holm/shorewall_code
1
0
Fork 0
forked from extern/shorewall_code
Code Pull Requests Activity

Reorganize initialization of global variables

Browse Source 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@5069 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
This commit is contained in:
teastep 2006-12-09 18:12:19 +00:00
parent 8598b5a1f8
commit 14839970ba
2 changed files with 70 additions and 59 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

126
Shorewall/lib.config
View File

@ -1729,75 +1729,88 @@ do_initialize() {
# Clear all configuration variables # Clear all configuration variables
# #
VERSION= VERSION=
IPTABLES= #
FW= # Logging
SUBSYSLOCK= #
ALLOWRELATED=Yes LOGFILE=
LOGFORMAT=
LOGTAGONLY=
LOGRATE= LOGRATE=
LOGBURST= LOGBURST=
ADD_IP_ALIASES= LOGALLNEW=
ADD_SNAT_ALIASES=
TC_ENABLED=
BLACKLIST_DISPOSITION=
BLACKLIST_LOGLEVEL= BLACKLIST_LOGLEVEL=
CLAMPMSS=
ROUTE_FILTER=
LOG_MARTIANS=
DETECT_DNAT_IPADDRS=
MUTEX_TIMEOUT=
FORWARDPING=
MACLIST_DISPOSITION=
MACLIST_LOG_LEVEL= MACLIST_LOG_LEVEL=
TCP_FLAGS_DISPOSITION=
TCP_FLAGS_LOG_LEVEL= TCP_FLAGS_LOG_LEVEL=
RFC1918_LOG_LEVEL= RFC1918_LOG_LEVEL=
MARK_IN_FORWARD_CHAIN=
VERSION_FILE=
LOGFORMAT=
LOGRULENUMBERS=
ADMINISABSENTMINDED=
BLACKLISTNEWONLY=
MODULE_SUFFIX=
ACTIONS=
USEDACTIONS=
SMURF_LOG_LEVEL= SMURF_LOG_LEVEL=
DISABLE_IPV6= LOG_MARTIANS=
BRIDGING= #
DYNAMIC_ZONES= # Location of files
PKTTYPE= #
USEPKTYPE= IPTABLES=
RETAIN_ALIASES= #PATH is inherited
DELAYBLACKLISTLOAD= SHOREWALL_SHELL=
LOGTAGONLY= SUBSYSLOCK=
LOGALLNEW=
RFC1918_STRICT=
MACLIST_TTL=
SAVE_IPSETS=
RESTOREFILE=
MAPOLDACTIONS=
IMPLICIT_CONTINUE=
HIGH_ROUTE_MARKS=
TC_EXPERT=
MODULESDIR= MODULESDIR=
#CONFIG_PATH is inherited
RESTOREFILE=
IPSECFILE= IPSECFILE=
IP_FORWARDING= #
CLEAR_TC= # Default Actions/Macros
MACLIST_TABLE= #
FASTACCEPT=
USE_ACTIONS=
DROP_DEFAULT= DROP_DEFAULT=
REJECT_DEFAULT= REJECT_DEFAULT=
ACCEPT_DEFAULT= ACCEPT_DEFAULT=
QUEUE_DEFAULT= QUEUE_DEFAULT=
#
# Firewall Options
#
IP_FORWARDING=
ADD_IP_ALIASES=
ADD_SNAT_ALIASES=
RETAIN_ALIASES=
TC_ENABLED=
TC_EXPERT=
CLEAR_TC=
MARK_IN_FORWARD_CHAIN=
CLAMPMSS=
ROUTE_FILTER=
DETECT_DNAT_IPADDRS=
MUTEX_TIMEOUT=
ADMINISABSENTMINDED=
BLACKLISTNEWONLY=
DELAYBLACKLISTLOAD=
MODULE_SUFFIX=
DISABLE_IPV6=
BRIDGING=
DYNAMIC_ZONES=
PKTTYPE=
RFC1918_STRICT=
MACLIST_TABLE=
MACLIST_TTL=
SAVE_IPSETS=
MAPOLDACTIONS=
FASTACCEPT=
IMPLICIT_CONTINUE=
HIGH_ROUTE_MARKS=
USE_ACTIONS=
OPTIMIZE= OPTIMIZE=
#
# Packet Disposition
#
MACLIST_DISPOSITION=
TCP_FLAGS_DISPOSITION=
BLACKLIST_DISPOSITION=
#
# Other Globals
#
FW=
USEPKTYPE=
LOGLIMIT= LOGLIMIT=
LOGPARMS= LOGPARMS=
OUTPUT= OUTPUT=
TMP_DIR=
ALL_INTERFACES= ALL_INTERFACES=
