forked from extern/shorewall_code
Rename clone_rule() to clone_irule()
Signed-off-by: Tom Eastep <teastep@shorewall.net>
This commit is contained in:
Tom Eastep
parent
1a44b66656
commit
00c5985458
@ -47,7 +47,7 @@ our @EXPORT = ( qw(
|
||||
add_ijump
|
||||
insert_rule
|
||||
insert_irule
|
||||
clone_rule
|
||||
clone_irule
|
||||
insert_ijump
|
||||
rule_target
|
||||
clear_rule_target
|
||||
@ -1017,7 +1017,7 @@ sub pop_match( $$ ) {
|
||||
reftype $value ? shift @{$ruleref->{$option}} : $value;
|
||||
}
|
||||
|
||||
sub clone_rule( $ );
|
||||
sub clone_irule( $ );
|
||||
|
||||
sub format_rule( $$;$ ) {
|
||||
my ( $chainref, $rulerefp, $suppresshdr ) = @_;
|
||||
@ -1028,7 +1028,7 @@ sub format_rule( $$;$ ) {
|
||||
#
|
||||
# The code the follows can be destructive of the rule so we clone it
|
||||
#
|
||||
my $ruleref = $rulerefp->{complex} ? clone_rule( $rulerefp ) : $rulerefp;
|
||||
my $ruleref = $rulerefp->{complex} ? clone_irule( $rulerefp ) : $rulerefp;
|
||||
my $nfacct = $rulerefp->{nfacct};
|
||||
my $expensive;
|
||||
|
||||
@ -1250,6 +1250,13 @@ sub add_trule( $$ ) {
|
||||
$ruleref;
|
||||
}
|
||||
|
||||
#
|
||||
# Return the number of ports represented by the passed list
|
||||
#
|
||||
sub port_count( $ ) {
|
||||
( $_[0] =~ tr/,:/,:/ ) + 1;
|
||||
}
|
||||
|
||||
#
|
||||
# Post-process a rule having a port list. Split the rule into multiple rules if necessary
|
||||
# to work within the 15-element limit imposed by iptables/Netfilter.
|
||||
@ -1583,7 +1590,7 @@ sub insert_irule( $$$$;@ ) {
|
||||
# Clone an existing rule. Only the rule hash itself is cloned; reference values are shared between the new rule
|
||||
# reference and the old.
|
||||
#
|
||||
sub clone_rule( $ ) {
|
||||
sub clone_irule( $ ) {
|
||||
my $oldruleref = $_[0];
|
||||
my $newruleref = {};
|
||||
|
||||
@ -4246,13 +4253,6 @@ sub clearrule() {
|
||||
$iprangematch = 0;
|
||||
}
|
||||
|
||||
#
|
||||
# Return the number of ports represented by the passed list
|
||||
#
|
||||
sub port_count( $ ) {
|
||||
( $_[0] =~ tr/,:/,:/ ) + 1;
|
||||
}
|
||||
|
||||
#
|
||||
# Generate a state match
|
||||
#
|
||||
|
||||
@ -1989,18 +1989,18 @@ sub handle_stickiness( $ ) {
|
||||
|
||||
for my $chainref ( $stickyref, $setstickyref ) {
|
||||
if ( $chainref->{name} eq 'sticky' ) {
|
||||
$rule1 = clone_rule( $_ );
|
||||
$rule1 = clone_irule( $_ );
|
||||
|
||||
set_rule_target( $rule1, 'MARK', "--set-mark $mark" );
|
||||
set_rule_option( $rule1, 'recent', "--name $list --update --seconds 300" );
|
||||
|
||||
$rule2 = clone_rule( $_ );
|
||||
$rule2 = clone_irule( $_ );
|
||||
|
||||
clear_rule_target( $rule2 );
|
||||
set_rule_option( $rule2, 'mark', "--mark 0\/$mask" );
|
||||
set_rule_option( $rule2, 'recent', "--name $list --remove" );
|
||||
} else {
|
||||
$rule1 = clone_rule( $_ );
|
||||
$rule1 = clone_irule( $_ );
|
||||
|
||||
clear_rule_target( $rule1 );
|
||||
set_rule_option( $rule1, 'mark', "--mark $mark\/$mask" );
|
||||
@ -2024,18 +2024,18 @@ sub handle_stickiness( $ ) {
|
||||
|
||||
for my $chainref ( $stickoref, $setstickoref ) {
|
||||
if ( $chainref->{name} eq 'sticko' ) {
|
||||
$rule1 = clone_rule $_;
|
||||
$rule1 = clone_irule $_;
|
||||
|
||||
set_rule_target( $rule1, 'MARK', "--set-mark $mark" );
|
||||
set_rule_option( $rule1, 'recent', " --name $list --rdest --update --seconds 300" );
|
||||
|
||||
$rule2 = clone_rule $_;
|
||||
$rule2 = clone_irule $_;
|
||||
|
||||
clear_rule_target( $rule2 );
|
||||
set_rule_option ( $rule2, 'mark', "--mark 0\/$mask" );
|
||||
set_rule_option ( $rule2, 'recent', "--name $list --rdest --remove" );
|
||||
} else {
|
||||
$rule1 = clone_rule $_;
|
||||
$rule1 = clone_irule $_;
|
||||
|
||||
clear_rule_target( $rule1 );
|
||||
set_rule_option ( $rule1, 'mark', "--mark $mark" );
|
||||
|
||||
Loading…
Reference in New Issue
Block a user