forked from extern/shorewall_code
Reverse myself on comments and continuation
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@5777 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
This commit is contained in:
parent
040fd9b92e
commit
080dc4e183
@ -38,7 +38,6 @@ our @EXPORT = qw(
|
|||||||
push_open
|
push_open
|
||||||
pop_open
|
pop_open
|
||||||
read_a_line
|
read_a_line
|
||||||
expand_shell_variables
|
|
||||||
get_configuration
|
get_configuration
|
||||||
require_capability
|
require_capability
|
||||||
report_capabilities
|
report_capabilities
|
||||||
@ -277,7 +276,7 @@ my %no_pad = ( COMMENT => 1,
|
|||||||
|
|
||||||
#
|
#
|
||||||
# Pre-process a line from a configuration file.
|
# Pre-process a line from a configuration file.
|
||||||
#
|
|
||||||
# chomp it.
|
# chomp it.
|
||||||
# compress out redundent white space.
|
# compress out redundent white space.
|
||||||
# ensure that it has an appropriate number of columns.
|
# ensure that it has an appropriate number of columns.
|
||||||
@ -297,35 +296,28 @@ sub split_line( $$ ) {
|
|||||||
@line;
|
@line;
|
||||||
}
|
}
|
||||||
|
|
||||||
#
|
|
||||||
# Config files can have shell variables embedded. This function expands them from %ENV.
|
|
||||||
#
|
|
||||||
sub expand_shell_variables( $ ) {
|
|
||||||
my $line = $_[0];
|
|
||||||
$line = join( '', $1 , ( $ENV{$2} || '' ) , $3 ) while $line =~ /^(.*?)\${([a-zA-Z]\w*)}(.*)$/;
|
|
||||||
$line = join( '', $1 , ( $ENV{$2} || '' ) , $3 ) while $line =~ /^(.*?)\$([a-zA-Z]\w*)(.*)$/;
|
|
||||||
$line;
|
|
||||||
}
|
|
||||||
|
|
||||||
#
|
#
|
||||||
# Open a file, setting $currentfile. Returns the file's absolute pathname if the file
|
# Open a file, setting $currentfile. Returns the file's absolute pathname if the file
|
||||||
# exists, is non-empty and was successfully opened. Terminates with a fatal error
|
# exists, is non-empty and was successfully opened. Terminates with a fatal error
|
||||||
# if the file exists, is non-empty, but the open fails.
|
# if the file exists, is non-empty, but the open fails.
|
||||||
#
|
#
|
||||||
|
sub do_open_file( $ ) {
|
||||||
|
my $fname = $_[0];
|
||||||
|
open $currentfile, '<', $fname or fatal_error "Unable to open $fname: $!";
|
||||||
|
$currentlinenumber = 0;
|
||||||
|
$currentfilename = $fname;
|
||||||
|
}
|
||||||
|
|
||||||
sub open_file( $ ) {
|
sub open_file( $ ) {
|
||||||
my $fname = find_file $_[0];
|
my $fname = find_file $_[0];
|
||||||
|
|
||||||
fatal_error 'Internal Error in open_file()' if defined $currentfile;
|
fatal_error 'Internal Error in open_file()' if defined $currentfile;
|
||||||
|
|
||||||
if ( -f $fname && -s _ ) {
|
do_open_file $fname if -f $fname && -s _;
|
||||||
open $currentfile, '<', $fname or fatal_error "Unable to open $fname: $!";
|
|
||||||
$currentlinenumber = 0;
|
|
||||||
$currentfilename = $fname;
