forked from extern/shorewall_code
Improve 'update'
- convert BLACKLISTNEWONLY - convert LOGRATE and LOGBURST - default USE_DEFAULT_RT to No Signed-off-by: Tom Eastep <teastep@shorewall.net>
This commit is contained in:
Tom Eastep
parent
1d8873d3d5
commit
28df894add
@ -618,6 +618,8 @@ our %deprecated = ( LOGRATE => '' ,
|
|||||||
our %converted = ( WIDE_TC_MARKS => 1,
|
our %converted = ( WIDE_TC_MARKS => 1,
|
||||||
HIGH_ROUTE_MARKS => 1,
|
HIGH_ROUTE_MARKS => 1,
|
||||||
BLACKLISTNEWONLY => 1,
|
BLACKLISTNEWONLY => 1,
|
||||||
|
LOGRATE => 1,
|
||||||
|
LOGBURST => 1,
|
||||||
);
|
);
|
||||||
#
|
#
|
||||||
# Variables involved in ?IF, ?ELSE ?ENDIF processing
|
# Variables involved in ?IF, ?ELSE ?ENDIF processing
|
||||||
@ -4824,6 +4826,45 @@ sub update_config_file( $$ ) {
|
|||||||
$config{PROVIDER_OFFSET} = ( $high ? $wide ? 16 : 8 : 0 ) unless defined $config{PROVIDER_OFFSET};
|
$config{PROVIDER_OFFSET} = ( $high ? $wide ? 16 : 8 : 0 ) unless defined $config{PROVIDER_OFFSET};
|
||||||
$config{PROVIDER_BITS} = 8 unless defined $config{PROVIDER_BITS};
|
$config{PROVIDER_BITS} = 8 unless defined $config{PROVIDER_BITS};
|
||||||
|
|
||||||
|
unless ( supplied $config{LOGLIMIT} ) {
|
||||||
|
if ( $config{LOGRATE} || $config{LOGBURST} ) {
|
||||||
|
my $limit;
|
||||||
|
|
||||||
|
if ( supplied $config{LOGRATE} ) {
|
||||||
|
fatal_error"Invalid LOGRATE ($config{LOGRATE})" unless $config{LOGRATE} =~ /^\d+\/(second|minute)$/;
|
||||||
|
$limit = $config{LOGRATE};
|
||||||
|
}
|
||||||
|
|
||||||
|
if ( supplied $config{LOGBURST} ) {
|
||||||
|
fatal_error"Invalid LOGBURST ($config{LOGBURST})" unless $config{LOGBURST} =~ /^\d+$/;
|
||||||
|
$limit .= ":$config{LOGBURST}";
|
||||||
|
}
|
||||||
|
|
||||||
|
$config{LOGLIMIT} = $limit;
|
||||||
|
|
||||||
|
$config{LOGRATE} = $config{LOGBURST} = undef;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
unless ( supplied $config{BLACKLIST} ) {
|
||||||
|
if ( $config{BLACKLISTNEWONLY} ) {
|
||||||
|
default_yes_no 'BLACKLISTNEWONLY' , '';
|
||||||
|
fatal_error "BLACKLISTNEWONLY=No may not be specified with FASTACCEPT=Yes" if $config{FASTACCEPT} && ! $config{BLACKLISTNEWONLY};
|
||||||
|
|
||||||
|
if ( have_capability 'RAW_TABLE' ) {
|
||||||
|
$globals{BLACKLIST_STATES} = $config{BLACKLISTNEWONLY} ? 'NEW,INVALID,UNTRACKED' : 'NEW,ESTABLISHED,INVALID,UNTRACKED';
|
||||||
|
} else {
|
||||||
|
$globals{BLACKLIST_STATES} = $config{BLACKLISTNEWONLY} ? 'NEW,INVALID' : 'NEW,ESTABLISHED,INVALID';
|
||||||
|
}
|
||||||
|
|
||||||
|
$config{BLACKLIST} = $globals{BLACKLIST_STATES};
|
||||||
|
|
||||||
|
$config{BLACKLISTNEWONLY} = undef;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
$config{USE_DEFAULT_RT} = 'No' unless defined $config{USE_DEFAULT_RT};
|
||||||
|
|
||||||
my $fn;
|
my $fn;
|
||||||
|
|
||||||
unless ( -d "$globals{SHAREDIR}/configfiles/" ) {
|
unless ( -d "$globals{SHAREDIR}/configfiles/" ) {
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user