From 910252279fa9c670a6aec314706eb48defb5bd2d Mon Sep 17 00:00:00 2001
From: teastep <teastep@fbd18981-670d-0410-9b5c-8dc0c1a9a2bb>
Date: Mon, 11 Jun 2007 18:07:34 +0000
Subject: [PATCH] Reduce reliance on environmental variables for
 /sbin/shorewall->compiler.pl communication

git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@6515 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
---
 Shorewall-common/releasenotes.txt      |  2 +-
 Shorewall-common/shorewall             |  9 +++++--
 Shorewall-perl/Shorewall/Accounting.pm |  3 +--
 Shorewall-perl/Shorewall/Chains.pm     |  4 ++-
 Shorewall-perl/Shorewall/Common.pm     | 12 +++------
 Shorewall-perl/Shorewall/Compiler.pm   | 16 ++----------
 Shorewall-perl/Shorewall/Config.pm     | 12 ++++++---
 Shorewall-perl/compiler.pl             | 36 ++++++++++++++++----------
 8 files changed, 47 insertions(+), 47 deletions(-)

diff --git a/Shorewall-common/releasenotes.txt b/Shorewall-common/releasenotes.txt
index 804c9be24..54d239433 100644
--- a/Shorewall-common/releasenotes.txt
+++ b/Shorewall-common/releasenotes.txt
@@ -6,7 +6,7 @@ Shorewall 4.0.0 Beta 5
    Shorewall-perl compiler. See the "New Features" section below.
 
 2) You are now offered a choice as to which compiler(s) you install. In
-   3.9.2, there are the following packages:
+   4.0.0, there are the following packages:
 
    - Shorewall ( common files )
    - Shorewall-shell ( the shell-based compiler )
diff --git a/Shorewall-common/shorewall b/Shorewall-common/shorewall
index ad1a96c0a..e0dc6a4e9 100755
--- a/Shorewall-common/shorewall
+++ b/Shorewall-common/shorewall
@@ -319,14 +319,19 @@ compiler() {
     
     case "$compiler" in
 	perl)
-	    [ -x $pc ] || startup_error "SHOREWALL_COMPILER=perl requires the shorewall-perl package which is not installed"
 	    debugflags="-w"
 	    [ -n "$DEBUG" ]   && debugflags='-wd'
 	    [ -n "$PROFILE" ] && debugflags='-wd:DProf'
 
 	    shift # Perl compiler only takes the output file as a argument
 
-	    $command perl $debugflags $pc $@
+	    options="--verbose $VERBOSE ";
+	    [ -n "$EXPORT" ] && options="$options --export ";
+	    [ -n "$SHOREWALL_DIR" ] && options="$options --directory $SHOREWALL_DIR ";
+	    [ -n "$TIMESTAMP" ] && options="$options --timestamp" ;
+	    [ -x $pc ] || startup_error "SHOREWALL_COMPILER=perl requires the shorewall-perl package which is not installed"
+
+	    $command perl $debugflags $pc $options $@
 	    ;;
 	shell)
 	    [ -x $sc ] || startup_error "SHOREWALL_COMPILER=shell requires the shorewall-shell package which is not installed"
diff --git a/Shorewall-perl/Shorewall/Accounting.pm b/Shorewall-perl/Shorewall/Accounting.pm
index 53dac6952..c55221440 100644
--- a/Shorewall-perl/Shorewall/Accounting.pm
+++ b/Shorewall-perl/Shorewall/Accounting.pm
@@ -92,8 +92,7 @@ sub process_accounting_rule( $$$$$$$$$ ) {
 
