From 08d59ffc7e1273fec2f0680027fd2ad6f6adf6a8 Mon Sep 17 00:00:00 2001 From: teastep Date: Sun, 25 Mar 2007 23:18:20 +0000 Subject: [PATCH] Cosmetic changes git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@5690 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb --- New/Shorewall/Nat.pm | 14 ++++---------- New/Shorewall/Rules.pm | 2 +- New/compiler.pl | 14 ++++++-------- 3 files changed, 11 insertions(+), 19 deletions(-) diff --git a/New/Shorewall/Nat.pm b/New/Shorewall/Nat.pm index c89fefe20..3bbb7e996 100644 --- a/New/Shorewall/Nat.pm +++ b/New/Shorewall/Nat.pm @@ -101,16 +101,10 @@ sub setup_one_masq($$$$$$) my $destnets = ''; my $target = '-j MASQUERADE '; - # - # Take care of missing ADDRESSES column - # - $addresses = '' unless defined $addresses; - $addresses = '' if $addresses eq '-'; - # # Handle IPSEC options, if any # - if ( $ipsec && $ipsec ne '-' ) { + if ( $ipsec ne '-' ) { fatal_error "Non-empty IPSEC column requires policy match support in your kernel and iptables" unless $env{ORIGINAL_POLICY_MATCH}; if ( $ipsec =~ /^yes$/i ) { @@ -162,8 +156,8 @@ sub setup_one_masq($$$$$$) # # If there is no source or destination then allow all addresses # - $networks = ALLIPv4 unless $networks; - $destnets = ALLIPv4 unless $destnets; + $networks = ALLIPv4 if $networks eq '-'; + $destnets = ALLIPv4 if $destnets eq '-'; # # Handle Protocol and Ports # @@ -173,7 +167,7 @@ sub setup_one_masq($$$$$$) # # Parse the ADDRESSES column # - if ( $addresses ) { + if ( $addresses ne '-' ) { if ( $addresses =~ /^SAME:nodst:/ ) { $target = '-j SAME --nodst'; $addresses =~ s/.*://; diff --git a/New/Shorewall/Rules.pm b/New/Shorewall/Rules.pm index aabc5a7a3..09658d6e6 100644 --- a/New/Shorewall/Rules.pm +++ b/New/Shorewall/Rules.pm @@ -479,7 +479,7 @@ sub add_common_rules() { if ( @$list ) { my $disposition; - progress_message2 " $doing TCP Flags checking..."; + progress_message2 " $doing TCP Flags filtering..."; $chainref = new_standard_chain 'tcpflags'; diff --git a/New/compiler.pl b/New/compiler.pl index feb1fc9c5..04d825836 100755 --- a/New/compiler.pl +++ b/New/compiler.pl @@ -649,7 +649,7 @@ sub compile_firewall( $ ) { # # Do all of the zone-independent stuff # - progress_message2 "Setting up Common Rules..."; + progress_message2 "$doing Common Rules..."; add_common_rules; # # /proc stuff @@ -672,11 +672,10 @@ sub compile_firewall( $ ) { emit "\nundo_routing"; emit 'restore_default_route'; } - # # TCRules and Traffic Shaping # - progress_message2 "Processing TC Rules..."; + progress_message2 "$doing TC Rules..."; setup_tc; # # Setup Masquerading/SNAT @@ -686,7 +685,7 @@ sub compile_firewall( $ ) { # # MACLIST Filtration # - progress_message2 "Setting up MAC Filtration -- Phase 1..."; + progress_message2 "$doing MAC Filtration -- Phase 1..."; setup_mac_lists 1; # # Process the rules file. @@ -696,7 +695,7 @@ sub compile_firewall( $ ) { # # Add Tunnel rules. # - progress_message2 "Adding Tunnels..."; + progress_message2 "$doing Tunnels..."; setup_tunnels; # # Post-rules action processing. @@ -706,7 +705,7 @@ sub compile_firewall( $ ) { # # MACLIST Filtration again # - progress_message2 "Setting up MAC Filtration -- Phase 2..."; + progress_message2 "$doing MAC Filtration -- Phase 2..."; setup_mac_lists 2; # # Apply Policies @@ -726,7 +725,7 @@ sub compile_firewall( $ ) { # # Accounting. # - progress_message2 "Setting UP Accounting..."; + progress_message2 "$doing Accounting..."; setup_accounting; if ( $command eq 'check' ) { @@ -743,7 +742,6 @@ sub compile_firewall( $ ) { # And generate the auxilary config file # generate_aux_config if $ENV{EXPORT}; - } }