extern/shorewall_code
1
0
Fork 1
mirror of https://gitlab.com/shorewall/code.git synced 2025-06-19 17:28:35 +02:00
Code Issues Packages Projects Releases Wiki Activity

Move a function; don't export %policy_actions

Browse Source
This commit is contained in:
Tom Eastep 2010-12-31 16:58:06 -08:00
parent e1b4e345fb
commit fc2d76aa7a
2 changed files with 55 additions and 48 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
Shorewall/Perl/Shorewall/Policy.pm
View File

@ -31,7 +31,7 @@ use Shorewall::Chains qw( :DEFAULT :internal) ;
use strict; use strict;
our @ISA = qw(Exporter); our @ISA = qw(Exporter);
our @EXPORT = qw( validate_policy apply_policy_rules complete_standard_chain setup_syn_flood_chains save_policies optimize_policy_chains get_target_param %policy_actions ); our @EXPORT = qw( validate_policy apply_policy_rules complete_standard_chain setup_syn_flood_chains save_policies optimize_policy_chains get_target_param policy_actions );
our @EXPORT_OK = qw( ); our @EXPORT_OK = qw( );
our $VERSION = '4.4_16'; our $VERSION = '4.4_16';
@ -67,6 +67,13 @@ sub get_target_param( $ ) {
( $target, $param ); ( $target, $param );
} }
#
# Return a list of actions used by the policies
#
sub policy_actions() {
keys %policy_actions;
}
# #
# Convert a chain into a policy chain. # Convert a chain into a policy chain.
# #

94
Shorewall/Perl/Shorewall/Rules.pm
View File

@ -602,6 +602,52 @@ my %builtinops = ( 'dropBcast' => \&dropBcast,
'forwardUPnP' => \&forwardUPnP, 'forwardUPnP' => \&forwardUPnP,
'Limit' => \&Limit, ); 'Limit' => \&Limit, );
#
# This function is called prior to processing of the policy file. It:
#
# - Adds the builtin actions to the target table
# - Reads actions.std and actions (in that order) and for each entry:
# o Adds the action to the target table
# o Verifies that the corresponding action file exists
#
sub process_actions1() {
progress_message2 "Locating Action Files...";
#
# Add built-in actions to the target table and create those actions
#
$targets{$_} = new_action( $_ , ACTION + BUILTIN ) for @builtins;
for my $file ( qw/actions.std actions/ ) {
open_file $file;
while ( read_a_line ) {
my ( $action ) = split_line 1, 1, 'action file';
if ( $action =~ /:/ ) {
warning_message 'Default Actions are now specified in /etc/shorewall/shorewall.conf';
$action =~ s/:.*$//;
}
next unless $action;
if ( $targets{$action} ) {
warning_message "Duplicate Action Name ($action) Ignored" unless $targets{$action} & ACTION;
next;
}
fatal_error "Invalid Action Name ($action)" unless "\L$action" =~ /^[a-z]\w*$/;
new_action $action, ACTION;
my $actionfile = find_file "action.$action";
fatal_error "Missing Action File ($actionfile)" unless -f $actionfile;
}
}
}
sub process_rule1 ( $$$$$$$$$$$$$$$$ ); sub process_rule1 ( $$$$$$$$$$$$$$$$ );
# #
@ -677,59 +723,13 @@ sub process_action( $) {
pop_params( $oldparms ); pop_params( $oldparms );
} }
#
# This function is called prior to processing of the policy file. It:
#
# - Adds the builtin actions to the target table
# - Reads actions.std and actions (in that order) and for each entry:
# o Adds the action to the target table
# o Verifies that the corresponding action file exists
#
sub process_actions1() {
progress_message2 "Locating Action Files...";
#
# Add built-in actions to the target table and create those actions
#
$targets{$_} = new_action( $_ , ACTION + BUILTIN ) for @builtins;
for my $file ( qw/actions.std actions/ ) {
open_file $file;
while ( read_a_line ) {
my ( $action ) = split_line 1, 1, 'action file';
if ( $action =~ /:/ ) {
warning_message 'Default Actions are now specified in /etc/shorewall/shorewall.conf';
$action =~ s/:.*$//;
}
next unless $action;
if ( $targets{$action} ) {
warning_message "Duplicate Action Name ($action) Ignored" unless $targets{$action} & ACTION;
next;
}
fatal_error "Invalid Action Name ($action)" unless "\L$action" =~ /^[a-z]\w*$/;
new_action $action, ACTION;
my $actionfile = find_file "action.$action";
fatal_error "Missing Action File ($actionfile)" unless -f $actionfile;
}
}
}
# #
# This function creates and populates the chains for the policy actions. # This function creates and populates the chains for the policy actions.
# #
sub process_actions2 () { sub process_actions2 () {
progress_message2 "$doing policy actions..."; progress_message2 "$doing policy actions...";
for ( map normalize_action_name $_, ( grep ! ( $targets{$_} & BUILTIN ), keys %policy_actions ) ) { for ( map normalize_action_name $_, ( grep ! ( $targets{$_} & BUILTIN ), policy_actions ) ) {
if ( my $ref = use_action( $_ ) ) { if ( my $ref = use_action( $_ ) ) {
process_action( $ref ); process_action( $ref );
} }