Finally the modularized version works

git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@5521 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
This commit is contained in:
teastep 2007-03-14 04:29:14 +00:00
parent ac9fe46768
commit 27f70a7950
5 changed files with 25 additions and 25 deletions

View File

@ -33,7 +33,8 @@ our @EXPORT = qw( add_rule
%chain_table
$nat_table
$mangle_table
$filter_table );
$filter_table
$section );
our @EXPORT_OK = ();
our @VERSION = 1.00;
@ -63,15 +64,19 @@ our @VERSION = 1.00;
#
# 'loglevel', 'synparams' and 'default' only apply to policy chains.
#
my @policy_chains;
my %chain_table = ( raw => {} ,
our @policy_chains;
our %chain_table = ( raw => {} ,
mangle => {},
nat => {},
filter => {} );
my $nat_table = $chain_table{nat};
my $mangle_table = $chain_table{mangle};
my $filter_table = $chain_table{filter};
our $nat_table = $chain_table{nat};
our $mangle_table = $chain_table{mangle};
our $filter_table = $chain_table{filter};
#
# Current rules file section.
#
our $section = 'ESTABLISHED';
#
# Add a rule to a chain. Arguments are:

View File

@ -18,12 +18,11 @@ our @EXPORT = qw(warning_message
copy
copy1
$line
$lastlineblank);
$line);
our @EXPORT_OK = ();
our @VERSION = 1.00;
my $line = ''; # Current config file line
our $line = ''; # Current config file line
my $object = 0; # Object file Handle Reference
my $lastlineblank = 0; # Avoid extra blank lines in the output
my $indent = '';

View File

@ -2,6 +2,7 @@ package Shorewall::Interfaces;
require Exporter;
use Shorewall::Common;
use Shorewall::Config;
use Shorewall::Zones;
our @ISA = qw(Exporter);
our @EXPORT = qw( validate_interfaces_file dump_interface_info known_interface @interfaces %interfaces );
@ -21,8 +22,8 @@ our @VERSION = 1.00;
# zone => <zone name>
# }
#
my @interfaces;
my %interfaces;
our @interfaces;
our %interfaces;
#
# Parse the interfaces file.

View File

@ -37,9 +37,9 @@ our @VERSION = 1.00;
#
# $firewall_zone names the firewall zone.
#
my @zones;
my %zones;
my $firewall_zone;
our @zones;
our %zones;
our $firewall_zone;
#
# Parse the passed option list and return a reference to a hash as follows:

View File

@ -38,10 +38,6 @@ my $exclseq = 0;
my $iprangematch = 0;
my $ipsetmatch = 0;
#
# Current rules file section.
#
my $section = 'ESTABLISHED';
#
# These get set to 1 as sections are encountered.
#
my %sections = ( ESTABLISHED => 0,
@ -4277,15 +4273,14 @@ sub setup_providers() {
sub setup_route_marking() {
my $mask = $config{HIGH_ROUTE_MARKS} ? '0xFFFF' : '0xFF';
my $mark_op = $config{HIGH_ROUTE_MARKS} ? '--or-mark' : '--set-mark';
my $preroutrulenum = 1;
insert_rule $mangle_table->{PREROUTING} , $preroutrulenum++ , "-m connmark ! --mark 0/$mask -j CONNMARK --restore-mark --mask $mask";
insert_rule $mangle_table->{OUTPUT} , 1, " -m connmark ! --mark 0/$mask -j CONNMARK --restore-mark --mask $mask";
add_rule $mangle_table->{PREROUTING} , "-m connmark ! --mark 0/$mask -j CONNMARK --restore-mark --mask $mask";
add_rule $mangle_table->{OUTPUT} , " -m connmark ! --mark 0/$mask -j CONNMARK --restore-mark --mask $mask";
my $chainref = new_chain 'mangle', 'routemark';
while ( my ( $interface, $mark ) = ( each %routemarked_interfaces ) ) {
insert_rule $mangle_table->{PREROUTING} , $preroutrulenum++ , "-i $interface -m mark --mark 0/$mask -j routemark";
add_rule $mangle_table->{PREROUTING} , "-i $interface -m mark --mark 0/$mask -j routemark";
add_rule $chainref, " -i $interface -j MARK $mark_op $mark";
}