Remove add_command and replace all calls with calls to add_commands

2009-07-06 18:38:39 -07:00 · 2009-07-06 18:38:39 -07:00 · 2142e92f8a
commit 2142e92f8a
parent 0bb1fbd9c4
5 changed files with 32 additions and 40 deletions
--- a/Shorewall/Perl/Shorewall/Actions.pm
+++ b/Shorewall/Perl/Shorewall/Actions.pm
@ -740,16 +740,16 @@ sub dropBcast( $$$ ) {
 	add_rule $chainref, '-m addrtype --dst-type BROADCAST -j DROP';
    } else {
 	if ( $family == F_IPV4 ) {
-	    add_command $chainref, 'for address in $ALL_BCASTS; do';
+	    add_commands $chainref, 'for address in $ALL_BCASTS; do';
 	} else {
-	    add_command $chainref, 'for address in $ALL_ACASTS; do';
+	    add_commands $chainref, 'for address in $ALL_ACASTS; do';
 	}

 	incr_cmd_level $chainref;
 	log_rule_limit $level, $chainref, 'dropBcast' , 'DROP', '', $tag, 'add', ' -d $address ' if $level ne '';
 	add_rule $chainref, '-d $address -j DROP';
 	decr_cmd_level $chainref;
-	add_command $chainref, 'done';
+	add_commands $chainref, 'done';

 	log_rule_limit $level, $chainref, 'dropBcast' , 'DROP', '', $tag, 'add', ' -d 224.0.0.0/4 ' if $level ne '';
    }
@ -775,16 +775,16 @@ sub allowBcast( $$$ ) {
 	add_rule $chainref, '-d 224.0.0.0/4 -j ACCEPT';
    } else {
 	if ( $family == F_IPV4 ) {
-	    add_command $chainref, 'for address in $ALL_BCASTS; do';
+	    add_commands $chainref, 'for address in $ALL_BCASTS; do';
 	} else {
-	    add_command $chainref, 'for address in $ALL_MACASTS; do';
+	    add_commands $chainref, 'for address in $ALL_MACASTS; do';
 	}

 	incr_cmd_level $chainref;
 	log_rule_limit $level, $chainref, 'allowBcast' , 'ACCEPT', '', $tag, 'add', ' -d $address ' if $level ne '';
 	add_rule $chainref, '-d $address -j ACCEPT';
 	decr_cmd_level $chainref;
-	add_command $chainref, 'done';
+	add_commands $chainref, 'done';

 	if ( $family == F_IPV4 ) {
 	    log_rule_limit $level, $chainref, 'allowBcast' , 'ACCEPT', '', $tag, 'add', ' -d 224.0.0.0/4 ' if $level ne '';
--- a/Shorewall/Perl/Shorewall/Chains.pm
+++ b/Shorewall/Perl/Shorewall/Chains.pm
@ -71,7 +71,6 @@ our %EXPORT_TAGS = (
 				       ALL_COMMANDS
 				       NOT_RESTORE

-				       add_command
 				       add_commands
 				       move_rules
 				       insert_rule1
@ -408,18 +407,10 @@ sub decr_cmd_level( $ ) {
 }

 #
-# Add a run-time command to a chain. Arguments are:
+# Add run-time commands to a chain. Arguments are:
 #
-#    Chain reference , Command
+#    Chain reference , Command, ...
 #
-sub add_command($$)
-{
-    my ($chainref, $command) = @_;
-
-    push @{$chainref->{rules}}, join ('', '    ' x $chainref->{cmdlevel} , $command );
-
-    $chainref->{referenced} = 1;
-}

 sub add_commands ( $$;@ ) {
    my $chainref = shift @_;
@ -438,7 +429,7 @@ sub push_rule( $$ ) {

    if ( $chainref->{cmdlevel} ) {
 	$rule =~ s/"/\\"/g; #Must preserve quotes in the rule
-	add_command $chainref , qq(echo "-A $chainref->{name} $rule" >&3);
+	add_commands $chainref , qq(echo "-A $chainref->{name} $rule" >&3);
    } else {
 	#
 	# We omit the chain name for now -- this makes it easier to move rules from one 
@ -2373,7 +2364,7 @@ sub expand_rule( $$$$$$$$$$ )
    sub push_command( $$$ ) {
 	my ( $chainref, $command, $end ) = @_;

