1267,9 +1254,8 @@ sub push_rule( $$ ) {
     my $complete = 0;
     my $ruleref  = transform_rule( $_[1], $complete );
 
-    set_rule_comment( $chainref, $ruleref );
-
-    $ruleref->{mode} = CMD_MODE if $ruleref->{cmdlevel} = $chainref->{cmdlevel};
+    $ruleref->{comment} = shortlineinfo($chainref->{origin}) || $comment;
+    $ruleref->{mode}    = CMD_MODE if $ruleref->{cmdlevel} = $chainref->{cmdlevel};
 
     push @{$chainref->{rules}}, $ruleref;
     $chainref->{referenced} = 1;
@@ -1489,7 +1475,7 @@ sub create_irule( $$$;@ ) {
 
     ( $target, my $targetopts ) = split ' ', $target, 2;
 
-    my $ruleref = { matches => [] , origin => shortlineinfo( '' ) };
+    my $ruleref = { matches => [] , origin => shortlineinfo1( '' ) };
 
     $ruleref->{mode} = ( $ruleref->{cmdlevel} = $chainref->{cmdlevel} ) ? CMD_MODE : CAT_MODE;
 
@@ -1502,7 +1488,7 @@ sub create_irule( $$$;@ ) {
 	$ruleref->{target} = '';
     }
 
-    set_rule_comment( $chainref, $ruleref );
+    $ruleref->{comment} = shortlineinfo($chainref->{origin}) || $ruleref->{comment} || $comment;
 
     $iprangematch = 0;
 
@@ -1658,7 +1644,7 @@ sub insert_rule1($$$)
 
     my $ruleref = transform_rule( $rule );
 
-    set_rule_comment( $chainref, $ruleref );
+    $ruleref->{comment} = shortlineinfo($chainref->{origin}) || $comment;
 
     assert( ! ( $ruleref->{cmdlevel} = $chainref->{cmdlevel}) , $chainref->{name} );
     $ruleref->{mode} = CAT_MODE;
@@ -1684,7 +1670,7 @@ sub insert_irule( $$$$;@ ) {
     my ( $chainref, $jump, $target, $number, @matches ) = @_;
 
     my $rulesref = $chainref->{rules};
-    my $ruleref  = { origin => shortlineinfo( '' ) };
+    my $ruleref  = { origin => shortlineinfo1( '' ) };
 
     $ruleref->{mode} = ( $ruleref->{cmdlevel} = $chainref->{cmdlevel} ) ? CMD_MODE : CAT_MODE;
 
@@ -1700,7 +1686,8 @@ sub insert_irule( $$$$;@ ) {
 	$chainref->{optflags} |= push_matches( $ruleref, @matches );
     }
 
-    set_rule_comment( $chainref, $ruleref );
+    
+    $ruleref->{comment} = shortlineinfo( $chainref->{origin} ) || $ruleref->{comment} || $comment;
 
     if ( $number >= @$rulesref ) {
 	#
@@ -2315,7 +2302,7 @@ sub new_chain($$)
 		     references     => {},
 		     filtered       => 0,
 		     optflags       => 0,
-		     origin         => shortlineinfo( '' ),
+		     origin         => shortlineinfo1( '' ) || shortlineinfo( '' ),
 		   };
 
     trace( $chainref, 'N', undef, '' ) if $debug;
@@ -7944,7 +7931,7 @@ sub emitr( $$ ) {
 	    #
 	    enter_cat_mode unless $mode == CAT_MODE;
 
-	    if ( ( my $origin = $ruleref->{origin} ) && $config{TRACK_RULES} eq 'file' ) {
+	    if ( my $origin = $ruleref->{origin} ) {
 		emit_unindented '# ' . $origin;
 	    }
 
diff --git a/Shorewall/Perl/Shorewall/Config.pm b/Shorewall/Perl/Shorewall/Config.pm
index 49a20cccf..2dd938be4 100644
--- a/Shorewall/Perl/Shorewall/Config.pm
+++ b/Shorewall/Perl/Shorewall/Config.pm
@@ -52,6 +52,8 @@ our @EXPORT = qw(
 		 assert
 		 currentlineinfo
 		 shortlineinfo
+		 shortlineinfo1
+		 shortlineinfo2
 		 clear_currentfilename
 		 validate_level
 
