Optimize wildcard resolution.

Signed-off-by: Tom Eastep <teastep@shorewall.net>

Shorewall/Perl/Shorewall/Zones.pm

@@ -164,6 +164,7 @@ our %reservedName = ( all => 1,
 #
 our @interfaces;
 our %interfaces;
+our %roots;
 our @bport_zones;
 our %ipsets;
 our %physical;
@@ -221,6 +222,7 @@ sub initialize( $ ) {
     $have_ipsec = undef;
 
     @interfaces = ();
+    %roots = ();
     %interfaces = ();
     @bport_zones = ();
     %ipsets = ();
@@ -907,6 +909,7 @@ sub process_interface( $$ ) {
     if ( $interface =~ /\+$/ ) {
 	$wildcard = 1;
 	$root = substr( $interface, 0, -1 );
+	$roots{$root} = $interface;
     } else {
 	$root = $interface;
     }
@@ -1184,22 +1187,27 @@ sub map_physical( $$ ) {
 #
 # Returns true if passed interface matches an entry in /etc/shorewall/interfaces
 #
-# If the passed name matches a wildcard and 'cache' is true, an entry for the name is added in
+# If the passed name matches a wildcard, an entry for the name is added to %interfaces.
-# %interfaces.
 #
 sub known_interface($)
 {
-    my ( $interface, $cache ) = @_;
+    my $interface = shift;
     my $interfaceref = $interfaces{$interface};
 
     return $interfaceref if $interfaceref;
 
     fatal_error "Invalid interface ($interface)" if $interface =~ /\*/;
 
-    for my $i ( @interfaces ) {
+    my $iface = $interface;
+
+    while ( 1 ) {
+	chop $iface;
+	
+	return 0 if $iface eq '';
+	
+	if ( my $i = $roots{$iface} ) {
 	    $interfaceref = $interfaces{$i};
-	my $root = $interfaceref->{root};
+
-	if ( $i ne $root && $interface ne $root && substr( $interface, 0, length $root ) eq $root ) {
 	    my $physical = map_physical( $interface, $interfaceref );
 
 	    return $interfaces{$interface} = { options  => $interfaceref->{options} ,