forked from extern/shorewall_code
Pass $CONFIG_PATH to compiler.pl
Signed-off-by: Tom Eastep <teastep@shorewall.net>
This commit is contained in:
parent
ecf4abaa52
commit
6bb487bb68
@ -529,8 +529,8 @@ EOF
|
||||
#
|
||||
sub compiler {
|
||||
|
||||
my ( $scriptfilename, $directory, $verbosity, $timestamp , $debug, $chains , $log , $log_verbosity, $preview, $confess , $update , $annotate , $convert ) =
|
||||
( '', '', -1, '', 0, '', '', -1, 0, 0, 0, 0, , 0 );
|
||||
my ( $scriptfilename, $directory, $verbosity, $timestamp , $debug, $chains , $log , $log_verbosity, $preview, $confess , $update , $annotate , $convert, $config_path ) =
|
||||
( '', '', -1, '', 0, '', '', -1, 0, 0, 0, 0, , 0 , '');
|
||||
|
||||
$export = 0;
|
||||
$test = 0;
|
||||
@ -566,7 +566,8 @@ sub compiler {
|
||||
confess => { store => \$confess, validate=> \&validate_boolean } ,
|
||||
update => { store => \$update, validate=> \&validate_boolean } ,
|
||||
convert => { store => \$convert, validate=> \&validate_boolean } ,
|
||||
annotate => { store => \$annotate, validate=> \&validate_boolean } ,
|
||||
annotate => { store => \$annotate, validate=> \&validate_boolean } ,
|
||||
config_path => { store => \$config_path } ,
|
||||
);
|
||||
#
|
||||
# P A R A M E T E R P R O C E S S I N G
|
||||
@ -586,6 +587,8 @@ sub compiler {
|
||||
#
|
||||
initialize_package_globals( $update );
|
||||
|
||||
set_config_path( $config_path ) if $config_path;
|
||||
|
||||
if ( $directory ne '' ) {
|
||||
fatal_error "$directory is not an existing directory" unless -d $directory;
|
||||
set_shorewall_dir( $directory );
|
||||
|
@ -63,7 +63,7 @@ our @EXPORT = qw(
|
||||
require_capability
|
||||
);
|
||||
|
||||
our @EXPORT_OK = qw( $shorewall_dir initialize set_config_path shorewall);
|
||||
our @EXPORT_OK = qw( $shorewall_dir initialize shorewall);
