forked from extern/shorewall_code
Eliminate mark_referenced()
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@7920 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
This commit is contained in:
parent
c36a24f201
commit
0e6472a272
@ -64,6 +64,8 @@ sub process_accounting_rule( $$$$$$$$$ ) {
|
|||||||
|
|
||||||
my ($action, $chain, $source, $dest, $proto, $ports, $sports, $user, $mark ) = @_;
|
my ($action, $chain, $source, $dest, $proto, $ports, $sports, $user, $mark ) = @_;
|
||||||
|
|
||||||
|
our $disposition = '';
|
||||||
|
|
||||||
sub check_for_builtin( $ ) {
|
sub check_for_builtin( $ ) {
|
||||||
my $chainref = shift;
|
my $chainref = shift;
|
||||||
fatal_error "A builtin Chain ($jumpchainref->{name}) may not appear in the accounting file" if $chainref->{builtin};
|
fatal_error "A builtin Chain ($jumpchainref->{name}) may not appear in the accounting file" if $chainref->{builtin};
|
||||||
@ -77,7 +79,7 @@ sub process_accounting_rule( $$$$$$$$$ ) {
|
|||||||
my $jumpchain = $_[0];
|
my $jumpchain = $_[0];
|
||||||
$jumpchainref = ensure_chain( 'filter', $jumpchain );
|
$jumpchainref = ensure_chain( 'filter', $jumpchain );
|
||||||
check_for_builtin( $jumpchainref );
|
check_for_builtin( $jumpchainref );
|
||||||
mark_referenced $jumpchainref;
|
$disposition = $jumpchain;
|
||||||
"-j $jumpchain";
|
"-j $jumpchain";
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -154,7 +156,7 @@ sub process_accounting_rule( $$$$$$$$$ ) {
|
|||||||
'' ,
|
'' ,
|
||||||
$target ,
|
$target ,
|
||||||
'' ,
|
'' ,
|
||||||
'' ,
|
$disposition ,
|
||||||
'' ;
|
'' ;
|
||||||
|
|
||||||
if ( $rule2 ) {
|
if ( $rule2 ) {
|
||||||
|
@ -294,8 +294,6 @@ sub createlogactionchain( $$ ) {
|
|||||||
|
|
||||||
fatal_error "Too many invocations of Action $action" if $actionref->{actchain} > 99;
|
fatal_error "Too many invocations of Action $action" if $actionref->{actchain} > 99;
|
||||||
|
|
||||||
mark_referenced $chainref; # Just in case the action body is empty.
|
|
||||||
|
|
||||||
unless ( $targets{$action} & STANDARD ) {
|
unless ( $targets{$action} & STANDARD ) {
|
||||||
|
|
||||||
my $file = find_file $chain;
|
my $file = find_file $chain;
|
||||||
@ -322,8 +320,6 @@ sub createsimpleactionchain( $ ) {
|
|||||||
|
|
||||||
$logactionchains{"$action:none"} = $chainref;
|
$logactionchains{"$action:none"} = $chainref;
|
||||||
|
|
||||||
mark_referenced $chainref; # Just in case the action body is empty.
|
|
||||||
|
|
||||||
unless ( $targets{$action} & STANDARD ) {
|
unless ( $targets{$action} & STANDARD ) {
|
||||||
|
|
||||||
my $file = find_file $action;
|
my $file = find_file $action;
|
||||||
|
@ -89,11 +89,11 @@ our %EXPORT_TAGS = (
|
|||||||
snat_chain
|
snat_chain
|
||||||
ecn_chain
|
ecn_chain
|
||||||
first_chains
|
first_chains
|
||||||
mark_referenced
|
|
||||||
ensure_chain
|
ensure_chain
|
||||||
ensure_mangle_chain
|
ensure_mangle_chain
|
||||||
new_standard_chain
|
new_standard_chain
|
||||||
new_builtin_chain
|
new_builtin_chain
|
||||||
|
new_nat_chain
|
||||||
ensure_filter_chain
|
ensure_filter_chain
|
||||||
initialize_chain_table
|
initialize_chain_table
|
||||||
finish_section
|
finish_section
|
||||||
@ -393,10 +393,6 @@ sub add_commands {
|
|||||||
$chainref->{referenced} = 1;
|
$chainref->{referenced} = 1;
|
||||||
}
|
}
|
||||||
|
|
||||||