     if ( @bridges ) {
 	if ( $source =~ /^$firewall_zone:?(.*)$/ ) {
-	    $source = $1;
-	    $source = ALLIPv4 unless $source;
+	    $source = $1 ? $1 : ALLIPv4;
 	    $restriction = OUTPUT_RESTRICT;
 	    $chain = 'accountout' unless $chain and $chain ne '-';
 	    $dest = ALLIPv4 if $dest   eq 'any' || $dest   eq 'all';
diff --git a/Shorewall-perl/Shorewall/Chains.pm b/Shorewall-perl/Shorewall/Chains.pm
index e3dbb1138..23104e488 100644
--- a/Shorewall-perl/Shorewall/Chains.pm
+++ b/Shorewall-perl/Shorewall/Chains.pm
@@ -1392,8 +1392,10 @@ sub expand_rule( $$$$$$$$$$ )
 	$disposition,  # Primative part of the target (RETURN, ACCEPT, ...) 
 	$exceptionrule # Caller's matches used in exclusion case
        ) = @_;
+
     my ($iiface, $diface, $inets, $dnets, $iexcl, $dexcl, $onets , $oexcl );
     my $chain = $chainref->{name};
+
     #
     # Handle Log Level
     #
@@ -1685,7 +1687,7 @@ sub expand_rule( $$$$$$$$$$ )
 	#
 	# Generate Final Rule
 	#
-	add_rule $echainref, $exceptionrule . $target unless $disposition eq 'LOG';
+	add_rule( $echainref, $exceptionrule . $target ) unless $disposition eq 'LOG';
     } else {
 	#
 	# No exclusions
diff --git a/Shorewall-perl/Shorewall/Common.pm b/Shorewall-perl/Shorewall/Common.pm
index c38e5c6d1..167a7fb1d 100644
--- a/Shorewall-perl/Shorewall/Common.pm
+++ b/Shorewall-perl/Shorewall/Common.pm
@@ -58,27 +58,21 @@ our @EXPORT = qw(
 		 $done
 		 $verbose
 		 );
-our @EXPORT_OK = ();
+our @EXPORT_OK = qw( $timestamp );
 our @VERSION = 1.00;
 
 our $line = '';          # Current config file line
 
 our ( $command, $doing, $done ) = qw/ compile Compiling Compiled/; #describe the current command, it's present progressive, and it's completion.
 
-our $verbose;            # Verbosity setting. 0 = almost silent, 1 = major progress messages only, 2 = all progress messages (very noisy)
-
-our $timestamp;           # If true, we are to timestamp each progress message
+our $verbose = 0;         # Verbosity setting. 0 = almost silent, 1 = major progress messages only, 2 = all progress messages (very noisy)
+our $timestamp = '';      # If true, we are to timestamp each progress message
 our $object = 0;          # Object (script) file Handle Reference
 our $lastlineblank = 0;   # Avoid extra blank lines in the output
 our $indent        = '';  # Current indentation
 our ( $dir, $file );      # Object's Directory and File
 our $tempfile;            # Temporary File Name
 
-INIT {
-    $verbose   = $ENV{VERBOSE}   || 0;
-    $timestamp = $ENV{TIMESTAMP} || '';
-}
-
 #
 # Fatal Error
 #
diff --git a/Shorewall-perl/Shorewall/Compiler.pm b/Shorewall-perl/Shorewall/Compiler.pm
index 667103afd..ae405f7a1 100644
--- a/Shorewall-perl/Shorewall/Compiler.pm
+++ b/Shorewall-perl/Shorewall/Compiler.pm
@@ -21,14 +21,6 @@
 #	along with this program; if not, write to the Free Software
 #	Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA
 #
-#	Environmental Variables (Normally set up by /sbin/shorewall):
-#
-#	    EXPORT=Yes                          -e option specified to /sbin/shorewall
-#	    SHOREWALL_DIR                       A directory name was passed to /sbin/shorewall
-#	    VERBOSE                             Standard Shorewall verbosity control.
-#           TIMESTAMP=Yes                       -t option specified to /sbin/shorewall
-#
-#       This program performs rudimentary shell variable expansion on action and macro files.
 
 package Shorewall::Compiler;
 require Exporter;
@@ -52,14 +44,10 @@ use Shorewall::Proxyarp;
 
 our @ISA = qw(Exporter);
 our @EXPORT = qw( compiler );
-our @EXPORT_OK = qw( );
+our @EXPORT_OK = qw( $export );
 our @VERSION = 1.00;
 
-our $export;
-
-INIT {
-    $export = $ENV{EXPORT};
-}
+our $export = 0;
 
