holm/shorewall_code
1
0
Fork 0
forked from extern/shorewall_code
Code Pull Requests Activity

Add support for HAProxy

Browse Source 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
This commit is contained in:
Tom Eastep 2016-01-06 08:27:50 -08:00
parent 2778e8c6b5
commit 4c33c2b957
1 changed files with 21 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
Shorewall/Perl/Shorewall/Tc.pm
View File

@ -454,6 +454,27 @@ sub process_mangle_rule1( $$$$$$$$$$$$$$$$$ ) {
},
},
HADIVERT => {
defaultchain => REALPREROUTING,
allowedchains => PREROUTING | REALPREROUTING,
minparams => 0,
maxparams => 0,
function => sub () {
fatal_error 'DIVERT is only allowed in the PREROUTING chain' if $designator && $designator != PREROUTING;
my $mark = in_hex( $globals{TPROXY_MARK} ) . '/' . in_hex( $globals{TPROXY_MARK} );
unless ( $divertref ) {
$divertref = new_chain( 'mangle', 'divert' );
add_ijump( $divertref , j => 'MARK', targetopts => "--set-mark $mark" );
add_ijump( $divertref , j => 'ACCEPT' );
}
$target = 'divert';
$matches = '-m socket ';
},
},
DROP => {
defaultchain => 0,
allowedchains => PREROUTING | FORWARD | OUTPUT | POSTROUTING,