forked from extern/shorewall_code
Add Kernel Version to the capabilities
This commit is contained in:
Tom Eastep
parent
24ddacb4a7
commit
4f4d77be48
@ -243,6 +243,7 @@ our %capdesc = ( NAT_ENABLED => 'NAT',
|
||||
PERSISTENT_SNAT => 'Persistent SNAT',
|
||||
OLD_HL_MATCH => 'Old Hash Limit Match',
|
||||
CAPVERSION => 'Capability Version',
|
||||
KERNELVERSION => 'Kernel Version',
|
||||
);
|
||||
#
|
||||
# Directories to search for configuration files
|
||||
@ -328,7 +329,7 @@ sub initialize( $ ) {
|
||||
EXPORT => 0,
|
||||
UNTRACKED => 0,
|
||||
VERSION => "4.4.5",
|
||||
CAPVERSION => 40402 ,
|
||||
CAPVERSION => 40406 ,
|
||||
);
|
||||
|
||||
#
|
||||
@ -1844,8 +1845,8 @@ sub check_trivalue( $$ ) {
|
||||
sub report_capability( $ ) {
|
||||
my $cap = $_[0];
|
||||
print " $capdesc{$cap}: ";
|
||||
if ( $cap eq 'CAPVERSION' ) {
|
||||
my $version = $capabilities{CAPVERSION};
|
||||
if ( $cap eq 'CAPVERSION' || $cap eq 'KERNELVERSION') {
|
||||
my $version = $capabilities{$cap};
|
||||
printf "%d.%d.%d\n", int( $version / 10000 ) , int ( ( $version % 10000 ) / 100 ) , int ( $version % 100 );
|
||||
} else {
|
||||
print $capabilities{$cap} ? "Available\n" : "Not Available\n";
|
||||
@ -1947,6 +1948,19 @@ sub qt1( $ ) {
|
||||
$? == 0;
|
||||
}
|
||||
|
||||
#
|
||||
# Get the current kernel version
|
||||
#
|
||||
sub determine_kernelversion() {
|
||||
my $kernelversion=`uname -r`;
|
||||
|
||||
if ( $kernelversion =~ /^(\d+)\.(\d+).(\d+)/ ) {
|
||||
$capabilities{KERNELVERSION} = sprintf "%d%02d%02d", $1 , $2 , $3;
|
||||
} else {
|
||||
fatal_error "Inrecognized Kernel Version Format ($kernelversion)";
|
||||
}
|
||||
}
|
||||
|
||||
#
|
||||
# Determine which optional facilities are supported by iptables/netfilter
|
||||
#
|
||||
@ -2106,6 +2120,8 @@ sub determine_capabilities( $ ) {
|
||||
qt1( "$iptables -X $sillyname1" );
|
||||
|
||||
$capabilities{CAPVERSION} = $globals{CAPVERSION};
|
||||
|
||||
determine_kernelversion;
|
||||
}
|
||||
|
||||
#
|
||||
@ -2221,6 +2237,11 @@ sub read_capabilities() {
|
||||
} else {
|
||||
warning_message "Your capabilities file may not contain all of the capabilities defined by $Product version $globals{VERSION}";
|
||||
}
|
||||
|
||||
unless ( $capabilities{KERNELVERSION} ) {
|
||||
warning_message "Your capabilities file does not contain a Kernel Version -- using the local kernel's version";
|
||||
determine_kernelversion;
|
||||
}
|
||||
}
|
||||
|
||||
#
|
||||
|
||||
@ -30,7 +30,7 @@
|
||||
#
|
||||
|
||||
SHOREWALL_LIBVERSION=40000
|
||||
SHOREWALL_CAPVERSION=40402
|
||||
SHOREWALL_CAPVERSION=40406
|
||||
|
||||
[ -n "${VARDIR:=/var/lib/shorewall}" ]
|
||||
[ -n "${SHAREDIR:=/usr/share/shorewall}" ]
|
||||
@ -965,6 +965,7 @@ determine_capabilities() {
|
||||
qt $IPTABLES -X $chain1
|
||||
|
||||
CAPVERSION=$SHOREWALL_CAPVERSION
|
||||
KERNELVERSION=$(printf "%d%02d%02d" $(uname -r 2> /dev/null | sed -e 's/-.*//' -e 's/^\([0-9][0-9]*\)\.\([0-9][0-9]*\)\.\([0-9][0-9]*\).*$/\1 \2 \3/g'))
|
||||
}
|
||||
|
||||
report_capabilities() {
|
||||
@ -1087,6 +1088,7 @@ report_capabilities1() {
|
||||
report_capability1 PERSISTENT_SNAT
|
||||
|
||||
echo CAPVERSION=$SHOREWALL_CAPVERSION
|
||||
echo KERNELVERSION=$KERNELVERSION
|
||||
}
|
||||
|
||||
# Function to truncate a string -- It uses 'cut -b -<n>'
|
||||
|
||||
Loading…
Reference in New Issue
Block a user