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
||||||
#
|
#
|
||||||
# This function is normally called in read_a_line() when EOF is reached. Clients of the
|
# This function is normally called below in read_a_line() when EOF is reached. Clients of the
|
||||||
# module may also call the function to close the file before EOF
|
# module may also call the function to close the file before EOF
|
||||||
#
|
#
|
||||||
|
|
||||||
@ -376,8 +368,7 @@ sub pop_open() {
|
|||||||
#
|
#
|
||||||
# - Ignore blank or comment-only lines.
|
# - Ignore blank or comment-only lines.
|
||||||
# - Remove trailing comments.
|
# - Remove trailing comments.
|
||||||
# - Handle Line Continuation (We don't continue comment lines, thus avoiding user frustration
|
# - Handle Line Continuation
|
||||||
# when the last line of a comment inadvertently ends with '\').
|
|
||||||
# - Expand shell variables from $ENV.
|
# - Expand shell variables from $ENV.
|
||||||
# - Handle INCLUDE <filename>
|
# - Handle INCLUDE <filename>
|
||||||
#
|
#
|
||||||
@ -390,19 +381,36 @@ sub read_a_line {
|
|||||||
while ( my $nextline = <$currentfile> ) {
|
while ( my $nextline = <$currentfile> ) {
|
||||||
|
|
||||||
$currentlinenumber++;
|
$currentlinenumber++;
|
||||||
next if $nextline =~ /^\s*#/;
|
|
||||||
next if $nextline =~ /^\s*$/;
|
|
||||||
|
|
||||||
$nextline =~ s/#.*$//;
|
next if $nextline =~ /^\s*$/; # Ignore Blank Lines
|
||||||
|
|
||||||
chomp $nextline;
|
chomp $nextline;
|
||||||
|
#
|
||||||
|
# Check for continuation
|
||||||
|
#
|
||||||
if ( substr( $nextline, -1, 1 ) eq '\\' ) {
|
if ( substr( $nextline, -1, 1 ) eq '\\' ) {
|
||||||
$line .= substr( $nextline, 0, -1 );
|
$line .= substr( $nextline, 0, -1 );
|
||||||
next;
|
next;
|
||||||
}
|
}
|
||||||
|
|
||||||
$line = expand_shell_variables( $line ? $line . $nextline : $nextline );
|
$line .= $nextline;
|
||||||
|
#
|
||||||
|
# Ignore ( concatenated ) lines that are nothing but comments
|
||||||
|
#
|
||||||
|
if ( $line =~ /^\s*#/ ) {
|
||||||
|
$line = '';
|
||||||
|
next;
|
||||||
|
}
|
||||||
|
|
||||||
|
$line =~ s/#.*$//; # Remove Trailing Comments
|
||||||
|
$line =~ s/^\s+//; # Remove Leading white space
|
||||||
|
$line =~ s/\s+$//; # Remove Trailing white space
|
||||||
|
#
|
||||||
|
# Expand Shell Variables using $ENV
|
||||||
|
#
|
||||||
|
$line = join( '', $1 , ( $ENV{$2} || '' ) , $3 ) while $line =~ /^(.*?)\${([a-zA-Z]\w*)}(.*)$/;
|
||||||
|
$line = join( '', $1 , ( $ENV{$2} || '' ) , $3 ) while $line =~ /^(.*?)\$([a-zA-Z]\w*)(.*)$/;
|
||||||
|
|
||||||
if ( $line =~ /^\s*INCLUDE\s/ ) {
|
if ( $line =~ /^\s*INCLUDE\s/ ) {
|
||||||
|
|
||||||
my @line = split /\s+/, $line;
|
my @line = split /\s+/, $line;
|
||||||
@ -415,15 +423,11 @@ sub read_a_line {
|
|||||||
|
|
||||||
fatal_error "INCLUDed file $filename not found" unless ( -f $filename );
|
fatal_error "INCLUDed file $filename not found" unless ( -f $filename );
|
||||||
|
|
||||||
push @openstack, [ $currentfile, $currentfilename, $currentlinenumber ];
|
if ( -s _ ) {
|
||||||
|
push @openstack, [ $currentfile, $currentfilename, $currentlinenumber ];
|
||||||
$currentfile = undef;
|
$currentfile = undef;
|
||||||
|
do_open_file $filename;
|
||||||
open $currentfile, $filename or fatal_error "Unable to open $filename: $!";
|
}
|
||||||
|
|
||||||
$currentfilename = $filename;
|
|
||||||
$currentlinenumber = 0;
|
|
||||||
$line = '';
|
|
||||||
} else {
|
} else {
|
||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
|
@ -1122,6 +1122,8 @@ sub process_rule ( $$$$$$$$$ ) {
|
|||||||
$section = 'NEW';
|
$section = 'NEW';
|
||||||
$sectioned = 1;
|
$sectioned = 1;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
fatal_error "Invalid rules file entry" if $source eq '-' || $dest eq '-';
|
||||||
#
|
#
|
||||||
# Handle Wildcards
|
# Handle Wildcards
|
||||||
#
|
#
|
||||||
|
@ -154,23 +154,7 @@ j) Because the configuration files (with the exception of
|
|||||||
defined in /etc/shorewall/params and environmental variables
|
defined in /etc/shorewall/params and environmental variables
|
||||||
(exported by the shell) can be used.
|
(exported by the shell) can be used.
|
||||||
|
|
||||||
h) Line continuation (lines ending in '\' are concatinated with the next
|
h) USE_ACTIONS=No is not supported. That option is intended to minimize
|
||||||
line) continues to be supported. Unlike the shell-based compiler,
|
|
||||||
however, the Perl-based compiler does not continue lines that end
|
|
||||||
in '#' comments. This avoids the confusing behavior where
|
|
||||||
the last line of a comment ends with '\', causing the
|
|
||||||
next (non-comment) line to be ignored.
|
|
||||||
|
|
||||||
Example (/etc/shorewall/tunnels):
|
|
||||||
|
|
||||||
# VPN from Atlanta \
|
|
||||||
openvpn-server net 206.124.146.177
|
|
||||||
|
|
||||||
With the Shell-based compiler, the openvpn-server line is ignored
|
|
||||||
because it is combined with the preceding line; with the Perl-based
|
|
||||||
compiler, it is processed normally.
|
|
||||||
|
|
||||||
i) USE_ACTIONS=No is not supported. That option is intended to minimize
|
|
||||||
Shorewall's footprint in embedded applications. As a consequence,
|
Shorewall's footprint in embedded applications. As a consequence,
|
||||||
Default Macros are not supported.
|
Default Macros are not supported.
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user