|
||||
|
||||
our %EXPORT_TAGS = ( internal => [ qw( create_temp_script
|
||||
finalize_script
|
||||
@ -87,6 +87,7 @@ our %EXPORT_TAGS = ( internal => [ qw( create_temp_script
|
||||
set_timestamp
|
||||
set_verbosity
|
||||
set_log
|
||||
set_config_path
|
||||
close_log
|
||||
set_command
|
||||
push_indent
|
||||
@ -484,16 +485,10 @@ sub initialize( $ ) {
|
||||
TC => undef,
|
||||
IPSET => undef,
|
||||
PERL => undef,
|
||||
#
|
||||
#PATH is inherited
|
||||
#
|
||||
PATH => undef,
|
||||
SHOREWALL_SHELL => undef,
|
||||
SUBSYSLOCK => undef,
|
||||
MODULESDIR => undef,
|
||||
#
|
||||
#CONFIG_PATH is inherited
|
||||
#
|
||||
CONFIG_PATH => undef,
|
||||
RESTOREFILE => undef,
|
||||
IPSECFILE => undef,
|
||||
|
@ -37,6 +37,7 @@
|
||||
# --log_verbosity=<number> # Log Verbosity range -1 to 2
|
||||
# --family=<number> # IP family; 4 = IPv4 (default), 6 = IPv6
|
||||
# --preview # Preview the ruleset.
|
||||
# --config_path=<path-list> # Search path for config files
|
||||
#
|
||||
use strict;
|
||||
use FindBin;
|
||||
@ -64,6 +65,7 @@ sub usage( $ ) {
|
||||
[ --annotate ]
|
||||
[ --update ]
|
||||
[ --convert ]
|
||||
[ --config_path=<path-list> ]
|
||||
';
|
||||
|
||||
exit shift @_;
|
||||
@ -88,6 +90,7 @@ my $preview = 0;
|
||||
my $annotate = 0;
|
||||
my $update = 0;
|
||||
my $convert = 0;
|
||||
my $config_path = '';
|
||||
|
||||
Getopt::Long::Configure ('bundling');
|
||||
|
||||
@ -118,6 +121,7 @@ my $result = GetOptions('h' => \$help,
|
||||
'u' => \$update,
|
||||
'update' => \$update,
|
||||
'convert' => \$convert,
|
||||
'config_path=s' => \$config_path,
|
||||
);
|
||||
|
||||
usage(1) unless $result && @ARGV < 2;
|
||||
@ -139,4 +143,5 @@ compiler( script => $ARGV[0] || '',
|
||||
update => $update,
|
||||
convert => $convert,
|
||||
annotate => $annotate,
|
||||
config_path => $config_path,
|
||||
);
|
||||
|
@ -386,7 +386,7 @@ compiler() {
|
||||
[ "$1" = nolock ] && shift;
|
||||
shift
|
||||
|
||||
options="--verbose=$VERBOSITY"
|
||||
options="--verbose=$VERBOSITY --config_path=$CONFIG_PATH"
|
||||
[ -n "$STARTUP_LOG" ] && options="$options --log=$STARTUP_LOG"
|
||||
[ -n "$LOG_VERBOSITY" ] && options="$options --log_verbosity=$LOG_VERBOSITY";
|
||||
[ -n "$g_export" ] && options="$options --export"
|
||||
|
@ -386,7 +386,7 @@ compiler() {
|
||||
[ "$1" = nolock ] && shift;
|
||||
shift
|
||||
|
||||
options="--verbose=$VERBOSITY --family=6"
|
||||
options="--verbose=$VERBOSITY --family=6 --config_path=$CONFIG_PATH"
|
||||
[ -n "$STARTUP_LOG" ] && options="$options --log=$STARTUP_LOG"
|
||||
[ -n "$LOG_VERBOSITY" ] && options="$options --log_verbosity=$LOG_VERBOSITY";
|
||||
[ -n "$g_export" ] && options="$options --export"
|
||||
|
@ -801,6 +801,24 @@ DNAT- net 192.168.1.3 tcp 21</programl
|
||||
annotated with documentation. Ignored unless <emphasis
|
||||
role="bold">--update</emphasis> is also specified.</para>
|
||||
|
||||
<simplelist>
|
||||
<member><emphasis role="bold">--convert</emphasis></member>
|
||||
</simplelist>
|
||||
|
||||
<para>Added in Shorewall 4.4.26. Causes the compiler to convert an
|
||||
existing <ulink
|
||||
url="manpages/shorewall-blacklist.html">blacklist</ulink> file into an
|
||||
equivalent <ulink url="manpages/shorewall-blrules.html">blrules</ulink>
|
||||
file.</para>
|
||||
|
||||
<simplelist>
|
||||
<member><emphasis
|
||||
role="bold">--config_path=<replaceable>path</replaceable>[:<replaceable>path</replaceable>]...</emphasis></member>
|
||||
</simplelist>
|
||||
|
||||
<para>Added in Shorewall 4.4.26. Search path for configuration
|
||||
files.</para>
|
||||
|
||||
<para>Example (compiles the configuration in the current directory
|
||||
generating a script named 'firewall' and using VERBOSITY
|
||||
2).<programlisting><emphasis role="bold">/usr/share/shorewall/compiler.pl -v 2 -d . firewall</emphasis></programlisting><note>
|
||||
|
Loading…
Reference in New Issue
Block a user