holm/shorewall_code
1
0
Fork 0
forked from extern/shorewall_code
Code Pull Requests Activity

Rename DEFAULTACTION_SECTION to POLICYACTION_SECTION.

Browse Source 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
This commit is contained in:
Tom Eastep 2017-12-02 16:25:15 -08:00
parent 42d5d13780
commit 821d72093a
No known key found for this signature in database
GPG Key ID: 96E6B3F2423A4D10
1 changed files with 8 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
Shorewall/Perl/Shorewall/Rules.pm
View File

@ -96,7 +96,7 @@ use constant { NULL_SECTION => 0x00,
INVALID_SECTION => 0x10, INVALID_SECTION => 0x10,
UNTRACKED_SECTION => 0x20, UNTRACKED_SECTION => 0x20,
NEW_SECTION => 0x40, NEW_SECTION => 0x40,
DEFAULTACTION_SECTION => 0x80 }; POLICYACTION_SECTION => 0x80 };
# #
# Number of elements in the action tuple # Number of elements in the action tuple
# #
@ -1288,7 +1288,7 @@ sub finish_chain_section ($$$) {
if ( $chain1ref->{is_policy} ) { if ( $chain1ref->{is_policy} ) {
if ( $chain1ref->{synparams} ) { if ( $chain1ref->{synparams} ) {
my $synchainref = ensure_chain 'filter', syn_flood_chain $chain1ref; my $synchainref = ensure_chain 'filter', syn_flood_chain $chain1ref;
if ( $section == DEFAULTACTION_SECTION ) { if ( $section == POLICYACTION_SECTION ) {
if ( $chain1ref->{policy} =~ /^(ACCEPT|CONTINUE|QUEUE|NFQUEUE)/ ) { if ( $chain1ref->{policy} =~ /^(ACCEPT|CONTINUE|QUEUE|NFQUEUE)/ ) {
add_ijump $chain1ref, j => $synchainref, p => 'tcp --syn'; add_ijump $chain1ref, j => $synchainref, p => 'tcp --syn';
} }
@ -1324,7 +1324,7 @@ sub ensure_rules_chain( $ )
$chainref = new_rules_chain( $chain ) unless $chainref; $chainref = new_rules_chain( $chain ) unless $chainref;
unless ( $chainref->{referenced} ) { unless ( $chainref->{referenced} ) {
if ( $section & ( NEW_SECTION | DEFAULTACTION_SECTION ) ) { if ( $section & ( NEW_SECTION | POLICYACTION_SECTION ) ) {
finish_chain_section $chainref , $chainref, 'ESTABLISHED,RELATED,INVALID,UNTRACKED'; finish_chain_section $chainref , $chainref, 'ESTABLISHED,RELATED,INVALID,UNTRACKED';
} elsif ( $section == UNTRACKED_SECTION ) { } elsif ( $section == UNTRACKED_SECTION ) {
finish_chain_section $chainref , $chainref, 'ESTABLISHED,RELATED,INVALID'; finish_chain_section $chainref , $chainref, 'ESTABLISHED,RELATED,INVALID';
@ -2201,7 +2201,7 @@ sub process_reject_action() {
# #
# This gets called very early in the compilation process so we fake the section # This gets called very early in the compilation process so we fake the section
# #
$section = DEFAULTACTION_SECTION; $section = POLICYACTION_SECTION;
if ( ( $targets{$action} || 0 ) == ACTION ) { if ( ( $targets{$action} || 0 ) == ACTION ) {
add_ijump $rejectref, j => use_policy_action( $action, $rejectref->{name} ); add_ijump $rejectref, j => use_policy_action( $action, $rejectref->{name} );
@ -3200,7 +3200,7 @@ sub process_rule ( $$$$$$$$$$$$$$$$$$$$ ) {
); );
} }
unless ( $section & ( NEW_SECTION | DEFAULTACTION_SECTION ) || unless ( $section & ( NEW_SECTION | POLICYACTION_SECTION ) ||
$inaction || $inaction ||
$blacklist || $blacklist ||
$basictarget eq 'dropInvalid' ) { $basictarget eq 'dropInvalid' ) {
@ -3336,7 +3336,7 @@ sub process_rule ( $$$$$$$$$$$$$$$$$$$$ ) {
$log_action , $log_action ,
$exceptionrule , $exceptionrule ,
$usergenerated && ! $loglevel ) $usergenerated && ! $loglevel )
unless unreachable_warning( $wildcard || $section == DEFAULTACTION_SECTION, $chainref ); unless unreachable_warning( $wildcard || $section == POLICYACTION_SECTION, $chainref );
} }
$generated = 1; $generated = 1;
@ -3414,7 +3414,7 @@ sub check_state( $ ) {
} }
} }
if ( $section & ( NEW_SECTION | DEFAULTACTION_SECTION ) ) { if ( $section & ( NEW_SECTION | POLICYACTION_SECTION ) ) {
if ( $state eq 'NEW' ) { if ( $state eq 'NEW' ) {
# #
# If an INVALID or UNTRACKED rule would be emitted then we must include the state match # If an INVALID or UNTRACKED rule would be emitted then we must include the state match
@ -3955,7 +3955,7 @@ sub process_rules() {
# #
# No need to finish the NEW section since no rules need to be generated # No need to finish the NEW section since no rules need to be generated
# #
$section = $next_section = DEFAULTACTION_SECTION; $section = $next_section = POLICYACTION_SECTION;
} }
sub process_mangle_inline( $$$$$$$$$$$$$$$$$$$$ ) { sub process_mangle_inline( $$$$$$$$$$$$$$$$$$$$ ) {