 #
 # First stage of script generation.
diff --git a/Shorewall-perl/Shorewall/Config.pm b/Shorewall-perl/Shorewall/Config.pm
index f336bc9e7..8bfc6340c 100644
--- a/Shorewall-perl/Shorewall/Config.pm
+++ b/Shorewall-perl/Shorewall/Config.pm
@@ -62,7 +62,8 @@ our @EXPORT = qw(
 		 %capabilities
 		 %protocols
 		 %services );
-our @EXPORT_OK = ();
+
+our @EXPORT_OK = qw( $shorewall_dir );
 our @VERSION = 1.00;
 
 #
@@ -262,6 +263,8 @@ our $currentfile;             # File handle reference
 our $currentfilename;         # File NAME
 our $currentlinenumber = 0;   # Line number
 
+our $shorewall_dir = '';      #Shorewall Directory
+
 #
 # Issue a Warning Message
 #
@@ -838,9 +841,9 @@ sub ensure_config_path() {
 	$_ .= '/' unless m|//$|;
     }
 
-    if ( my $sd = $ENV{SHOREWALL_DIR} ) {
-	$sd .= '/' unless $sd =~ m|//$|;
-	unshift @config_path, $sd if $sd ne $config_path[0];
+    if ( $shorewall_dir ) {
+	$shorewall_dir .= '/' unless $shorewall_dir =~ m|//$|;
+	unshift @config_path, $shorewall_dir if $shorewall_dir ne $config_path[0];
     }
 }
 
@@ -941,6 +944,7 @@ sub get_configuration( $ ) {
     default_yes_no 'DETECT_DNAT_IPADDRS'        , '';
     default_yes_no 'DETECT_DNAT_IPADDRS'        , '';
     default_yes_no 'CLEAR_TC'                   , 'Yes';
+
     if ( defined $config{CLAMPMSS} ) {
 	default_yes_no 'CLAMPMSS'                   , '' unless $config{CLAMPMSS} =~ /^\d+$/;
     } else {
diff --git a/Shorewall-perl/compiler.pl b/Shorewall-perl/compiler.pl
index d3829d888..c011b9968 100755
--- a/Shorewall-perl/compiler.pl
+++ b/Shorewall-perl/compiler.pl
@@ -21,24 +21,32 @@
 #	along with this program; if not, write to the Free Software
 #	Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA
 #
-#	Commands are:
+# See usage() function below for command line syntax.
 #
-#          compiler.pl                          Verify the configuration files.
-#	   compile <path name>                  Compile into <path name>
-#
-#	Environmental Variables are set up by the Compiler wrapper ('compiler' program).
-#
-#	    EXPORT=Yes                          -e option specified to /sbin/shorewall
-#	    SHOREWALL_DIR                       A directory name was passed to /sbin/shorewall
-#	    VERBOSE                             Standard Shorewall verbosity control.
-#           TIMESTAMP=Yes                       -t option specified to /sbin/shorewall
-#
-#       This program performs rudimentary shell variable expansion on action and macro files.
-
 use strict;
 use lib '/usr/share/shorewall-perl';
-use Shorewall::Compiler;
+use Shorewall::Common qw( $verbose $timestamp );
+use Shorewall::Config qw( fatal_error $shorewall_dir );
+use Shorewall::Compiler qw( compiler $export );
+use Getopt::Long;
+
 #
 # Compile/Check the configuration.
 #
+sub usage() {
+    print STDERR "usage: compiler.pl [ --export ] [ --directory <directory> ] [ --verbose {0-2} ] [ --timestamp ] [ <filename> ]\n";
+    exit 1;
+}
+
+my $result = GetOptions('export'      => \$export,
+			'directory=s' => \$shorewall_dir,
+			'verbose=i'   => \$verbose,
+			'timestamp'   => \$timestamp );
+
+usage unless $result;
+
+if ( $shorewall_dir ne '' ) {
+    fatal_error "$shorewall_dir is not an existing directory" unless -d $shorewall_dir;
+}
+
 compiler $ARGV[0];