forked from extern/shorewall_code
Allow addition of blackhole routes.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
This commit is contained in:
parent
216029c3a9
commit
06e7f297f7
@ -1104,7 +1104,11 @@ sub add_a_route( ) {
|
||||
fatal_error 'DEST must be specified' if $dest eq '-';
|
||||
$dest = validate_net ( $dest, 0 );
|
||||
|
||||
if ( $gateway eq 'blackhole' ) {
|
||||
fatal_error q('blackhole' routes may not specify a DEVICE) unless $device eq '-';
|
||||
} else {
|
||||
validate_address ( $gateway, 1 ) if $gateway ne '-';
|
||||
}
|
||||
|
||||
my $providerref = $providers{$provider};
|
||||
my $number = $providerref->{number};
|
||||
@ -1117,6 +1121,9 @@ sub add_a_route( ) {
|
||||
if ( $device ne '-' ) {
|
||||
push @$routes, qq(run_ip route add $dest via $gateway dev $physical table $number);
|
||||
emit qq(echo "qt \$IP -$family route del $dest via $gateway dev $physical table $number" >> \${VARDIR}/undo_${provider}_routing) if $number >= DEFAULT_TABLE;
|
||||
} elsif ( $gateway eq 'blackhole' ) {
|
||||
push @$routes, qq(run_ip route add blackhole $dest table $number);
|
||||
emit qq(echo "\$IP -$family route del blackhole $dest table $number" >> \${VARDIR}/undo_${provider}_routing) if $number >= DEFAULT_TABLE;
|
||||
} else {
|
||||
push @$routes, qq(run_ip route add $dest via $gateway table $number);
|
||||
emit qq(echo "\$IP -$family route del $dest via $gateway table $number" >> \${VARDIR}/undo_${provider}_routing) if $number >= DEFAULT_TABLE;
|
||||
|
@ -53,6 +53,9 @@
|
||||
<listitem>
|
||||
<para>If specified, gives the IP address of the gateway to the
|
||||
DEST.</para>
|
||||
|
||||
<para>Beginning with Shorewall 4.5.15, you may specify blackhole in
|
||||
this column to create a <option>blackhole</option> route. </para>
|
||||
</listitem>
|
||||
</varlistentry>
|
||||
|
||||
@ -62,8 +65,9 @@
|
||||
<listitem>
|
||||
<para>Specifies the device route. If neither DEVICE nor GATEWAY is
|
||||
given, then the INTERFACE specified for the PROVIDER in <ulink
|
||||
url="shorewall-providers.html">shorewall-providers</ulink>
|
||||
(5).</para>
|
||||
url="shorewall-providers.html">shorewall-providers</ulink> (5). This
|
||||
column must be omitted if <option>blackhole</option> is specified in
|
||||
the GATEWAY column.</para>
|
||||
</listitem>
|
||||
</varlistentry>
|
||||
</variablelist>
|
||||
|
@ -53,6 +53,9 @@
|
||||
<listitem>
|
||||
<para>If specified, gives the IP address of the gateway to the
|
||||
DEST.</para>
|
||||
|
||||
<para>Beginning with Shorewall 4.5.15, you may specify blackhole in
|
||||
this column to create a <option>blackhole</option> route.</para>
|
||||
</listitem>
|
||||
</varlistentry>
|
||||
|
||||
@ -62,8 +65,9 @@
|
||||
<listitem>
|
||||
<para>Specifies the device route. If neither DEVICE nor GATEWAY is
|
||||
given, then the INTERFACE specified for the PROVIDER in <ulink
|
||||
url="shorewall6-providers.html">shorewall6-providers</ulink>
|
||||
(5).</para>
|
||||
url="shorewall6-providers.html">shorewall6-providers</ulink> (5).
|
||||
This column must be omitted if <option>blackhole</option> is
|
||||
specified in the GATEWAY column.</para>
|
||||
</listitem>
|
||||
</varlistentry>
|
||||
</variablelist>
|
||||
|
Loading…
Reference in New Issue
Block a user