holm/shorewall_code
1
0
Fork 0
forked from extern/shorewall_code
Code Pull Requests Activity

Even more tweaks to optimize 16

Browse Source 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
This commit is contained in:
Tom Eastep 2011-11-25 14:46:37 -08:00
parent 71bbd7963c
commit 90e03e1833
1 changed files with 20 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

33
Shorewall/Perl/Shorewall/Chains.pm
View File

@ -2883,6 +2883,13 @@ sub get_multi_sports( $ ) {
$ports; $ports;
} }
#
# Return an array of keys for the passed rule. 'dport' and 'comment' are omitted;
#
sub get_keys( $ ) {
sort grep $_ ne 'dport' && $_ ne 'comment', keys %{$_[0]};
}
# #
# The arguments are a list of rule references; function returns a similar list with adjacent compatible rules combined # The arguments are a list of rule references; function returns a similar list with adjacent compatible rules combined
# #
@ -2904,14 +2911,14 @@ sub combine_dports {
my $ports1; my $ports1;
if ( $ports1 = get_dports( $baseref ) ) { if ( $ports1 = get_dports( $baseref ) ) {
my $proto = $baseref->{p}; my $proto = $baseref->{p};
my @keys1 = sort grep $_ ne 'dport' && $_ ne 'comment', keys %$baseref; my @keys1 = get_keys( $baseref );
my @ports = ( split ',', $ports1 ); my @ports = ( split ',', $ports1 );
my $ports = port_count( $ports1 ); my $ports = port_count( $ports1 );
my $origports = @ports; my $origports = @ports;
my $comment = $baseref->{comment} || ''; my $comment = $baseref->{comment} || '';
my $lastcomment = $comment; my $lastcomment = $comment;
my $sourceports = get_multi_sports( $baseref ); my $multi_sports = get_multi_sports( $baseref );
RULE: RULE:
@ -2926,7 +2933,7 @@ sub combine_dports {
last if $comment2 ne $lastcomment && length( $comment ) + length( $comment2 ) > 253; last if $comment2 ne $lastcomment && length( $comment ) + length( $comment2 ) > 253;
my @keys2 = sort grep $_ ne 'dport' && $_ ne 'comment', keys %$ruleref; my @keys2 = get_keys( $ruleref );
last unless @keys1 == @keys2 ; last unless @keys1 == @keys2 ;
@ -2935,7 +2942,7 @@ sub combine_dports {
for my $key ( @keys1 ) { for my $key ( @keys1 ) {
last RULE unless $key eq $keys2[$keynum++]; last RULE unless $key eq $keys2[$keynum++];
next if $baseref->{$key} eq $ruleref->{$key}; next if $baseref->{$key} eq $ruleref->{$key};
last RULE unless $key eq 'multiport' && $sourceports eq get_multi_sports( $ruleref ); last RULE unless $key eq 'multiport' && $multi_sports eq get_multi_sports( $ruleref );
} }
last if ( $ports += port_count( $ports2 ) ) > 15; last if ( $ports += port_count( $ports2 ) ) > 15;
@ -2970,8 +2977,8 @@ sub combine_dports {
if ( @ports > $origports ) { if ( @ports > $origports ) {
delete $baseref->{dport} if $baseref->{dport}; delete $baseref->{dport} if $baseref->{dport};
if ( $sourceports ) { if ( $multi_sports ) {
$baseref->{multiport} = [ '--sports ' . $sourceports , '--dports ' . join(',', @ports ) ]; $baseref->{multiport} = [ '--sports ' . $multi_sports , '--dports ' . join(',', @ports ) ];
} else { } else {
$baseref->{'multiport'} = '--dports ' . join( ',' , @ports ); $baseref->{'multiport'} = '--dports ' . join( ',' , @ports );
} }
@ -2991,7 +2998,7 @@ sub combine_dports {
sub optimize_level16( $$$ ) { sub optimize_level16( $$$ ) {
my ( $table, $tableref , $passes ) = @_; my ( $table, $tableref , $passes ) = @_;
my @chains = ( grep $_->{referenced} && ! $_->{builtin}, values %{$tableref} ); my @chains = ( grep $_->{referenced}, values %{$tableref} );
my @chains1 = @chains; my @chains1 = @chains;
my $chains = @chains; my $chains = @chains;