From 44a4f6d77d0e15d7bc4d3fbe5155cf22a50807ab Mon Sep 17 00:00:00 2001 From: Tom Eastep Date: Sat, 22 Dec 2012 13:51:24 -0800 Subject: [PATCH] Move COMMENT handling to the Config module. Signed-off-by: Tom Eastep --- Shorewall/Perl/Shorewall/Chains.pm | 70 ----------------------------- Shorewall/Perl/Shorewall/Config.pm | 71 ++++++++++++++++++++++++++++++ 2 files changed, 71 insertions(+), 70 deletions(-) diff --git a/Shorewall/Perl/Shorewall/Chains.pm b/Shorewall/Perl/Shorewall/Chains.pm index 5b7527e47..ef3472322 100644 --- a/Shorewall/Perl/Shorewall/Chains.pm +++ b/Shorewall/Perl/Shorewall/Chains.pm @@ -127,12 +127,6 @@ our %EXPORT_TAGS = ( insert_rule1 delete_jumps add_tunnel_rule - process_comment - no_comment - macro_comment - clear_comment - push_comment - pop_comment forward_chain forward_option_chain rules_chain @@ -338,8 +332,6 @@ our $rawpost_table; our $nat_table; our $mangle_table; our $filter_table; -my $comment; -my @comments; my $export; my %renamed; our %nfobjects; @@ -387,7 +379,6 @@ my $iprangematch; my %chainseq; my $idiotcount; my $idiotcount1; -my $warningcount; my $hashlimitset; my $global_variables; my %address_variables; @@ -634,11 +625,6 @@ sub initialize( $$$ ) { $filter_table = $chain_table{filter}; %renamed = (); # - # Contents of last COMMENT line. - # - $comment = ''; - @comments = (); - # # Used to sequence chain names in each table. # %chainseq = () if $hard; @@ -661,7 +647,6 @@ sub initialize( $$$ ) { $global_variables = 0; $idiotcount = 0; $idiotcount1 = 0; - $warningcount = 0; $hashlimitset = 0; $ipset_rules = 0 if $hard; @@ -676,61 +661,6 @@ sub initialize( $$$ ) { # } -# -# Process a COMMENT line (in $currentline) -# -sub process_comment() { - if ( have_capability( 'COMMENTS' ) ) { - ( $comment = $currentline ) =~ s/^\s*COMMENT\s*//; - $comment =~ s/\s*$//; - } else { - warning_message "COMMENTs ignored -- require comment support in iptables/Netfilter" unless $warningcount++; - } -} - -# -# Returns True if there is a current COMMENT or if COMMENTS are not available. -# -sub no_comment() { - $comment ? 1 : ! have_capability( 'COMMENTS' ); -} - -# -# Clear the $comment variable and the comment stack -# -sub clear_comment() { - $comment = ''; - @comments = (); -} - -# -# Push and Pop comment stack -# -sub push_comment( $ ) { - push @comments, $comment; - $comment = shift; -} - -sub pop_comment() { - $comment = pop @comments; -} - -# -# Set comment -# -sub set_comment( $ ) { - $comment = shift; -} - -# -# Set $comment to the passed unless there is a current comment -# -sub macro_comment( $ ) { - my $macro = $_[0]; - - $comment = $macro unless $comment || ! ( have_capability( 'COMMENTS' ) && $config{AUTOCOMMENT} ); -} - # # Functions to manipulate cmdlevel # diff --git a/Shorewall/Perl/Shorewall/Config.pm b/Shorewall/Perl/Shorewall/Config.pm index 9ce364943..9ef59e097 100644 --- a/Shorewall/Perl/Shorewall/Config.pm +++ b/Shorewall/Perl/Shorewall/Config.pm @@ -131,6 +131,12 @@ our %EXPORT_TAGS = ( internal => [ qw( create_temp_script run_user_exit1 run_user_exit2 generate_aux_config + process_comment + no_comment + macro_comment + clear_comment + push_comment + pop_comment dump_mark_layout $product @@ -143,6 +149,7 @@ our %EXPORT_TAGS = ( internal => [ qw( create_temp_script $currentfilename $debug $file_format + $comment %config %globals %config_files @@ -486,6 +493,9 @@ my @tempfiles; # Files that need unlinking at END my $first_entry; # Message to output or function to call on first non-blank line of a file our $file_format; # Format of configuration file. my $max_format; # Max format value +our $comment; # Current COMMENT +my @comments; +my $warningcount; my $shorewall_dir; # Shorewall Directory; if non-empty, search here first for files. @@ -605,6 +615,12 @@ sub initialize( $;$$) { @ifstack = (); $embedded = 0; # + # Contents of last COMMENT line. + # + $comment = ''; + @comments = (); + $warningcount = 0; + # # Misc Globals # %globals = ( SHAREDIRPL => '' , @@ -1905,6 +1921,61 @@ sub split_line($$) { &split_line1( @_, {} ); } +# +# Process a COMMENT line (in $currentline) +# +sub process_comment() { + if ( have_capability( 'COMMENTS' ) ) { + ( $comment = $currentline ) =~ s/^\s*COMMENT\s*//; + $comment =~ s/\s*$//; + } else { + warning_message "COMMENTs ignored -- require comment support in iptables/Netfilter" unless $warningcount++; + } +} + +# +# Returns True if there is a current COMMENT or if COMMENTS are not available. +# +sub no_comment() { + $comment ? 1 : ! have_capability( 'COMMENTS' ); +} + +# +# Clear the $comment variable and the comment stack +# +sub clear_comment() { + $comment = ''; + @comments = (); +} + +# +# Push and Pop comment stack +# +sub push_comment( $ ) { + push @comments, $comment; + $comment = shift; +} + +sub pop_comment() { + $comment = pop @comments; +} + +# +# Set comment +# +sub set_comment( $ ) { + $comment = shift; +} + +# +# Set $comment to the passed unless there is a current comment +# +sub macro_comment( $ ) { + my $macro = $_[0]; + + $comment = $macro unless $comment || ! ( have_capability( 'COMMENTS' ) && $config{AUTOCOMMENT} ); +} + # # Open a file, setting $currentfile. Returns the file's absolute pathname if the file # exists, is non-empty and was successfully opened. Terminates with a fatal error