2007-03-15 22:55:22 +01:00
|
|
|
#
|
2007-06-11 21:39:30 +02:00
|
|
|
# Shorewall-perl 4.0 -- /usr/share/shorewall-perl/Shorewall/Macros.pm
|
2007-03-15 22:55:22 +01:00
|
|
|
#
|
|
|
|
# This program is under GPL [http://www.gnu.org/copyleft/gpl.htm]
|
|
|
|
#
|
|
|
|
# (c) 2007 - Tom Eastep (teastep@shorewall.net)
|
|
|
|
#
|
|
|
|
# Complete documentation is available at http://shorewall.net
|
|
|
|
#
|
|
|
|
# This program is free software; you can redistribute it and/or modify
|
|
|
|
# it under the terms of Version 2 of the GNU General Public License
|
|
|
|
# as published by the Free Software Foundation.
|
|
|
|
#
|
|
|
|
# This program is distributed in the hope that it will be useful,
|
|
|
|
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
# GNU General Public License for more details.
|
|
|
|
#
|
|
|
|
# You should have received a copy of the GNU General Public License
|
|
|
|
# along with this program; if not, write to the Free Software
|
|
|
|
# Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA
|
|
|
|
#
|
2007-04-19 01:55:25 +02:00
|
|
|
# This module exports some low-level module-oriented functions.
|
2007-03-15 22:55:22 +01:00
|
|
|
#
|
2007-03-15 03:46:00 +01:00
|
|
|
package Shorewall::Macros;
|
|
|
|
require Exporter;
|
|
|
|
use Shorewall::Common;
|
|
|
|
use Shorewall::Config;
|
|
|
|
use Shorewall::Zones;
|
|
|
|
use Shorewall::Chains;
|
|
|
|
|
|
|
|
use strict;
|
|
|
|
|
|
|
|
our @ISA = qw(Exporter);
|
|
|
|
our @EXPORT = qw( find_macro
|
2007-04-08 16:42:26 +02:00
|
|
|
split_action
|
2007-05-12 20:13:11 +02:00
|
|
|
substitute_param
|
2007-04-08 16:42:26 +02:00
|
|
|
merge_macro_source_dest
|
2007-03-15 03:46:00 +01:00
|
|
|
merge_macro_column
|
|
|
|
|
|
|
|
%macros );
|
2007-06-14 16:58:48 +02:00
|
|
|
our @EXPORT_OK = qw( initialize );
|
2007-03-15 03:46:00 +01:00
|
|
|
our @VERSION = 1.00;
|
|
|
|
|
|
|
|
|
|
|
|
our %macros;
|
|
|
|
|
2007-06-15 00:07:45 +02:00
|
|
|
#
|
|
|
|
# Initialize globals -- we take this novel approach to globals initialization to allow
|
|
|
|
# the compiler to run multiple times in the same process. The
|
|
|
|
# initialize() function does globals initialization for this
|
|
|
|
# module and is called from an INIT block below. The function is
|
|
|
|
# also called by Shorewall::Compiler::compiler at the beginning of
|
|
|
|
# the second and subsequent calls to that function.
|
|
|
|
#
|
|
|
|
|
2007-06-14 01:02:39 +02:00
|
|
|
sub initialize() {
|
|
|
|
%macros = ();
|
|
|
|
}
|
|
|
|
|
|
|
|
INIT {
|
|
|
|
initialize;
