forked from extern/shorewall_code
Cleanup of 'shared' providers
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@7675 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
This commit is contained in:
parent
00e7f156a7
commit
81bd913a08
@ -125,6 +125,7 @@ our %EXPORT_TAGS = (
|
|||||||
get_interface_address
|
get_interface_address
|
||||||
get_interface_addresses
|
get_interface_addresses
|
||||||
get_interface_bcasts
|
get_interface_bcasts
|
||||||
|
get_interface_mac
|
||||||
set_global_variables
|
set_global_variables
|
||||||
create_netfilter_load
|
create_netfilter_load
|
||||||
create_chainlist_reload
|
create_chainlist_reload
|
||||||
@ -219,6 +220,7 @@ our %interfaceaddr;
|
|||||||
our %interfaceaddrs;
|
our %interfaceaddrs;
|
||||||
our %interfacenets;
|
our %interfacenets;
|
||||||
our %interfacebcasts;
|
our %interfacebcasts;
|
||||||
|
our %interfacemacs;
|
||||||
|
|
||||||
our @builtins = qw(PREROUTING INPUT FORWARD OUTPUT POSTROUTING);
|
our @builtins = qw(PREROUTING INPUT FORWARD OUTPUT POSTROUTING);
|
||||||
|
|
||||||
@ -318,6 +320,7 @@ sub initialize() {
|
|||||||
%interfaceaddrs = ();
|
%interfaceaddrs = ();
|
||||||
%interfacenets = ();
|
%interfacenets = ();
|
||||||
%interfacebcasts = ();
|
%interfacebcasts = ();
|
||||||
|
%interfacemacs = ();
|
||||||
}
|
}
|
||||||
|
|
||||||
INIT {
|
INIT {
|
||||||
@ -1559,6 +1562,27 @@ sub get_interface_nets ( $ ) {
|
|||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
#
|
||||||
|
# Returns the name of the shell variable holding the MAC address of the gateway for the passed provider out of the passed interface
|
||||||
|
#
|
||||||
|
sub interface_mac( $$ ) {
|
||||||
|
my $variable = join( '_' , chain_base( $_[0] ) , $_[1] , 'mac' );
|
||||||
|
uc $variable;
|
||||||
|
}
|
||||||
|
|
||||||
|
#
|
||||||
|
# Emit code to determine the MAC address of the passed gateway IP routed out of the passed interface for the passed provider number
|
||||||
|
#
|
||||||
|
sub get_interface_mac( $$$ ) {
|
||||||
|
my ( $ipaddr, $interface , $table ) = @_;
|
||||||
|
|
||||||
|
my $variable = interface_mac( $interface , $table );
|
||||||
|
|
||||||
|
emit qq($variable=\$(find_mac $ipaddr $interface));
|
||||||
|
|
||||||
|
"\$$variable";
|
||||||
|
}
|
||||||
|
|
||||||
#
|
#
|
||||||
# This function provides a uniform way to generate rules (something the original Shorewall sorely needed).
|
# This function provides a uniform way to generate rules (something the original Shorewall sorely needed).
|
||||||
#
|
#
|
||||||
|
@ -54,7 +54,6 @@ our %providers;
|
|||||||
|
|
||||||
our @providers;
|
our @providers;
|
||||||
|
|
||||||
our $maccount;
|
|
||||||
|
|
||||||
#
|
#
|
||||||
# Initialize globals -- we take this novel approach to globals initialization to allow
|
# Initialize globals -- we take this novel approach to globals initialization to allow
|
||||||
@ -70,7 +69,6 @@ sub initialize() {
|
|||||||
%routemarked_interfaces = ();
|
%routemarked_interfaces = ();
|
||||||
@routemarked_interfaces = ();
|
@routemarked_interfaces = ();
|
||||||
$balance = 0;
|
$balance = 0;
|
||||||
$maccount = 0;
|
|
||||||
$first_default_route = 1;
|
$first_default_route = 1;
|
||||||
|
|
||||||
%providers = ( 'local' => { number => LOCAL_NUMBER , mark => 0 , optional => 0 } ,
|
%providers = ( 'local' => { number => LOCAL_NUMBER , mark => 0 , optional => 0 } ,
|
||||||
@ -111,7 +109,7 @@ sub setup_route_marking() {
|
|||||||
if ( $providerref->{shared} ) {
|
if ( $providerref->{shared} ) {
|
||||||
my $provider = $providerref->{provider};
|
my $provider = $providerref->{provider};
|
||||||
add_command( $chainref, qq(if [ -n "${provider}_is_up" ]; then) ), incr_cmd_level( $chainref ) if $providerref->{optional};
|
add_command( $chainref, qq(if [ -n "${provider}_is_up" ]; then) ), incr_cmd_level( $chainref ) if $providerref->{optional};
|
||||||
add_rule $chainref, " -m mac --mac-source $providerref->{mac} -j MARK --set-mark $providerref->{mark}";
|
add_rule $chainref, " -i $interface -m mac --mac-source $providerref->{mac} -j MARK --set-mark $providerref->{mark}";
|
||||||
decr_cmd_level( $chainref), add_command( $chainref, "fi" ) if $providerref->{optional};
|
decr_cmd_level( $chainref), add_command( $chainref, "fi" ) if $providerref->{optional};
|
||||||
} else {
|
} else {
|
||||||
add_rule $chainref, " -i $interface -j MARK --set-mark $providerref->{mark}";
|
add_rule $chainref, " -i $interface -j MARK --set-mark $providerref->{mark}";
|
||||||
@ -290,11 +288,7 @@ sub add_a_provider( $$$$$$$$ ) {
|
|||||||
if ( $shared ) {
|
if ( $shared ) {
|
||||||
fatal_error "The 'shared' option requires a gateway" unless $gateway;
|
fatal_error "The 'shared' option requires a gateway" unless $gateway;
|
||||||
|
|
||||||
my $variable = uc( "${interface}_MAC_" . ++$maccount );
|
$providers{$table}{mac} = get_interface_mac( $gateway, $interface , $table );
|
||||||
|
|
||||||
emit "$variable=\$(find_mac $gateway $interface)\n";
|
|
||||||
|
|
||||||
$providers{$table}{mac} = "\$$variable";
|
|
||||||
|
|
||||||
$realm = "realm $number";
|
$realm = "realm $number";
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user