forked from extern/shorewall_code
Move COMMENT handling to the Config module.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
This commit is contained in:
parent
e4e61c4193
commit
44a4f6d77d
@ -127,12 +127,6 @@ our %EXPORT_TAGS = (
|
|||||||
insert_rule1
|
insert_rule1
|
||||||
delete_jumps
|
delete_jumps
|
||||||
add_tunnel_rule
|
add_tunnel_rule
|
||||||
process_comment
|
|
||||||
no_comment
|
|
||||||
macro_comment
|
|
||||||
clear_comment
|
|
||||||
push_comment
|
|
||||||
pop_comment
|
|
||||||
forward_chain
|
forward_chain
|
||||||
forward_option_chain
|
forward_option_chain
|
||||||
rules_chain
|
rules_chain
|
||||||
@ -338,8 +332,6 @@ our $rawpost_table;
|
|||||||
our $nat_table;
|
our $nat_table;
|
||||||
our $mangle_table;
|
our $mangle_table;
|
||||||
our $filter_table;
|
our $filter_table;
|
||||||
my $comment;
|
|
||||||
my @comments;
|
|
||||||
my $export;
|
my $export;
|
||||||
my %renamed;
|
my %renamed;
|
||||||
our %nfobjects;
|
our %nfobjects;
|
||||||
@ -387,7 +379,6 @@ my $iprangematch;
|
|||||||
my %chainseq;
|
my %chainseq;
|
||||||
my $idiotcount;
|
my $idiotcount;
|
||||||
my $idiotcount1;
|
my $idiotcount1;
|
||||||
my $warningcount;
|
|
||||||
my $hashlimitset;
|
my $hashlimitset;
|
||||||
my $global_variables;
|
my $global_variables;
|
||||||
my %address_variables;
|
my %address_variables;
|
||||||
@ -634,11 +625,6 @@ sub initialize( $$$ ) {
|
|||||||
$filter_table = $chain_table{filter};
|
$filter_table = $chain_table{filter};
|
||||||
%renamed = ();
|
%renamed = ();
|
||||||
#
|
#
|
||||||
# Contents of last COMMENT line.
|
|
||||||
#
|
|
||||||
$comment = '';
|
|
||||||
@comments = ();
|
|
||||||
#
|
|
||||||
# Used to sequence chain names in each table.
|
# Used to sequence chain names in each table.
|
||||||
#
|
#
|
||||||
%chainseq = () if $hard;
|
%chainseq = () if $hard;
|
||||||
@ -661,7 +647,6 @@ sub initialize( $$$ ) {
|
|||||||
$global_variables = 0;
|
$global_variables = 0;
|
||||||
$idiotcount = 0;
|
$idiotcount = 0;
|
||||||
$idiotcount1 = 0;
|
$idiotcount1 = 0;
|
||||||
$warningcount = 0;
|
|
||||||
$hashlimitset = 0;
|
$hashlimitset = 0;
|
||||||
$ipset_rules = 0 if $hard;
|
$ipset_rules = 0 if $hard;
|
||||||
|
|
||||||
@ -676,61 +661,6 @@ sub initialize( $$$ ) {
|
|||||||
#
|
#
|
||||||
}
|
}
|
||||||
|
|
||||||
#
|
|
||||||
# Process a COMMENT line (in $currentline)
|
|
||||||
#
|
|
||||||
sub process_comment() {
|
|
||||||
if ( have_capability( 'COMMENTS' ) ) {
|
|
||||||
( $comment = $currentline ) =~ s/^\s*COMMENT\s*//;
|
|
||||||
$comment =~ s/\s*$//;
|
|
||||||
} else {
|
|
||||||
warning_message "COMMENTs ignored -- require comment support in iptables/Netfilter" unless $warningcount++;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
#
|
|
||||||
# Returns True if there is a current COMMENT or if COMMENTS are not available.
|
|
||||||
#
|
|
||||||
sub no_comment() {
|
|
||||||
$comment ? 1 : ! have_capability( 'COMMENTS' );
|
|
||||||
}
|
|
||||||
|
|
||||||
#
|
|
||||||
# Clear the $comment variable and the comment stack
|
|
||||||
#
|
|
||||||
sub clear_comment() {
|
|
||||||
$comment = '';
|
|
||||||
@comments = ();
|
|
||||||
}
|
|
||||||
|
|
||||||
#
|
|
||||||
# Push and Pop comment stack
|
|
||||||
#
|
|
||||||
sub push_comment( $ ) {
|
|
||||||
push @comments, $comment;
|
|
||||||
$comment = shift;
|
|
||||||
}
|
|
||||||
|
|
||||||
sub pop_comment() {
|
|
||||||
$comment = pop @comments;
|
|
||||||
}
|
|
||||||
|
|
||||||
#
|
|
||||||
# Set comment
|
|
||||||
#
|
|
||||||
sub set_comment( $ ) {
|
|
||||||
$comment = shift;
|
|
||||||
}
|
|
||||||
|
|
||||||
#
|
|
||||||
# Set $comment to the passed unless there is a current comment
|
|
||||||
#
|
|
||||||
sub macro_comment( $ ) {
|
|
||||||
my $macro = $_[0];
|
|
||||||
|
|
||||||
$comment = $macro unless $comment || ! ( have_capability( 'COMMENTS' ) && $config{AUTOCOMMENT} );
|
|
||||||
}
|
|
||||||
|
|
||||||
#
|
#
|
||||||
# Functions to manipulate cmdlevel
|
# Functions to manipulate cmdlevel
|
||||||
#
|
#
|
||||||
|
@ -131,6 +131,12 @@ our %EXPORT_TAGS = ( internal => [ qw( create_temp_script
|
|||||||
run_user_exit1
|
run_user_exit1
|
||||||
run_user_exit2
|
run_user_exit2
|
||||||
generate_aux_config
|
generate_aux_config
|
||||||
|
process_comment
|
||||||
|
no_comment
|
||||||
|
macro_comment
|
||||||
|
clear_comment
|
||||||
|
push_comment
|
||||||
|
pop_comment
|
||||||
dump_mark_layout
|
dump_mark_layout
|
||||||
|
|
||||||
$product
|
$product
|
||||||
@ -143,6 +149,7 @@ our %EXPORT_TAGS = ( internal => [ qw( create_temp_script
|
|||||||
$currentfilename
|
$currentfilename
|
||||||
$debug
|
$debug
|
||||||
$file_format
|
$file_format
|
||||||
|
$comment
|
||||||
%config
|
%config
|
||||||
%globals
|
%globals
|
||||||
%config_files
|
%config_files
|
||||||
@ -486,6 +493,9 @@ my @tempfiles; # Files that need unlinking at END
|
|||||||
my $first_entry; # Message to output or function to call on first non-blank line of a file
|
my $first_entry; # Message to output or function to call on first non-blank line of a file
|
||||||
our $file_format; # Format of configuration file.