|
|
|
|
}
|
|
|
|
|
2007-03-15 03:46:00 +01:00
|
|
|
#
|
|
|
|
# Try to find a macro file -- RETURNS false if the file doesn't exist or MACRO if it does.
|
|
|
|
# If the file exists, the macro is entered into the 'targets' table and the fully-qualified
|
|
|
|
# name of the file is stored in the 'macro' table.
|
|
|
|
#
|
|
|
|
sub find_macro( $ )
|
|
|
|
{
|
|
|
|
my $macro = $_[0];
|
|
|
|
my $macrofile = find_file "macro.$macro";
|
|
|
|
|
|
|
|
if ( -f $macrofile ) {
|
|
|
|
$macros{$macro} = $macrofile;
|
|
|
|
$targets{$macro} = MACRO;
|
2007-05-12 21:30:52 +02:00
|
|
|
} else {
|
|
|
|
0;
|
2007-03-15 03:46:00 +01:00
|
|
|
}
|
2007-03-27 01:17:46 +02:00
|
|
|
}
|
2007-03-15 03:46:00 +01:00
|
|
|
|
2007-03-26 22:10:59 +02:00
|
|
|
#
|
2007-04-08 16:42:26 +02:00
|
|
|
# Return ( action, level[:tag] ) from passed full action
|
2007-03-26 22:10:59 +02:00
|
|
|
#
|
|
|
|
sub split_action ( $ ) {
|
|
|
|
my $action = $_[0];
|
2007-05-17 16:10:46 +02:00
|
|
|
my @a = split( /:/ , $action, 4 );
|
2007-03-30 04:05:11 +02:00
|
|
|
fatal_error "Invalid ACTION ($action)" if ( $action =~ /::/ ) || ( @a > 3 );
|
2007-03-26 22:10:59 +02:00
|
|
|
( shift @a, join ":", @a );
|
|
|
|
}
|
|
|
|
|
|
|
|
#
|
2007-03-15 03:46:00 +01:00
|
|
|
# This function substitutes the second argument for the first part of the first argument up to the first colon (":")
|
|
|
|
#
|
|
|
|
# Example:
|
|
|
|
#
|
2007-05-12 20:13:11 +02:00
|
|
|
# substitute_param DNAT PARAM:info:FTP
|
2007-03-15 03:46:00 +01:00
|
|
|
#
|
|
|
|
# produces "DNAT:info:FTP"
|
|
|
|
#
|
2007-05-12 20:13:11 +02:00
|
|
|
sub substitute_param( $$ ) {
|
2007-03-15 03:46:00 +01:00
|
|
|
my ( $param, $action ) = @_;
|
|
|
|
|
|
|
|
if ( $action =~ /:/ ) {
|
|
|
|
my $logpart = (split_action $action)[1];
|
|
|
|
$logpart =~ s!/$!!;
|
|
|
|
return "$param:$logpart";
|
|
|
|
}
|
|
|
|
|
|
|
|
$param;
|
|
|
|
}
|
|
|
|
|
|
|
|
#
|
|
|
|
# Combine fields from a macro body with one from the macro invocation
|
|
|
|
#
|
|
|
|
sub merge_macro_source_dest( $$ ) {
|
|
|
|
my ( $body, $invocation ) = @_;
|
|
|
|
|
|
|
|
if ( $invocation ) {
|
|
|
|
if ( $body ) {
|
|
|
|
return $body if $invocation eq '-';
|
|
|
|
return "$body:$invocation" if $invocation =~ /.*?\.*?\.|^\+|^~|^!~/;
|
|
|
|
return "$invocation:$body";
|
|
|
|
}
|
2007-05-02 01:39:38 +02:00
|
|
|
|
|
|
|
return $invocation;
|
2007-03-15 03:46:00 +01:00
|
|
|
}
|
2007-03-27 01:17:46 +02:00
|
|
|
|
2007-03-15 03:46:00 +01:00
|
|
|
$body || '';
|
|
|
|
}
|
|
|
|
|
|
|
|
sub merge_macro_column( $$ ) {
|
|
|
|
my ( $body, $invocation ) = @_;
|
|
|
|
|
2007-05-02 01:04:30 +02:00
|
|
|
if ( defined $invocation && $invocation ne '' && $invocation ne '-' ) {
|
|
|
|
$invocation;
|
2007-03-15 03:46:00 +01:00
|
|
|
} else {
|
2007-05-02 01:40:37 +02:00
|
|
|
$body;
|
2007-03-15 03:46:00 +01:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
1;
|