forked from extern/shorewall_code
Pass $CONFIG_PATH to compiler.pl
Signed-off-by: Tom Eastep <teastep@shorewall.net>
This commit is contained in:
parent
ecf4abaa52
commit
6bb487bb68
@ -529,8 +529,8 @@ EOF
|
|||||||
#
|
#
|
||||||
sub compiler {
|
sub compiler {
|
||||||
|
|
||||||
my ( $scriptfilename, $directory, $verbosity, $timestamp , $debug, $chains , $log , $log_verbosity, $preview, $confess , $update , $annotate , $convert ) =
|
my ( $scriptfilename, $directory, $verbosity, $timestamp , $debug, $chains , $log , $log_verbosity, $preview, $confess , $update , $annotate , $convert, $config_path ) =
|
||||||
( '', '', -1, '', 0, '', '', -1, 0, 0, 0, 0, , 0 );
|
( '', '', -1, '', 0, '', '', -1, 0, 0, 0, 0, , 0 , '');
|
||||||
|
|
||||||
$export = 0;
|
$export = 0;
|
||||||
$test = 0;
|
$test = 0;
|
||||||
@ -566,7 +566,8 @@ sub compiler {
|
|||||||
confess => { store => \$confess, validate=> \&validate_boolean } ,
|
confess => { store => \$confess, validate=> \&validate_boolean } ,
|
||||||
update => { store => \$update, validate=> \&validate_boolean } ,
|
update => { store => \$update, validate=> \&validate_boolean } ,
|
||||||
convert => { store => \$convert, validate=> \&validate_boolean } ,
|
convert => { store => \$convert, validate=> \&validate_boolean } ,
|
||||||
annotate => { store => \$annotate, validate=> \&validate_boolean } ,
|
annotate => { store => \$annotate, validate=> \&validate_boolean } ,
|
||||||
|
config_path => { store => \$config_path } ,
|
||||||
);
|
);
|
||||||
#
|
#
|
||||||
# P A R A M E T E R P R O C E S S I N G
|
# P A R A M E T E R P R O C E S S I N G
|
||||||
@ -586,6 +587,8 @@ sub compiler {
|
|||||||
#
|
#
|
||||||
initialize_package_globals( $update );
|
initialize_package_globals( $update );
|
||||||
|
|
||||||
|
set_config_path( $config_path ) if $config_path;
|
||||||
|
|
||||||
if ( $directory ne '' ) {
|
if ( $directory ne '' ) {
|
||||||
fatal_error "$directory is not an existing directory" unless -d $directory;
|
fatal_error "$directory is not an existing directory" unless -d $directory;
|
||||||
set_shorewall_dir( $directory );
|
set_shorewall_dir( $directory );
|
||||||
|
@ -63,7 +63,7 @@ our @EXPORT = qw(
|
|||||||
require_capability
|
require_capability
|
||||||
);
|
);
|
||||||
|
|
||||||
our @EXPORT_OK = qw( $shorewall_dir initialize set_config_path shorewall);
|
our @EXPORT_OK = qw( $shorewall_dir initialize shorewall);
