holm/shorewall_code
1
0
Fork 0
forked from extern/shorewall_code
Code Pull Requests Activity

Fix gateway detection

Browse Source 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@9103 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
This commit is contained in:
teastep 2008-12-17 22:07:00 +00:00
parent 788b9cc2aa
commit 4d8b97ac10
4 changed files with 13 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
Shorewall-perl/Shorewall/Proc.pm
View File

@ -123,7 +123,7 @@ sub setup_route_filtering() {
emit 'echo 0 > /proc/sys/net/ipv4/conf/default/rp_filter'; emit 'echo 0 > /proc/sys/net/ipv4/conf/default/rp_filter';
} }
emit "[ -n \"\$NOROUTES\" ] || ip route flush cache"; emit "[ -n \"\$NOROUTES\" ] || ip -4 route flush cache";
} }
} }

17
Shorewall-perl/Shorewall/Providers.pm
View File

@ -56,6 +56,8 @@ our @providers;
our $family; our $family;
our $default;
# #
# Initialize globals -- we take this novel approach to globals initialization to allow # Initialize globals -- we take this novel approach to globals initialization to allow
@ -74,6 +76,7 @@ sub initialize( $ ) {
@routemarked_interfaces = (); @routemarked_interfaces = ();
$balance = 0; $balance = 0;
$first_default_route = 1; $first_default_route = 1;
$default = $family == F_IPV4 ? 'default' : '2000::/3';
%providers = ( local => { number => LOCAL_TABLE , mark => 0 , optional => 0 } , %providers = ( local => { number => LOCAL_TABLE , mark => 0 , optional => 0 } ,
main => { number => MAIN_TABLE , mark => 0 , optional => 0 } , main => { number => MAIN_TABLE , mark => 0 , optional => 0 } ,
@ -135,7 +138,7 @@ sub copy_table( $$$ ) {
} }
emit ( ' case $net in', emit ( ' case $net in',
' default|nexthop)', ' default|nexthop|2000::/3)',
' ;;', ' ;;',
' *)', ' *)',
" run_ip route add table $number \$net \$route $realm", " run_ip route add table $number \$net \$route $realm",
@ -155,7 +158,7 @@ sub copy_and_edit_table( $$$$ ) {
} }
emit ( ' case $net in', emit ( ' case $net in',
' default|nexthop)', ' default|nexthop|2000::/3)',
' ;;', ' ;;',
' *)', ' *)',
' case $(find_device $route) in', ' case $(find_device $route) in',
@ -240,7 +243,7 @@ sub add_a_provider( $$$$$$$$ ) {
} else { } else {
fatal_error "Configuring multiple providers through one interface requires a gateway" if $shared; fatal_error "Configuring multiple providers through one interface requires a gateway" if $shared;
$gateway = ''; $gateway = '';
emit "run_ip route add default dev $interface table $number"; emit "run_ip route add $default dev $interface table $number";
} }
my $val = 0; my $val = 0;
@ -352,7 +355,7 @@ sub add_a_provider( $$$$$$$$ ) {
if ( $gateway ) { if ( $gateway ) {
$address = get_interface_address $interface unless $address; $address = get_interface_address $interface unless $address;
emit "run_ip route replace $gateway src $address dev $interface ${mtu}table $number $realm"; emit "run_ip route replace $gateway src $address dev $interface ${mtu}table $number $realm";
emit "run_ip route add default via $gateway src $address dev $interface ${mtu}table $number $realm"; emit "run_ip route add $default via $gateway src $address dev $interface ${mtu}table $number $realm";
} }
balance_default_route $balance , $gateway, $interface, $realm if $balance; balance_default_route $balance , $gateway, $interface, $realm if $balance;
@ -511,7 +514,7 @@ sub setup_providers() {
emit ( '#', emit ( '#',
'# Capture the default route(s) if we don\'t have it (them) already.', '# Capture the default route(s) if we don\'t have it (them) already.',
'#', '#',
'[ -f ${VARDIR}/default_route ] || ip -' . $family . ' route list | grep -E \'^\s*(default |nexthop )\' > ${VARDIR}/default_route', '[ -f ${VARDIR}/default_route ] || ip -' . $family . ' route list | grep -E \'^\s*(default |nexthop |2000::/3 )\' > ${VARDIR}/default_route',
'#', '#',
'# Initialize the file that holds \'undo\' commands', '# Initialize the file that holds \'undo\' commands',
'#', '#',
@ -548,8 +551,8 @@ sub setup_providers() {
} }
emit ( 'if [ -n "$DEFAULT_ROUTE" ]; then' ); emit ( 'if [ -n "$DEFAULT_ROUTE" ]; then' );
emit ( " run_ip route replace default scope global table $table \$DEFAULT_ROUTE" ); emit ( " run_ip route replace $default scope global table $table \$DEFAULT_ROUTE" );
emit ( " qt ip -$family route del default table " . MAIN_TABLE ) if $config{USE_DEFAULT_RT}; emit ( " qt ip -$family route del $default table " . MAIN_TABLE ) if $config{USE_DEFAULT_RT};
emit ( " progress_message \"Default route '\$(echo \$DEFAULT_ROUTE | sed 's/\$\\s*//')' Added\"", emit ( " progress_message \"Default route '\$(echo \$DEFAULT_ROUTE | sed 's/\$\\s*//')' Added\"",
'else', 'else',
' error_message "WARNING: No Default route added (all \'balance\' providers are down)"', ' error_message "WARNING: No Default route added (all \'balance\' providers are down)"',

2
Shorewall-perl/prog.functions
View File

@ -138,7 +138,7 @@ do_iptables()
run_ip() run_ip()
{ {
if ! ip -4 $@; then if ! ip -4 $@; then
error_message "ERROR: Command \"ip $@\" Failed" error_message "ERROR: Command \"ip -4 $@\" Failed"
stop_firewall stop_firewall
exit 2 exit 2
fi fi

2
Shorewall-perl/prog.functions6
View File

@ -114,7 +114,7 @@ do_iptables()
run_ip() run_ip()
{ {
if ! ip -6 $@; then if ! ip -6 $@; then
error_message "ERROR: Command \"ip $@\" Failed" error_message "ERROR: Command \"ip -6 $@\" Failed"
stop_firewall stop_firewall
exit 2 exit 2
fi fi