-	add_command $chainref, $command;
+	add_commands $chainref, $command;
 	incr_cmd_level $chainref;
 	push @ends, $end;
    }
@ -2790,7 +2781,7 @@ sub expand_rule( $$$$$$$$$$ )

    while ( @ends ) {
 	decr_cmd_level $chainref;
-	add_command $chainref, pop @ends;
+	add_commands $chainref, pop @ends;
    }

    $diface;
--- a/Shorewall/Perl/Shorewall/Nat.pm
+++ b/Shorewall/Perl/Shorewall/Nat.pm
@ -281,7 +281,7 @@ sub process_one_masq( )

 	if ( $detectaddress ) {
 	    decr_cmd_level( $chainref );
-	    add_command( $chainref , 'fi' );
+	    add_commands( $chainref , 'fi' );
 	}

 	if ( $add_snat_aliases ) {
--- a/Shorewall/Perl/Shorewall/Providers.pm
+++ b/Shorewall/Perl/Shorewall/Providers.pm
@ -118,9 +118,9 @@ sub setup_route_marking() {

 	if ( $providerref->{optional} ) {
 	    if ( $providerref->{shared} ) {
-		add_command( $chainref, qq(if [ interface_is_usable $interface -a -n "$providerref->{mac}" ]; then) );
+		add_commands( $chainref, qq(if [ interface_is_usable $interface -a -n "$providerref->{mac}" ]; then) );
 	    } else {
-		add_command( $chainref, qq(if [ -n "\$${base}_IS_USABLE" ]; then) );
+		add_commands( $chainref, qq(if [ -n "\$${base}_IS_USABLE" ]; then) );
 	    }
 		
 	    incr_cmd_level( $chainref );
@ -139,7 +139,7 @@ sub setup_route_marking() {
 	    add_rule $chainref, " -i $interface -j MARK --set-mark $providerref->{mark}";
 	}

-	decr_cmd_level( $chainref), add_command( $chainref, "fi" ) if $providerref->{optional};
+	decr_cmd_level( $chainref), add_commands( $chainref, "fi" ) if $providerref->{optional};
    }

    add_rule $chainref, "-m mark ! --mark 0/$mask -j CONNMARK --save-mark --mask $mask";
@ -865,7 +865,7 @@ sub handle_stickiness( $ ) {
 		
 		for my $chainref ( $stickyref, $setstickyref ) {

-		    add_command( $chainref, qq(if [ -n "\$${base}_IS_USABLE" ]; then) ), incr_cmd_level( $chainref ) if $providerref->{optional};
+		    add_commands( $chainref, qq(if [ -n "\$${base}_IS_USABLE" ]; then) ), incr_cmd_level( $chainref ) if $providerref->{optional};

 		    if ( $chainref->{name} eq 'sticky' ) {
 			$rule1 = $_;
@ -886,7 +886,7 @@ sub handle_stickiness( $ ) {
 			add_rule $chainref, $rule2;
 		    }

-		    decr_cmd_level( $chainref), add_command( $chainref, "fi" ) if $providerref->{optional};
+		    decr_cmd_level( $chainref), add_commands( $chainref, "fi" ) if $providerref->{optional};
 		    
