holm/shorewall_code
1
0
Fork 0
forked from extern/shorewall_code
Code Pull Requests Activity

More release note updates

Browse Source 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@5905 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
This commit is contained in:
teastep 2007-04-12 17:40:36 +00:00
parent 226c4a198d
commit 4beb3a6cee
2 changed files with 51 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

53
Shorewall-common/releasenotes.txt
View File

@ -122,12 +122,55 @@ d) The BROADCAST column in the interfaces file is essentially unused;
match requirement is relaxed. match requirement is relaxed.
e) Because the compiler is now written in Perl, your compile-time e) Because the compiler is now written in Perl, your compile-time
extension scripts from earlier versions will no longer work. For extension scripts from earlier versions will no longer work.
now, if you want to use extension scripts, you will need to read the
Perl code to see how the compiler operates internally. I will
produce documentation before the first official release.
Compile-time extension scripts are executed using the Perl Compile-time extension scripts are executed using the Perl
'eval `cat <file>`' mechanism. 'eval `cat <file>`' mechanism. Be sure that each script returns a
'true' value; otherwise, the compiler will assume that the script
failed and will abort the compilation.
When a script is invoked, the $chainref scalar variable will hold a
reference to a chain table entry.
$chainref->{name} contains the name of the chain
$chainref->{table} holds the table name
To add a rule to the chain:
add_rule $chainref, <the rule>
Where
<the rule> is a scalar argument holding the rule text. Do not
include "-A <chain name>"
Example:
add_rule $chainref, '-j ACCEPT';
To insert a rule into the chain:
insert_rule $chainref, <rulenum>, <the rule>
The log_rule_limit function works like it does in the shell
compiler with two exceptions:
- You pass the chain reference rather than the name of the
chain.
- The commands are 'add' and 'insert' rather than '-A' and
'-I'.
- There is only a single "pass as-is to iptables" argument
(so you must quote that part).
Example:
log_rule_limit
'info' ,
$chainref ,
$chainref->{name},
'DROP' ,
'', #Limit
'' , #Log tag
'add';
f) The 'refresh' command is now synonymous with 'restart'. f) The 'refresh' command is now synonymous with 'restart'.

4
Shorewall-perl/releasenotes.txt
View File

@ -77,7 +77,9 @@ d) The BROADCAST column in the interfaces file is essentially unused;
e) Because the compiler is now written in Perl, your compile-time e) Because the compiler is now written in Perl, your compile-time
extension scripts from earlier versions will no longer work. extension scripts from earlier versions will no longer work.
Compile-time extension scripts are executed using the Perl Compile-time extension scripts are executed using the Perl
'eval `cat <file>`' mechanism. 'eval `cat <file>`' mechanism. Be sure that each script returns a
'true' value; otherwise, the compiler will assume that the script
failed and will abort the compilation.
When a script is invoked, the $chainref scalar variable will hold a When a script is invoked, the $chainref scalar variable will hold a
reference to a chain table entry. reference to a chain table entry.