forked from extern/shorewall_code
Don't require functions called from Shorewall::Compiler::compiler to know the current indentation.
Also, add an optional 'times' parameter to push_indent() and pop_indent(). Signed-off-by: Tom Eastep <teastep@shorewall.net>
This commit is contained in:
Tom Eastep
parent
87e205208d
commit
53fd0e7c8c
@ -7484,7 +7484,6 @@ sub create_stop_load( $ ) {
|
||||
|
||||
sub initialize_switches() {
|
||||
if ( keys %switches ) {
|
||||
push_indent; push_indent;
|
||||
emit( 'if [ $COMMAND = start ]; then' );
|
||||
push_indent;
|
||||
while ( my ( $switch, $setting ) = each %switches ) {
|
||||
@ -7493,7 +7492,6 @@ sub initialize_switches() {
|
||||
}
|
||||
pop_indent;
|
||||
emit "fi\n";
|
||||
pop_indent; pop_indent;
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@ -459,10 +459,10 @@ sub generate_script_3($) {
|
||||
fatal_error "$iptables_save_file does not exist"
|
||||
fi
|
||||
EOF
|
||||
pop_indent;
|
||||
push_indent;
|
||||
setup_load_distribution;
|
||||
setup_forwarding( $family , 1 );
|
||||
push_indent;
|
||||
pop_indent;
|
||||
|
||||
my $config_dir = $globals{CONFIGDIR};
|
||||
|
||||
@ -473,8 +473,10 @@ else
|
||||
if [ \$COMMAND = refresh ]; then
|
||||
chainlist_reload
|
||||
EOF
|
||||
push_indent(2);
|
||||
setup_load_distribution;
|
||||
setup_forwarding( $family , 0 );
|
||||
pop_indent(2);
|
||||
|
||||
emit( ' run_refreshed_exit' ,
|
||||
' do_iptables -N shorewall' ,
|
||||
@ -482,13 +484,17 @@ EOF
|
||||
' else' ,
|
||||
' setup_netfilter' );
|
||||
|
||||
push_indent(2);
|
||||
setup_load_distribution;
|
||||
pop_indent(2);
|
||||
|
||||
emit<<"EOF";
|
||||
conditionally_flush_conntrack
|
||||
EOF
|
||||
push_indent(2);
|
||||
initialize_switches;
|
||||
setup_forwarding( $family , 0 );
|
||||
pop_indent(2);
|
||||
|
||||
emit<<"EOF";
|
||||
run_start_exit
|
||||
|
||||
@ -1489,7 +1489,10 @@ sub progress_message3 {
|
||||
#
|
||||
# Push/Pop Indent
|
||||
#
|
||||
sub push_indent() {
|
||||
sub push_indent(;$) {
|
||||
my $times = shift || 1;
|
||||
|
||||
while ( $times-- ) {
|
||||
if ( $indent2 ) {
|
||||
$indent2 = '';
|
||||
$indent = $indent1 = $indent1 . "\t";
|
||||
@ -1497,9 +1500,13 @@ sub push_indent() {
|
||||
$indent2 = ' ';
|
||||
$indent = $indent1 . $indent2;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
sub pop_indent() {
|
||||
sub pop_indent(;$) {
|
||||
my $times = shift || 1;
|
||||
|
||||
while ( $times-- ) {
|
||||
if ( $indent2 ) {
|
||||
$indent2 = '';
|
||||
$indent = $indent1;
|
||||
@ -1508,6 +1515,7 @@ sub pop_indent() {
|
||||
$indent2 = ' ';
|
||||
$indent = $indent1 . $indent2;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
#
|
||||
|
||||
@ -219,30 +219,30 @@ sub setup_forwarding( $$ ) {
|
||||
|
||||
if ( $family == F_IPV4 ) {
|
||||
if ( $config{IP_FORWARDING} eq 'on' ) {
|
||||
emit ' echo 1 > /proc/sys/net/ipv4/ip_forward';
|
||||
emit ' progress_message2 IPv4 Forwarding Enabled';
|
||||
emit 'echo 1 > /proc/sys/net/ipv4/ip_forward';
|
||||
emit 'progress_message2 IPv4 Forwarding Enabled';
|
||||
} elsif ( $config{IP_FORWARDING} eq 'off' ) {
|
||||
emit ' echo 0 > /proc/sys/net/ipv4/ip_forward';
|
||||
emit ' progress_message2 IPv4 Forwarding Disabled!';
|
||||
emit 'echo 0 > /proc/sys/net/ipv4/ip_forward';
|
||||
emit 'progress_message2 IPv4 Forwarding Disabled!';
|
||||
}
|
||||
|
||||
emit '';
|
||||
|
||||
emit ( ' echo 1 > /proc/sys/net/bridge/bridge-nf-call-iptables' ,
|
||||
emit ( 'echo 1 > /proc/sys/net/bridge/bridge-nf-call-iptables' ,
|
||||
''
|
||||
) if have_bridges;
|
||||
} else {
|
||||
if ( $config{IP_FORWARDING} eq 'on' ) {
|
||||
emit ' echo 1 > /proc/sys/net/ipv6/conf/all/forwarding';
|
||||
emit ' progress_message2 IPv6 Forwarding Enabled';
|
||||
emit 'echo 1 > /proc/sys/net/ipv6/conf/all/forwarding';
|
||||
emit 'progress_message2 IPv6 Forwarding Enabled';
|
||||
} elsif ( $config{IP_FORWARDING} eq 'off' ) {
|
||||
emit ' echo 0 > /proc/sys/net/ipv6/conf/all/forwarding';
|
||||
emit ' progress_message2 IPv6 Forwarding Disabled!';
|
||||
emit 'echo 0 > /proc/sys/net/ipv6/conf/all/forwarding';
|
||||
emit 'progress_message2 IPv6 Forwarding Disabled!';
|
||||
}
|
||||
|
||||
emit '';
|
||||
|
||||
emit ( ' echo 1 > /proc/sys/net/bridge/bridge-nf-call-ip6tables' ,
|
||||
emit ( 'echo 1 > /proc/sys/net/bridge/bridge-nf-call-ip6tables' ,
|
||||
''
|
||||
) if have_bridges;
|
||||
|
||||
@ -251,9 +251,6 @@ sub setup_forwarding( $$ ) {
|
||||
if ( @$interfaces ) {
|
||||
progress_message2 "$doing Interface forwarding..." if $first;
|
||||
|
||||
push_indent;
|
||||
push_indent;
|
||||
|
||||
save_progress_message 'Setting up IPv6 Interface Forwarding...';
|
||||
|
||||
for my $interface ( @$interfaces ) {
|
||||
@ -270,9 +267,6 @@ sub setup_forwarding( $$ ) {
|
||||
" error_message \"WARNING: Cannot set IPv6 forwarding on $interface\"" ) unless $optional;
|
||||
emit "fi\n";
|
||||
}
|
||||
|
||||
pop_indent;
|
||||
pop_indent;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@ -1952,7 +1952,7 @@ sub handle_stickiness( $ ) {
|
||||
|
||||
sub setup_load_distribution() {
|
||||
emit ( '',
|
||||
" distribute_load $maxload @load_interfaces" ,
|
||||
"distribute_load $maxload @load_interfaces" ,
|
||||
''
|
||||
) if @load_interfaces;
|
||||
}
|
||||
|
||||
Loading…
Reference in New Issue
Block a user