Merge branch '4.5.11'

This commit is contained in:
Tom Eastep 2012-12-24 10:30:43 -08:00
commit fca5b75c5b
3 changed files with 28 additions and 21 deletions

View File

@ -406,7 +406,7 @@ sub process_accounting_rule( ) {
sub setup_accounting() { sub setup_accounting() {
if ( my $fn = open_file 'accounting' ) { if ( my $fn = open_file 'accounting', 1, 1 ) {
first_entry "$doing $fn..."; first_entry "$doing $fn...";

View File

@ -497,6 +497,7 @@ our $max_format; # Max format value
our $comment; # Current COMMENT our $comment; # Current COMMENT
our @comments; our @comments;
our $comments_allowed; our $comments_allowed;
our $nocomment;
our $warningcount; our $warningcount;
our $warningcount1; our $warningcount1;
our $warningcount2; our $warningcount2;
@ -922,6 +923,7 @@ sub initialize( $;$$) {
$first_entry = 0; # Message to output or function to call on first non-blank file entry $first_entry = 0; # Message to output or function to call on first non-blank file entry
$max_format = 1; $max_format = 1;
$comments_allowed = 0; $comments_allowed = 0;
$nocomment = 0;
$shorewall_dir = ''; #Shorewall Directory $shorewall_dir = ''; #Shorewall Directory
@ -2004,7 +2006,7 @@ sub do_open_file( $ ) {
$currentfilename = $fname; $currentfilename = $fname;
} }
sub open_file( $;$$ ) { sub open_file( $;$$$ ) {
my $fname = find_file $_[0]; my $fname = find_file $_[0];
assert( ! defined $currentfile ); assert( ! defined $currentfile );
@ -2014,6 +2016,7 @@ sub open_file( $;$$ ) {
$file_format = 1; $file_format = 1;
$max_format = supplied $_[1] ? $_[1] : 1; $max_format = supplied $_[1] ? $_[1] : 1;
$comments_allowed = supplied $_[2] ? $_[2] : 0; $comments_allowed = supplied $_[2] ? $_[2] : 0;
$nocomment = supplied $_[3] ? $_[3] && no_comment : 0;
do_open_file $fname;; do_open_file $fname;;
} else { } else {
$ifstack = @ifstack; $ifstack = @ifstack;
@ -2034,10 +2037,11 @@ sub pop_include() {
} }
if ( $arrayref ) { if ( $arrayref ) {
( $currentfile, $currentfilename, $currentlinenumber, $ifstack, $file_format, $max_format ) = @$arrayref; ( $currentfile, $currentfilename, $currentlinenumber, $ifstack, $file_format, $max_format, $nocomment ) = @$arrayref;
} else { } else {
$currentfile = undef; $currentfile = undef;
$currentlinenumber = 'EOF'; $currentlinenumber = 'EOF';
$nocomment = $comment = 0;
} }
} }
@ -2270,11 +2274,13 @@ sub process_compiler_directive( $$$$ ) {
COMMENT => sub() { COMMENT => sub() {
unless ( $omitting ) { unless ( $omitting ) {
if ( $comments_allowed ) { if ( $comments_allowed ) {
if ( have_capability( 'COMMENTS' ) ) { unless ( $nocomment ) {
( $comment = $line ) =~ s/^\s*\?COMMENT\s*//; if ( have_capability( 'COMMENTS' ) ) {
$comment =~ s/\s*$//; ( $comment = $line ) =~ s/^\s*\?COMMENT\s*//;
} else { $comment =~ s/\s*$//;
directive_warning( "COMMENTs ignored -- require comment support in iptables/Netfilter" , $filename, $linenumber ) unless $warningcount++; } else {
directive_warning( "COMMENTs ignored -- require comment support in iptables/Netfilter" , $filename, $linenumber ) unless $warningcount++;
}
} }
} else { } else {
directive_error ( "?COMMENT is not allowed in this file", $filename, $linenumber ); directive_error ( "?COMMENT is not allowed in this file", $filename, $linenumber );
@ -2423,7 +2429,7 @@ sub copy1( $ ) {
fatal_error "Directory ($filename) not allowed in INCLUDE" if -d _; fatal_error "Directory ($filename) not allowed in INCLUDE" if -d _;
if ( -s _ ) { if ( -s _ ) {
push @includestack, [ $currentfile, $currentfilename, $currentlinenumber, $ifstack, $file_format, $max_format ]; push @includestack, [ $currentfile, $currentfilename, $currentlinenumber, $ifstack, $file_format, $max_format, $nocomment ];
$currentfile = undef; $currentfile = undef;
do_open_file $filename; do_open_file $filename;
} else { } else {
@ -2559,14 +2565,14 @@ EOF
# The following two functions allow module clients to nest opens. This happens frequently # The following two functions allow module clients to nest opens. This happens frequently
# in the Rules module. # in the Rules module.
# #
sub push_open( $;$$ ) { sub push_open( $;$$$ ) {
my ( $file, $max , $ca) = @_; my ( $file, $max , $ca, $nc ) = @_;
push @includestack, [ $currentfile, $currentfilename, $currentlinenumber, $ifstack, $file_format, $max_format ] if $currentfile; push @includestack, [ $currentfile, $currentfilename, $currentlinenumber, $ifstack, $file_format, $max_format, $nocomment ] if $currentfile;
my @a = @includestack; my @a = @includestack;
push @openstack, \@a; push @openstack, \@a;
@includestack = (); @includestack = ();
$currentfile = undef; $currentfile = undef;
open_file( $file , $max, $comments_allowed || $ca ); open_file( $file , $max, $comments_allowed || $ca, $nc );
} }
sub pop_open() { sub pop_open() {
@ -2644,7 +2650,7 @@ sub embedded_shell( $ ) {
$command .= q('); $command .= q(');
push @includestack, [ $currentfile, $currentfilename, $currentlinenumber, $ifstack , $file_format, $max_format ]; push @includestack, [ $currentfile, $currentfilename, $currentlinenumber, $ifstack , $file_format, $max_format, $nocomment ];
$currentfile = undef; $currentfile = undef;
open $currentfile , '-|', $command or fatal_error qq(Shell Command failed); open $currentfile , '-|', $command or fatal_error qq(Shell Command failed);
$currentfilename = "SHELL\@$currentfilename:$currentlinenumber"; $currentfilename = "SHELL\@$currentfilename:$currentlinenumber";
@ -2706,7 +2712,7 @@ sub embedded_perl( $ ) {
$perlscript = undef; $perlscript = undef;
push @includestack, [ $currentfile, $currentfilename, $currentlinenumber , $ifstack , $file_format, $max_format ]; push @includestack, [ $currentfile, $currentfilename, $currentlinenumber , $ifstack , $file_format, $max_format, $nocomment ];
$currentfile = undef; $currentfile = undef;
open $currentfile, '<', $perlscriptname or fatal_error "Unable to open Perl Script $perlscriptname"; open $currentfile, '<', $perlscriptname or fatal_error "Unable to open Perl Script $perlscriptname";
@ -2993,7 +2999,7 @@ sub read_a_line($) {
fatal_error "Directory ($filename) not allowed in INCLUDE" if -d _; fatal_error "Directory ($filename) not allowed in INCLUDE" if -d _;
if ( -s _ ) { if ( -s _ ) {
push @includestack, [ $currentfile, $currentfilename, $currentlinenumber, $ifstack , $file_format, $max_format ]; push @includestack, [ $currentfile, $currentfilename, $currentlinenumber, $ifstack , $file_format, $max_format, $nocomment ];
$currentfile = undef; $currentfile = undef;
do_open_file $filename; do_open_file $filename;
} else { } else {