|
||||||
|
|
||||||
our %EXPORT_TAGS = ( internal => [ qw( create_temp_script
|
our %EXPORT_TAGS = ( internal => [ qw( create_temp_script
|
||||||
finalize_script
|
finalize_script
|
||||||
@ -87,6 +87,7 @@ our %EXPORT_TAGS = ( internal => [ qw( create_temp_script
|
|||||||
set_timestamp
|
set_timestamp
|
||||||
set_verbosity
|
set_verbosity
|
||||||
set_log
|
set_log
|
||||||
|
set_config_path
|
||||||
close_log
|
close_log
|
||||||
set_command
|
set_command
|
||||||
push_indent
|
push_indent
|
||||||
@ -484,16 +485,10 @@ sub initialize( $ ) {
|
|||||||
TC => undef,
|
TC => undef,
|
||||||
IPSET => undef,
|
IPSET => undef,
|
||||||
PERL => undef,
|
PERL => undef,
|
||||||
#
|
|
||||||
#PATH is inherited
|
|
||||||
#
|
|
||||||
PATH => undef,
|
PATH => undef,
|
||||||
SHOREWALL_SHELL => undef,
|
SHOREWALL_SHELL => undef,
|
||||||
SUBSYSLOCK => undef,
|
SUBSYSLOCK => undef,
|
||||||
MODULESDIR => undef,
|
MODULESDIR => undef,
|
||||||
#
|
|
||||||
#CONFIG_PATH is inherited
|
|
||||||
#
|
|
||||||
CONFIG_PATH => undef,
|
CONFIG_PATH => undef,
|
||||||
RESTOREFILE => undef,
|
RESTOREFILE => undef,
|
||||||
IPSECFILE => undef,
|
IPSECFILE => undef,
|
||||||
|
@ -37,6 +37,7 @@
|
|||||||
# --log_verbosity=<number> # Log Verbosity range -1 to 2
|
# --log_verbosity=<number> # Log Verbosity range -1 to 2
|
||||||
# --family=<number> # IP family; 4 = IPv4 (default), 6 = IPv6
|
# --family=<number> # IP family; 4 = IPv4 (default), 6 = IPv6
|
||||||
# --preview # Preview the ruleset.
|
# --preview # Preview the ruleset.
|
||||||
|
# --config_path=<path-list> # Search path for config files
|
||||||
#
|
#
|
||||||
use strict;
|
use strict;
|
||||||
use FindBin;
|
use FindBin;
|
||||||
@ -64,6 +65,7 @@ sub usage( $ ) {
|
|||||||
[ --annotate ]
|
[ --annotate ]
|
||||||
[ --update ]
|
[ --update ]
|
||||||
[ --convert ]
|
[ --convert ]
|
||||||
|
[ --config_path=<path-list> ]
|
||||||
';
|
';
|
||||||
|
|
||||||
exit shift @_;
|
exit shift @_;
|
||||||
@ -88,6 +90,7 @@ my $preview = 0;
|
|||||||
my $annotate = 0;
|
my $annotate = 0;
|
||||||
my $update = 0;
|
my $update = 0;
|
||||||
my $convert = 0;
|
my $convert = 0;
|
||||||
|
my $config_path = '';
|
||||||
|
|
||||||
Getopt::Long::Configure ('bundling');
|
Getopt::Long::Configure ('bundling');
|
||||||
|
|
||||||
@ -118,6 +121,7 @@ my $result = GetOptions('h' => \$help,
|
|||||||
'u' => \$update,
|
'u' => \$update,
|
||||||
'update' => \$update,
|
'update' => \$update,
|
||||||
'convert' => \$convert,
|
'convert' => \$convert,
|
||||||
|
'config_path=s' => \$config_path,
|
||||||
);
|
);
|
||||||
|
|
||||||
usage(1) unless $result && @ARGV < 2;
|
usage(1) unless $result && @ARGV < 2;
|
||||||
@ -139,4 +143,5 @@ compiler( script => $ARGV[0] || '',
|
|||||||
update => $update,
|
update => $update,
|
||||||
convert => $convert,
|
convert => $convert,
|
||||||
annotate => $annotate,
|
annotate => $annotate,
|
||||||
|
config_path => $config_path,
|
||||||
);
|
);
|
||||||
|
@ -386,7 +386,7 @@ compiler() {
|
|||||||
[ "$1" = nolock ] && shift;
|
[ "$1" = nolock ] && shift;
|
||||||
shift
|
shift
|
||||||
|
|
||||||
options="--verbose=$VERBOSITY"
|
options="--verbose=$VERBOSITY --config_path=$CONFIG_PATH"
|
||||||
[ -n "$STARTUP_LOG" ] && options="$options --log=$STARTUP_LOG"
|
[ -n "$STARTUP_LOG" ] && options="$options --log=$STARTUP_LOG"
|
||||||
[ -n "$LOG_VERBOSITY" ] && options="$options --log_verbosity=$LOG_VERBOSITY";
|
[ -n "$LOG_VERBOSITY" ] && options="$options --log_verbosity=$LOG_VERBOSITY";
|
||||||
[ -n "$g_export" ] && options="$options --export"
|
[ -n "$g_export" ] && options="$options --export"
|
||||||
|
@ -386,7 +386,7 @@ compiler() {
|
|||||||
[ "$1" = nolock ] && shift;
|
[ "$1" = nolock ] && shift;
|
||||||
shift
|
shift
|
||||||
|
|
||||||
options="--verbose=$VERBOSITY --family=6"
|
options="--verbose=$VERBOSITY --family=6 --config_path=$CONFIG_PATH"
|
||||||
[ -n "$STARTUP_LOG" ] && options="$options --log=$STARTUP_LOG"
|
[ -n "$STARTUP_LOG" ] && options="$options --log=$STARTUP_LOG"
|
||||||
[ -n "$LOG_VERBOSITY" ] && options="$options --log_verbosity=$LOG_VERBOSITY";
|
[ -n "$LOG_VERBOSITY" ] && options="$options --log_verbosity=$LOG_VERBOSITY";
|
||||||
[ -n "$g_export" ] && options="$options --export"
|
[ -n "$g_export" ] && options="$options --export"
|
||||||
|
@ -801,6 +801,24 @@ DNAT- net 192.168.1.3 tcp 21</programl
|
|||||||
annotated with documentation. Ignored unless <emphasis
|
annotated with documentation. Ignored unless <emphasis
|
||||||
role="bold">--update</emphasis> is also specified.</para>
|
role="bold">--update</emphasis> is also specified.</para>
|
||||||
|
|
||||||
|
<simplelist>
|
||||||
|
<member><emphasis role="bold">--convert</emphasis></member>
|
||||||
|
</simplelist>
|
||||||
|
|
||||||
|
<para>Added in Shorewall 4.4.26. Causes the compiler to convert an
|
||||||
|
existing <ulink
|
||||||
|
url="manpages/shorewall-blacklist.html">blacklist</ulink> file into an
|
||||||
|
equivalent <ulink url="manpages/shorewall-blrules.html">blrules</ulink>
|
||||||
|
file.</para>
|
||||||
|
|
||||||
|
<simplelist>
|
||||||
|
<member><emphasis
|
||||||
|
role="bold">--config_path=<replaceable>path</replaceable>[:<replaceable>path</replaceable>]...</emphasis></member>
|
||||||
|
</simplelist>
|
||||||
|
|
||||||
|
<para>Added in Shorewall 4.4.26. Search path for configuration
|
||||||
|
files.</para>
|
||||||
|
|
||||||
<para>Example (compiles the configuration in the current directory
|
<para>Example (compiles the configuration in the current directory
|
||||||
generating a script named 'firewall' and using VERBOSITY
|
generating a script named 'firewall' and using VERBOSITY
|
||||||
2).<programlisting><emphasis role="bold">/usr/share/shorewall/compiler.pl -v 2 -d . firewall</emphasis></programlisting><note>
|
2).<programlisting><emphasis role="bold">/usr/share/shorewall/compiler.pl -v 2 -d . firewall</emphasis></programlisting><note>
|
||||||
|
Loading…
Reference in New Issue
Block a user