sub mark_referenced( $ ) {
|
|
||||||
$_[0]->{referenced} = 1;
|
|
||||||
}
|
|
||||||
|
|
||||||
sub push_rule( $$ ) {
|
sub push_rule( $$ ) {
|
||||||
my ($chainref, $rule) = @_;
|
my ($chainref, $rule) = @_;
|
||||||
|
|
||||||
@ -703,6 +699,12 @@ sub new_standard_chain($) {
|
|||||||
$chainref;
|
$chainref;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
sub new_nat_chain($) {
|
||||||
|
my $chainref = new_chain 'nat' ,$_[0];
|
||||||
|
$chainref->{referenced} = 1;
|
||||||
|
$chainref;
|
||||||
|
}
|
||||||
|
|
||||||
sub new_manual_chain($) {
|
sub new_manual_chain($) {
|
||||||
my $chain = $_[0];
|
my $chain = $_[0];
|
||||||
fatal_error "Duplicate Chain Name ($chain)" if $targets{$chain} || $filter_table->{$chain};
|
fatal_error "Duplicate Chain Name ($chain)" if $targets{$chain} || $filter_table->{$chain};
|
||||||
@ -1658,7 +1660,6 @@ sub expand_rule( $$$$$$$$$$ )
|
|||||||
my ($iiface, $diface, $inets, $dnets, $iexcl, $dexcl, $onets , $oexcl );
|
my ($iiface, $diface, $inets, $dnets, $iexcl, $dexcl, $onets , $oexcl );
|
||||||
my $chain = $chainref->{name};
|
my $chain = $chainref->{name};
|
||||||
my $initialcmdlevel = $chainref->{cmdlevel};
|
my $initialcmdlevel = $chainref->{cmdlevel};
|
||||||
|
|
||||||
#
|
#
|
||||||
# Handle Log Level
|
# Handle Log Level
|
||||||
#
|
#
|
||||||
@ -1679,6 +1680,14 @@ sub expand_rule( $$$$$$$$$$ )
|
|||||||
} elsif ( $disposition eq 'LOG' ) {
|
} elsif ( $disposition eq 'LOG' ) {
|
||||||
fatal_error "LOG requires a level";
|
fatal_error "LOG requires a level";
|
||||||
}
|
}
|
||||||
|
#
|
||||||
|
# Mark Target as referenced, if it's a chain
|
||||||
|
#
|
||||||
|
if ( $disposition ) {
|
||||||
|
my $targetref = $chain_table{$chainref->{table}}{$disposition};
|
||||||
|
$targetref->{referenced} = 1 if $targetref;
|
||||||
|
}
|
||||||
|
|
||||||
#
|
#
|
||||||
# Isolate Source Interface, if any
|
# Isolate Source Interface, if any
|
||||||
#
|
#
|
||||||
|
@ -628,9 +628,9 @@ sub add_common_rules() {
|
|||||||
new_standard_chain $chain;
|
new_standard_chain $chain;
|
||||||
}
|
}
|
||||||
|
|
||||||
mark_referenced( new_chain 'nat' , $chain = dynamic_in($interface) );
|
new_nat_chain( $chain = dynamic_in($interface) );
|
||||||
|
|
||||||
add_rule $filter_table->{input_chain $interface}, "-j $chain";
|
add_rule $filter_table->{input_chain $interface}, '-j ' . dynamic_in $interface;
|
||||||
add_rule $filter_table->{forward_chain $interface}, '-j ' . dynamic_fwd $interface;
|
add_rule $filter_table->{forward_chain $interface}, '-j ' . dynamic_fwd $interface;
|
||||||
add_rule $filter_table->{output_chain $interface}, '-j ' . dynamic_out $interface;
|
add_rule $filter_table->{output_chain $interface}, '-j ' . dynamic_out $interface;
|
||||||
}
|
}
|
||||||
@ -641,7 +641,7 @@ sub add_common_rules() {
|
|||||||
if ( @$list ) {
|
if ( @$list ) {
|
||||||
progress_message2 '$doing UPnP';
|
progress_message2 '$doing UPnP';
|
||||||
|
|
||||||
mark_referenced( new_chain( 'nat', 'UPnP' ) );
|
new_nat_chain( 'UPnP' );
|
||||||
|
|
||||||
for $interface ( @$list ) {
|
for $interface ( @$list ) {
|
||||||
add_rule $nat_table->{PREROUTING} , match_source_dev ( $interface ) . '-j UPnP';
|
add_rule $nat_table->{PREROUTING} , match_source_dev ( $interface ) . '-j UPnP';
|
||||||
|
Loading…
Reference in New Issue
Block a user