ROUTEMARK_INTERFACES= ROUTEMARK_INTERFACES=
IPSECMARK=256
PROVIDERS= PROVIDERS=
CRITICALHOSTS= CRITICALHOSTS=
EXCLUSION_SEQ=1 EXCLUSION_SEQ=1
@ -1807,9 +1820,12 @@ do_initialize() {
SECTION=ESTABLISHED SECTION=ESTABLISHED
SECTIONS= SECTIONS=
ALL_PORTS= ALL_PORTS=
ACTIONS=
USEDACTIONS=
DEFAULT_MACROS= DEFAULT_MACROS=
COMMENT= COMMENT=
VERSION_FILE=
LOGRULENUMBERS=
TMP_DIR=$(mktempdir) TMP_DIR=$(mktempdir)
[ -n "$TMP_DIR" ] && chmod 700 $TMP_DIR || \ [ -n "$TMP_DIR" ] && chmod 700 $TMP_DIR || \
@ -1880,11 +1896,6 @@ do_initialize() {
[ -f $f ] && . $f || fatal_error "The -e flag requires a capabilities file" [ -f $f ] && . $f || fatal_error "The -e flag requires a capabilities file"
fi fi
ALLOWRELATED="$(added_param_value_yes ALLOWRELATED $ALLOWRELATED)"
[ -n "$ALLOWRELATED" ] || \
fatal_error "ALLOWRELATED=No is not supported"
ADD_IP_ALIASES="$(added_param_value_yes ADD_IP_ALIASES $ADD_IP_ALIASES)"
if [ -n "${LOGRATE}${LOGBURST}" ]; then if [ -n "${LOGRATE}${LOGBURST}" ]; then
LOGLIMIT="--match limit" LOGLIMIT="--match limit"
[ -n "$LOGRATE" ] && LOGLIMIT="$LOGLIMIT --limit $LOGRATE" [ -n "$LOGRATE" ] && LOGLIMIT="$LOGLIMIT --limit $LOGRATE"
@ -1917,9 +1928,6 @@ do_initialize() {
ROUTE_FILTER=$(added_param_value_no ROUTE_FILTER $ROUTE_FILTER) ROUTE_FILTER=$(added_param_value_no ROUTE_FILTER $ROUTE_FILTER)
LOG_MARTIANS=$(added_param_value_no LOG_MARTIANS $LOG_MARTIANS) LOG_MARTIANS=$(added_param_value_no LOG_MARTIANS $LOG_MARTIANS)
DETECT_DNAT_IPADDRS=$(added_param_value_no DETECT_DNAT_IPADDRS $DETECT_DNAT_IPADDRS) DETECT_DNAT_IPADDRS=$(added_param_value_no DETECT_DNAT_IPADDRS $DETECT_DNAT_IPADDRS)
FORWARDPING=$(added_param_value_no FORWARDPING $FORWARDPING)
[ -n "$FORWARDPING" ] && \
fatal_error "FORWARDPING=Yes is no longer supported"
MACLIST_TARGET=reject MACLIST_TARGET=reject

3
Shorewall/shorewall.conf
View File

@ -9,6 +9,9 @@
# (c) 1999,2000,2001,2002,2003,2004,2005 - Tom Eastep (teastep@shorewall.net) # (c) 1999,2000,2001,2002,2003,2004,2005 - Tom Eastep (teastep@shorewall.net)
# #
# For information about the settings in this file, type "man shorewall.conf" # For information about the settings in this file, type "man shorewall.conf"
#
# Additional information is available at
# http://www.shorewall.net/Documentation.htm#Conf
############################################################################### ###############################################################################
# S T A R T U P E N A B L E D # S T A R T U P E N A B L E D
############################################################################### ###############################################################################