holm/shorewall_code
1
0
Fork 0
forked from extern/shorewall_code
Code Pull Requests Activity

Add 'origin' member to the interface and hosts tables

Browse Source 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
This commit is contained in:
Tom Eastep 2016-01-21 17:08:19 -08:00
parent c85ced09af
commit 8ac754caed
1 changed files with 27 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

29
Shorewall/Perl/Shorewall/Zones.pm
View File

@ -91,6 +91,7 @@ our @EXPORT = ( qw( NOTHING
find_interfaces_by_option find_interfaces_by_option
find_interfaces_by_option1 find_interfaces_by_option1
get_interface_option get_interface_option
get_interface_origin
interface_has_option interface_has_option
set_interface_option set_interface_option
set_interface_provider set_interface_provider
@ -149,6 +150,7 @@ use constant { IN_OUT => 1,
# } # }
# hosts => [ <net1> , <net2> , ... ] # hosts => [ <net1> , <net2> , ... ]
# exclusions => [ <net1>, <net2>, ... ] # exclusions => [ <net1>, <net2>, ... ]
# origin => <where defined>
# } # }
# <interface2> => ... # <interface2> => ...
# } # }
@ -196,6 +198,7 @@ our %reservedName = ( all => 1,
# provider => <Provider Name, if interface is associated with a provider> # provider => <Provider Name, if interface is associated with a provider>
# wildcard => undef|1 # Wildcard Name # wildcard => undef|1 # Wildcard Name
# zones => { zone1 => 1, ... } # zones => { zone1 => 1, ... }
# origin => <where defined>
# } # }
# } # }
# #
@ -890,7 +893,9 @@ sub add_group_to_zone($$$$$$)
push @{$interfaceref}, { options => $options, push @{$interfaceref}, { options => $options,
hosts => \@newnetworks, hosts => \@newnetworks,
ipsec => $type & IPSEC ? 'ipsec' : 'none' , ipsec => $type & IPSEC ? 'ipsec' : 'none' ,
exclusions => \@exclusions }; exclusions => \@exclusions ,
origin => shortlineinfo( '' ) ,
};
if ( $type != IPSEC ) { if ( $type != IPSEC ) {
my $optref = $interfaces{$interface}{options}; my $optref = $interfaces{$interface}{options};
@ -1394,6 +1399,7 @@ sub process_interface( $$ ) {
zones => {}, zones => {},
origin => shortlineinfo(''), origin => shortlineinfo(''),
wildcard => $wildcard, wildcard => $wildcard,
origin => shortlineinfo( '' ),
}; };
if ( $zone ) { if ( $zone ) {
@ -1858,6 +1864,22 @@ sub interface_has_option( $$\$ ) {
} }
# #
# Return the origin for an interface
#
sub get_interface_origin( $ ) {
my ( $interface ) = @_;
my $ref = $interfaces{$interface};
return $ref->{origin} if $ref;
assert( $ref = known_interface( $interface ) );
$ref->{origin};
}
##
# Set an option for an interface # Set an option for an interface
# #
sub set_interface_option( $$$ ) { sub set_interface_option( $$$ ) {
@ -2183,10 +2205,11 @@ sub find_hosts_by_option( $ ) {
my $arrayref = $interfaceref->{$interface}; my $arrayref = $interfaceref->{$interface};
for my $host ( @{$arrayref} ) { for my $host ( @{$arrayref} ) {
my $ipsec = $host->{ipsec}; my $ipsec = $host->{ipsec};
my $origin = $host->{origin};
unless ( $done{$interface} ) { unless ( $done{$interface} ) {
if ( my $value = $host->{options}{$option} ) { if ( my $value = $host->{options}{$option} ) {
for my $net ( @{$host->{hosts}} ) { for my $net ( @{$host->{hosts}} ) {
push @hosts, [ $interface, $ipsec , $net , $host->{exclusions}, $value ]; push @hosts, [ $interface, $ipsec , $net , $host->{exclusions}, $value, $origin ];
} }
} }
} }
@ -2213,7 +2236,7 @@ sub find_zone_hosts_by_option( $$ ) {
for my $host ( @{$arrayref} ) { for my $host ( @{$arrayref} ) {
if ( my $value = $host->{options}{$option} ) { if ( my $value = $host->{options}{$option} ) {
for my $net ( @{$host->{hosts}} ) { for my $net ( @{$host->{hosts}} ) {
push @hosts, [ $interface, $host->{ipsec} , $net , $host->{exclusions}, $value ]; push @hosts, [ $interface, $host->{ipsec} , $net , $host->{exclusions}, $value, $host->{origin} ];
} }
} }
} }