@@ -1209,8 +1211,24 @@ sub shortlineinfo2() {
     }
 }
 
+sub shortlineinfo1( $ ) {
+    $globals{TRACK_RULES} ? $currentfile ? shortlineinfo2 : $_[0] || '' : '';
+}
+
 sub shortlineinfo( $ ) {
-    ( $config{TRACK_RULES} ? shortlineinfo2 || $_[0] : $_[0] ) || '';
+    if ( $config{TRACK_RULES} ) {
+	if ( $currentfile ) {
+	    my $comment = '@@@ '. join( ':', $currentfilename, $currentlinenumber ) . ' @@@';
+	    $comment = '@@@ ' . join( ':' , basename($currentfilename), $currentlinenumber) . ' @@@' if length $comment > 255;
+	    $comment = '@@@ Filename Too Long @@@' if length $comment > 255;
+	    $comment;
+	} else {
+	    #
+	    # Alternate lineinfo may have been passed
+	    #
+	    $_[0] || ''
+	}
+    }
 }
 
 sub handle_first_entry();
@@ -5820,11 +5838,15 @@ sub get_configuration( $$$$ ) {
     default_yes_no 'CHAIN_SCRIPTS'              , 'Yes';
 
     if ( supplied ( $val = $config{TRACK_RULES} ) ) {
-	if ( lc( $val ) ne 'file' ) {
+	if ( lc( $val ) eq 'file' ) {
+	    $globals{TRACK_RULES} = 'Yes';
+	    $config{TRACK_RULES}  = '';
+	} else {
 	    default_yes_no 'TRACK_RULES'        , '';
+	    $globals{TRACK_RULES} = '';
 	}
     } else {
-	$config{TRACK_RULES} = '';
+	default_yes_no 'TRACK_RULES'            , '';
     }
 
     %origin = () unless $globals{TRACK_RULES};
@@ -5850,7 +5872,7 @@ sub get_configuration( $$$$ ) {
 	$config{REJECT_ACTION} = '';
     }
 
-    require_capability 'COMMENTS', 'TRACK_RULES=Yes', 's' if $config{TRACK_RULES} eq 'Yes';
+    require_capability 'COMMENTS', 'TRACK_RULES=Yes', 's' if $config{TRACK_RULES};
 
     default_yes_no 'MANGLE_ENABLED'             , have_capability( 'MANGLE_ENABLED' ) ? 'Yes' : '';
     default_yes_no 'USE_DEFAULT_RT'             , '';
diff --git a/Shorewall/Perl/Shorewall/Zones.pm b/Shorewall/Perl/Shorewall/Zones.pm
index efc5eedb4..44fa74b43 100644
--- a/Shorewall/Perl/Shorewall/Zones.pm
+++ b/Shorewall/Perl/Shorewall/Zones.pm
@@ -894,7 +894,7 @@ sub add_group_to_zone($$$$$$)
 			     hosts   => \@newnetworks,
 			     ipsec   => $type & IPSEC ? 'ipsec' : 'none' ,
 			     exclusions => \@exclusions ,
-			     origin  => shortlineinfo( '' ) ,
+			     origin  => shortlineinfo1( '' ) ,
                             };
 
     if ( $type != IPSEC ) {
@@ -1397,7 +1397,7 @@ sub process_interface( $$ ) {
 						       physical   => $physical ,
 						       base       => var_base( $physical ),
 						       zones      => {},
-						       origin     => shortlineinfo(''),
+						       origin     => shortlineinfo1('') || shortlineinfo( '' ),
 						       wildcard   => $wildcard,
 						     };