holm/shorewall_code
1
0
Fork 0
forked from extern/shorewall_code
Code Pull Requests Activity

Eliminate mark_referenced()

Browse Source 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@7920 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
This commit is contained in:
teastep 2007-12-17 20:53:27 +00:00
parent c36a24f201
commit 0e6472a272
4 changed files with 22 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
Shorewall-perl/Shorewall/Accounting.pm
View File

@ -64,6 +64,8 @@ sub process_accounting_rule( $$$$$$$$$ ) {
my ($action, $chain, $source, $dest, $proto, $ports, $sports, $user, $mark ) = @_; my ($action, $chain, $source, $dest, $proto, $ports, $sports, $user, $mark ) = @_;
our $disposition = '';
sub check_for_builtin( $ ) { sub check_for_builtin( $ ) {
my $chainref = shift; my $chainref = shift;
fatal_error "A builtin Chain ($jumpchainref->{name}) may not appear in the accounting file" if $chainref->{builtin}; fatal_error "A builtin Chain ($jumpchainref->{name}) may not appear in the accounting file" if $chainref->{builtin};
@ -77,7 +79,7 @@ sub process_accounting_rule( $$$$$$$$$ ) {
my $jumpchain = $_[0]; my $jumpchain = $_[0];
$jumpchainref = ensure_chain( 'filter', $jumpchain ); $jumpchainref = ensure_chain( 'filter', $jumpchain );
check_for_builtin( $jumpchainref ); check_for_builtin( $jumpchainref );
mark_referenced $jumpchainref; $disposition = $jumpchain;
"-j $jumpchain"; "-j $jumpchain";
} }
@ -154,7 +156,7 @@ sub process_accounting_rule( $$$$$$$$$ ) {
'' , '' ,
$target , $target ,
'' , '' ,
'' , $disposition ,
'' ; '' ;
if ( $rule2 ) { if ( $rule2 ) {

4
Shorewall-perl/Shorewall/Actions.pm
View File

@ -294,8 +294,6 @@ sub createlogactionchain( $$ ) {
fatal_error "Too many invocations of Action $action" if $actionref->{actchain} > 99; fatal_error "Too many invocations of Action $action" if $actionref->{actchain} > 99;
mark_referenced $chainref; # Just in case the action body is empty.
unless ( $targets{$action} & STANDARD ) { unless ( $targets{$action} & STANDARD ) {
my $file = find_file $chain; my $file = find_file $chain;
@ -322,8 +320,6 @@ sub createsimpleactionchain( $ ) {
$logactionchains{"$action:none"} = $chainref; $logactionchains{"$action:none"} = $chainref;
mark_referenced $chainref; # Just in case the action body is empty.
unless ( $targets{$action} & STANDARD ) { unless ( $targets{$action} & STANDARD ) {
my $file = find_file $action; my $file = find_file $action;

21
Shorewall-perl/Shorewall/Chains.pm
View File

@ -89,11 +89,11 @@ our %EXPORT_TAGS = (
snat_chain snat_chain
ecn_chain ecn_chain
first_chains first_chains
mark_referenced
ensure_chain ensure_chain
ensure_mangle_chain ensure_mangle_chain
new_standard_chain new_standard_chain
new_builtin_chain new_builtin_chain
new_nat_chain
ensure_filter_chain ensure_filter_chain
initialize_chain_table initialize_chain_table
finish_section finish_section
@ -393,10 +393,6 @@ sub add_commands {
$chainref->{referenced} = 1; $chainref->{referenced} = 1;
} }
sub mark_referenced( $ ) {
$_[0]->{referenced} = 1;
}
sub push_rule( $$ ) { sub push_rule( $$ ) {
my ($chainref, $rule) = @_; my ($chainref, $rule) = @_;
@ -703,6 +699,12 @@ sub new_standard_chain($) {
$chainref; $chainref;
} }
sub new_nat_chain($) {
my $chainref = new_chain 'nat' ,$_[0];
$chainref->{referenced} = 1;
$chainref;
}
sub new_manual_chain($) { sub new_manual_chain($) {
my $chain = $_[0]; my $chain = $_[0];
fatal_error "Duplicate Chain Name ($chain)" if $targets{$chain} || $filter_table->{$chain}; fatal_error "Duplicate Chain Name ($chain)" if $targets{$chain} || $filter_table->{$chain};
@ -1658,7 +1660,6 @@ sub expand_rule( $$$$$$$$$$ )
my ($iiface, $diface, $inets, $dnets, $iexcl, $dexcl, $onets , $oexcl ); my ($iiface, $diface, $inets, $dnets, $iexcl, $dexcl, $onets , $oexcl );
my $chain = $chainref->{name}; my $chain = $chainref->{name};
my $initialcmdlevel = $chainref->{cmdlevel}; my $initialcmdlevel = $chainref->{cmdlevel};
# #
# Handle Log Level # Handle Log Level
# #
@ -1679,6 +1680,14 @@ sub expand_rule( $$$$$$$$$$ )
} elsif ( $disposition eq 'LOG' ) { } elsif ( $disposition eq 'LOG' ) {
fatal_error "LOG requires a level"; fatal_error "LOG requires a level";
} }
#
# Mark Target as referenced, if it's a chain
#
if ( $disposition ) {
my $targetref = $chain_table{$chainref->{table}}{$disposition};
$targetref->{referenced} = 1 if $targetref;
}
# #
# Isolate Source Interface, if any # Isolate Source Interface, if any
# #

6
Shorewall-perl/Shorewall/Rules.pm
View File

@ -628,9 +628,9 @@ sub add_common_rules() {
new_standard_chain $chain; new_standard_chain $chain;
} }
mark_referenced( new_chain 'nat' , $chain = dynamic_in($interface) ); new_nat_chain( $chain = dynamic_in($interface) );
add_rule $filter_table->{input_chain $interface}, "-j $chain"; add_rule $filter_table->{input_chain $interface}, '-j ' . dynamic_in $interface;
add_rule $filter_table->{forward_chain $interface}, '-j ' . dynamic_fwd $interface; add_rule $filter_table->{forward_chain $interface}, '-j ' . dynamic_fwd $interface;
add_rule $filter_table->{output_chain $interface}, '-j ' . dynamic_out $interface; add_rule $filter_table->{output_chain $interface}, '-j ' . dynamic_out $interface;
} }
@ -641,7 +641,7 @@ sub add_common_rules() {
if ( @$list ) { if ( @$list ) {
progress_message2 '$doing UPnP'; progress_message2 '$doing UPnP';
mark_referenced( new_chain( 'nat', 'UPnP' ) ); new_nat_chain( 'UPnP' );
for $interface ( @$list ) { for $interface ( @$list ) {
add_rule $nat_table->{PREROUTING} , match_source_dev ( $interface ) . '-j UPnP'; add_rule $nat_table->{PREROUTING} , match_source_dev ( $interface ) . '-j UPnP';