forked from extern/shorewall_code
Use global variables in provider setup
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@6291 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
This commit is contained in:
parent
f4df6dce05
commit
95c4bec713
@ -110,6 +110,7 @@ our @EXPORT = qw( STANDARD
|
||||
insertnatjump
|
||||
get_interface_address
|
||||
get_interface_addresses
|
||||
set_global_variables
|
||||
create_netfilter_load
|
||||
|
||||
@policy_chains
|
||||
@ -1715,6 +1716,43 @@ sub emitr( $ ) {
|
||||
}
|
||||
}
|
||||
|
||||
#
|
||||
# Generate function that sets global variables
|
||||
#
|
||||
sub set_global_variables() {
|
||||
|
||||
my $nonempty = 0;
|
||||
|
||||
emitj( 'set_global_variables()',
|
||||
'{'
|
||||
);
|
||||
|
||||
push_indent;
|
||||
#
|
||||
# Establish the values of shell variables used in the following shell commands and/or 'here documents' input.
|
||||
#
|
||||
for ( values %interfaceaddr ) {
|
||||
emit $_;
|
||||
$nonempty = 1;
|
||||
}
|
||||
|
||||
for ( values %interfaceaddrs ) {
|
||||
emit $_;
|
||||
$nonempty = 1;
|
||||
}
|
||||
|
||||
for ( values %interfacenets ) {
|
||||
emit $_;
|
||||
$nonempty = 1;
|
||||
}
|
||||
|
||||
emit "true" unless $nonempty;
|
||||
|
||||
pop_indent;
|
||||
|
||||
emit "}\n";
|
||||
}
|
||||
|
||||
#
|
||||
# Generate the netfilter input
|
||||
#
|
||||
@ -1728,21 +1766,6 @@ sub create_netfilter_load() {
|
||||
|
||||
save_progress_message "Preparing iptables-restore input...";
|
||||
|
||||
#
|
||||
# Establish the values of shell variables used in the following shell commands and/or 'here documents' input.
|
||||
#
|
||||
for ( values %interfaceaddr ) {
|
||||
emit $_;
|
||||
}
|
||||
|
||||
for ( values %interfaceaddrs ) {
|
||||
emit $_;
|
||||
}
|
||||
|
||||
for ( values %interfacenets ) {
|
||||
emit $_;
|
||||
}
|
||||
|
||||
emit '';
|
||||
#
|
||||
# We always write the input into a file then pass the file to iptables-restore. That way, if things go wrong,
|
||||
|
@ -177,9 +177,10 @@ sub setup_providers() {
|
||||
}
|
||||
|
||||
if ( $gateway eq 'detect' ) {
|
||||
my $variable = get_interface_address $interface;
|
||||
emitj ( "gateway=\$(detect_gateway $interface)\n",
|
||||
'if [ -n "$gateway" ]; then',
|
||||
" run_ip route replace \$gateway src \$(find_first_interface_address $interface) dev $interface table $number",
|
||||
" run_ip route replace $variable dev $interface table $number",
|
||||
" run_ip route add default via \$gateway dev $interface table $number",
|
||||
'else',
|
||||
" fatal_error \"Unable to detect the gateway through interface $interface\"",
|
||||
@ -187,7 +188,8 @@ sub setup_providers() {
|
||||
$gateway = '$gateway';
|
||||
} elsif ( $gateway && $gateway ne '-' ) {
|
||||
validate_address $gateway;
|
||||
emit "run_ip route replace $gateway src \$(find_first_interface_address $interface) dev $interface table $number";
|
||||
my $variable = get_interface_address $interface;
|
||||
emit "run_ip route replace $gateway src $variable dev $interface table $number";
|
||||
emit "run_ip route add default via $gateway dev $interface table $number";
|
||||
} else {
|
||||
$gateway = '';
|
||||
|
@ -577,6 +577,8 @@ sub generate_script_3() {
|
||||
|
||||
emit "}\n";
|
||||
|
||||
set_global_variables;
|
||||
|
||||
progress_message2 "Creating iptables-restore input...";
|
||||
create_netfilter_load;
|
||||
|
||||
@ -585,6 +587,9 @@ sub generate_script_3() {
|
||||
push_indent;
|
||||
|
||||
emit<<'EOF';
|
||||
|
||||
set_global_variables;
|
||||
|
||||
setup_routing_and_traffic_shaping;
|
||||
|
||||
if [ $COMMAND = restore ]; then
|
||||
|
Loading…
Reference in New Issue
Block a user