forked from extern/shorewall_code
Eliminate 'shared' option -- use :address to signal shared interface
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@7711 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
This commit is contained in:
parent
954db796bd
commit
1d3eca5541
@ -200,7 +200,13 @@ sub add_a_provider( $$$$$$$$ ) {
|
|||||||
|
|
||||||
( $interface, my $address ) = split /:/, $interface;
|
( $interface, my $address ) = split /:/, $interface;
|
||||||
|
|
||||||
validate_address $address, 0 if defined $address;
|
my $shared = 0;
|
||||||
|
|
||||||
|
if ( defined $address ) {
|
||||||
|
validate_address $address, 0;
|
||||||
|
$shared = 1;
|
||||||
|
require_capability 'REALM_MATCH', "Multiple Providers through one interface", "s";
|
||||||
|
}
|
||||||
|
|
||||||
fatal_error "Unknown Interface ($interface)" unless known_interface $interface;
|
fatal_error "Unknown Interface ($interface)" unless known_interface $interface;
|
||||||
|
|
||||||
@ -222,6 +228,7 @@ sub add_a_provider( $$$$$$$$ ) {
|
|||||||
validate_address $gateway, 0;
|
validate_address $gateway, 0;
|
||||||
$address = get_interface_address $interface unless $address;
|
$address = get_interface_address $interface unless $address;
|
||||||
} else {
|
} else {
|
||||||
|
fatal_error "Multiple Providers through one interface requires a gateway" if $shared;
|
||||||
$gateway = '';
|
$gateway = '';
|
||||||
emit "run_ip route add default dev $interface table $number";
|
emit "run_ip route add default dev $interface table $number";
|
||||||
}
|
}
|
||||||
@ -253,7 +260,7 @@ sub add_a_provider( $$$$$$$$ ) {
|
|||||||
);
|
);
|
||||||
}
|
}
|
||||||
|
|
||||||
my ( $loose, $track, $shared, $balance , $optional ) = (0,0,0,0,interface_is_optional( $interface ));
|
my ( $loose, $track, $balance , $optional ) = (0,0,0,interface_is_optional( $interface ));
|
||||||
|
|
||||||
unless ( $options eq '-' ) {
|
unless ( $options eq '-' ) {
|
||||||
for my $option ( split /,/, $options ) {
|
for my $option ( split /,/, $options ) {
|
||||||
@ -268,9 +275,6 @@ sub add_a_provider( $$$$$$$$ ) {
|
|||||||
} elsif ( $option eq 'optional' ) {
|
} elsif ( $option eq 'optional' ) {
|
||||||
set_interface_option $interface, 'optional', 1;
|
set_interface_option $interface, 'optional', 1;
|
||||||
$optional = 1;
|
$optional = 1;
|
||||||
} elsif ( $option eq 'shared' ) {
|
|
||||||
require_capability 'REALM_MATCH', "The 'shared' option", "s";
|
|
||||||
$shared = 1;
|
|
||||||
} else {
|
} else {
|
||||||
fatal_error "Invalid option ($option)";
|
fatal_error "Invalid option ($option)";
|
||||||
}
|
}
|
||||||
@ -302,10 +306,7 @@ sub add_a_provider( $$$$$$$$ ) {
|
|||||||
my $realm = '';
|
my $realm = '';
|
||||||
|
|
||||||
if ( $shared ) {
|
if ( $shared ) {
|
||||||
fatal_error "The 'shared' option requires a gateway" unless $gateway;
|
|
||||||
|
|
||||||
$providers{$table}{mac} = get_interface_mac( $gateway, $interface , $table );
|
$providers{$table}{mac} = get_interface_mac( $gateway, $interface , $table );
|
||||||
|
|
||||||
$realm = "realm $number";
|
$realm = "realm $number";
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -339,6 +340,10 @@ sub add_a_provider( $$$$$$$$ ) {
|
|||||||
'done'
|
'done'
|
||||||
);
|
);
|
||||||
}
|
}
|
||||||
|
} elsif ( $shared ) {
|
||||||
|
emit "qt ip rule del from $address" if $config{DELETE_THEN_ADD};
|
||||||
|
emit "run_ip rule add from $address pref 20000 table $number";
|
||||||
|
emit "echo \"qt ip rule del from $address\" >> \${VARDIR}/undo_routing";
|
||||||
} else {
|
} else {
|
||||||
my $rulebase = 20000 + ( 256 * ( $number - 1 ) );
|
my $rulebase = 20000 + ( 256 * ( $number - 1 ) );
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user