 		}
 	    }
@ -897,7 +897,7 @@ sub handle_stickiness( $ ) {
 		my $stickoref = ensure_mangle_chain 'sticko';

 		for my $chainref ( $stickoref, $setstickoref ) {
-		    add_command( $chainref, qq(if [ -n "\$${base}_IS_USABLE" ]; then) ), incr_cmd_level( $chainref ) if $providerref->{optional};
+		    add_commands( $chainref, qq(if [ -n "\$${base}_IS_USABLE" ]; then) ), incr_cmd_level( $chainref ) if $providerref->{optional};

 		    if ( $chainref->{name} eq 'sticko' ) {
 			$rule1 = $_;
@ -918,7 +918,7 @@ sub handle_stickiness( $ ) {
 			add_rule $chainref, $rule2;
 		    }

-		    decr_cmd_level( $chainref), add_command( $chainref, "fi" ) if $providerref->{optional};
+		    decr_cmd_level( $chainref), add_commands( $chainref, "fi" ) if $providerref->{optional};
 		}
 	    }
 	}
--- a/Shorewall/Perl/Shorewall/Rules.pm
+++ b/Shorewall/Perl/Shorewall/Rules.pm
@ -459,16 +459,16 @@ sub add_common_rules() {
 	add_rule_pair $chainref, '-m addrtype --src-type BROADCAST ', 'DROP', $config{SMURF_LOG_LEVEL} ;
    } else {
 	if ( $family == F_IPV4 ) {
-	    add_command $chainref, 'for address in $ALL_BCASTS; do';
+	    add_commands $chainref, 'for address in $ALL_BCASTS; do';
 	} else {
-	    add_command $chainref, 'for address in $ALL_ACASTS; do';
+	    add_commands $chainref, 'for address in $ALL_ACASTS; do';
 	}

 	incr_cmd_level $chainref;
 	log_rule( $config{SMURF_LOG_LEVEL} , $chainref, 'DROP', '-s $address ' );
 	add_rule $chainref, '-s $address -j DROP';
 	decr_cmd_level $chainref;
-	add_command $chainref, 'done';
+	add_commands $chainref, 'done';
    }

    if ( $family == F_IPV4 ) {
@ -481,15 +481,15 @@ sub add_common_rules() {
 	add_rule $rejectref , '-m addrtype --src-type BROADCAST -j DROP';
    } else {
 	if ( $family == F_IPV4 ) {
-	    add_command $rejectref, 'for address in $ALL_BCASTS; do';
+	    add_commands $rejectref, 'for address in $ALL_BCASTS; do';
 	} else {
-	    add_command $rejectref, 'for address in $ALL_ACASTS; do';
+	    add_commands $rejectref, 'for address in $ALL_ACASTS; do';
 	}

 	incr_cmd_level $rejectref;
 	add_rule $rejectref, '-d $address -j DROP';
 	decr_cmd_level $rejectref;
-	add_command $rejectref, 'done';
+	add_commands $rejectref, 'done';
    }

    if ( $family == F_IPV4 ) {
@ -631,9 +631,10 @@ sub add_common_rules() {
 		my $base     = uc chain_base $interface;
 		my $variable = get_interface_gateway $interface;

-		add_command $chainref, qq(if [ -n "\$${base}_IS_USABLE" -a -n "$variable" ]; then);
-		add_command $chainref, qq(    echo -A $chainref->{name} -i $interface -s $variable -p udp -j ACCEPT >&3);
-		add_command $chainref, qq(fi);
+		add_commands( $chainref, 
+			      qq(if [ -n "\$${base}_IS_USABLE" -a -n "$variable" ]; then) ,
+			      qq(    echo -A $chainref->{name} -i $interface -s $variable -p udp -j ACCEPT >&3) ,
+			      qq(fi) );
 	    }
 	}
    }
@ -810,9 +811,9 @@ sub setup_mac_lists( $ ) {
 					  "    done" );
 			}

-			add_commands( $chainref, "    echo \"-A $chainref->{name} -s \$address -d 224.0.0.0/4 -j RETURN\" >&3" );
-
-			add_command( $chainref, 'done' );
+			add_commands( $chainref
+				      , "    echo \"-A $chainref->{name} -s \$address -d 224.0.0.0/4 -j RETURN\" >&3" ,
+				      , 'done' );
 		    }
 		}
 	    }