|
our $file_format; # Format of configuration file.
|
||||||
my $max_format; # Max format value
|
my $max_format; # Max format value
|
||||||
|
our $comment; # Current COMMENT
|
||||||
|
my @comments;
|
||||||
|
my $warningcount;
|
||||||
|
|
||||||
my $shorewall_dir; # Shorewall Directory; if non-empty, search here first for files.
|
my $shorewall_dir; # Shorewall Directory; if non-empty, search here first for files.
|
||||||
|
|
||||||
@ -605,6 +615,12 @@ sub initialize( $;$$) {
|
|||||||
@ifstack = ();
|
@ifstack = ();
|
||||||
$embedded = 0;
|
$embedded = 0;
|
||||||
#
|
#
|
||||||
|
# Contents of last COMMENT line.
|
||||||
|
#
|
||||||
|
$comment = '';
|
||||||
|
@comments = ();
|
||||||
|
$warningcount = 0;
|
||||||
|
#
|
||||||
# Misc Globals
|
# Misc Globals
|
||||||
#
|
#
|
||||||
%globals = ( SHAREDIRPL => '' ,
|
%globals = ( SHAREDIRPL => '' ,
|
||||||
@ -1905,6 +1921,61 @@ sub split_line($$) {
|
|||||||
&split_line1( @_, {} );
|
&split_line1( @_, {} );
|
||||||
}
|
}
|
||||||
|
|
||||||
|
#
|
||||||
|
# Process a COMMENT line (in $currentline)
|
||||||
|
#
|
||||||
|
sub process_comment() {
|
||||||
|
if ( have_capability( 'COMMENTS' ) ) {
|
||||||
|
( $comment = $currentline ) =~ s/^\s*COMMENT\s*//;
|
||||||
|
$comment =~ s/\s*$//;
|
||||||
|
} else {
|
||||||
|
warning_message "COMMENTs ignored -- require comment support in iptables/Netfilter" unless $warningcount++;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
#
|
||||||
|
# Returns True if there is a current COMMENT or if COMMENTS are not available.
|
||||||
|
#
|
||||||
|
sub no_comment() {
|
||||||
|
$comment ? 1 : ! have_capability( 'COMMENTS' );
|
||||||
|
}
|
||||||
|
|
||||||
|
#
|
||||||
|
# Clear the $comment variable and the comment stack
|
||||||
|
#
|
||||||
|
sub clear_comment() {
|
||||||
|
$comment = '';
|
||||||
|
@comments = ();
|
||||||
|
}
|
||||||
|
|
||||||
|
#
|
||||||
|
# Push and Pop comment stack
|
||||||
|
#
|
||||||
|
sub push_comment( $ ) {
|
||||||
|
push @comments, $comment;
|
||||||
|
$comment = shift;
|
||||||
|
}
|
||||||
|
|
||||||
|
sub pop_comment() {
|
||||||
|
$comment = pop @comments;
|
||||||
|
}
|
||||||
|
|
||||||
|
#
|
||||||
|
# Set comment
|
||||||
|
#
|
||||||
|
sub set_comment( $ ) {
|
||||||
|
$comment = shift;
|
||||||
|
}
|
||||||
|
|
||||||
|
#
|
||||||
|
# Set $comment to the passed unless there is a current comment
|
||||||
|
#
|
||||||
|
sub macro_comment( $ ) {
|
||||||
|
my $macro = $_[0];
|
||||||
|
|
||||||
|
$comment = $macro unless $comment || ! ( have_capability( 'COMMENTS' ) && $config{AUTOCOMMENT} );
|
||||||
|
}
|
||||||
|
|
||||||
#
|
#
|
||||||
# Open a file, setting $currentfile. Returns the file's absolute pathname if the file
|
# Open a file, setting $currentfile. Returns the file's absolute pathname if the file
|
||||||
# exists, is non-empty and was successfully opened. Terminates with a fatal error
|
# exists, is non-empty and was successfully opened. Terminates with a fatal error
|
||||||
|
Loading…
Reference in New Issue
Block a user