View File

@ -1636,13 +1636,14 @@ sub process_macro ($$$$$$$$$$$$$$$$$$$) {
my $generated = 0; my $generated = 0;
macro_comment $macro;
my $macrofile = $macros{$macro}; my $macrofile = $macros{$macro};
progress_message "..Expanding Macro $macrofile..."; progress_message "..Expanding Macro $macrofile...";
push_open $macrofile, 2; push_open $macrofile, 2, 1, 1;
macro_comment $macro;
while ( read_a_line( NORMAL_READ ) ) { while ( read_a_line( NORMAL_READ ) ) {
@ -1760,8 +1761,6 @@ sub process_inline ($$$$$$$$$$$$$$$$$$$$) {
my $generated = 0; my $generated = 0;
macro_comment $inline;
my ( $level, $tag ) = split( ':', $loglevel, 2 ); my ( $level, $tag ) = split( ':', $loglevel, 2 );
my $oldparms = push_action_params( $chainref, my $oldparms = push_action_params( $chainref,
@ -1774,7 +1773,9 @@ sub process_inline ($$$$$$$$$$$$$$$$$$$$) {
progress_message "..Expanding inline action $inlinefile..."; progress_message "..Expanding inline action $inlinefile...";
push_open $inlinefile, 2; push_open $inlinefile, 2, 1, 1;
macro_comment $inline;
while ( read_a_line( NORMAL_READ ) ) { while ( read_a_line( NORMAL_READ ) ) {
my ( $mtarget, my ( $mtarget,