forked from extern/shorewall_code
Some editing cleanup
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8410 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
This commit is contained in:
teastep
parent
94113e0312
commit
9d4ec13e47
@ -728,7 +728,7 @@ sub compiler {
|
||||
|
||||
sub edit_verbosity( $ ) {
|
||||
my $val = numeric_value( shift );
|
||||
defined($val) && ($val >= -1) && ($val < 3);
|
||||
defined($val) && ($val >= MIN_VERBOSITY) && ($val <= MAX_VERBOSITY);
|
||||
}
|
||||
|
||||
my %parms = ( object => { store => \$objectfile },
|
||||
|
||||
@ -55,6 +55,7 @@ our @EXPORT_OK = qw( $shorewall_dir initialize read_a_line1 set_config_path shor
|
||||
our %EXPORT_TAGS = ( internal => [ qw( create_temp_object
|
||||
finalize_object
|
||||
numeric_value
|
||||
numeric_value1
|
||||
in_hex
|
||||
in_hex2
|
||||
in_hex3
|
||||
@ -106,6 +107,9 @@ our %EXPORT_TAGS = ( internal => [ qw( create_temp_object
|
||||
%config
|
||||
%globals
|
||||
%capabilities
|
||||
|
||||
MIN_VERBOSITY
|
||||
MAX_VERBOSITY
|
||||
) ] );
|
||||
|
||||
Exporter::export_ok_tags('internal');
|
||||
@ -228,6 +232,9 @@ our $shorewall_dir; # Shorewall Directory
|
||||
|
||||
our $debug; # If true, use Carp to report errors with stack trace.
|
||||
|
||||
use constant { MIN_VERBOSITY => -1,
|
||||
MAX_VERBOSITY => 2 };
|
||||
|
||||
#
|
||||
# Initialize globals -- we take this novel approach to globals initialization to allow
|
||||
# the compiler to run multiple times in the same process. The
|
||||
@ -525,6 +532,12 @@ sub numeric_value ( $ ) {
|
||||
$mark =~ /^0/ ? oct $mark : $mark;
|
||||
}
|
||||
|
||||
sub numeric_value1 ( $ ) {
|
||||
my $val = numeric_value $_[0];
|
||||
fatal_error "Invalid Number ($_[0])" unless defined $val;
|
||||
$val;
|
||||
}
|
||||
|
||||
#
|
||||
# Return the argument expressed in Hex
|
||||
#
|
||||
|
||||
@ -219,11 +219,11 @@ sub validate_policy()
|
||||
|
||||
my $clientwild = ( "\L$client" eq 'all' );
|
||||
|
||||
fatal_error "Undefined zone $client" unless $clientwild || defined_zone( $client );
|
||||
fatal_error "Undefined zone ($client)" unless $clientwild || defined_zone( $client );
|
||||
|
||||
my $serverwild = ( "\L$server" eq 'all' );
|
||||
|
||||
fatal_error "Undefined zone $server" unless $serverwild || defined_zone( $server );
|
||||
fatal_error "Undefined zone ($server)" unless $serverwild || defined_zone( $server );
|
||||
|
||||
my ( $policy, $default, $remainder ) = split( /:/, $originalpolicy, 3 );
|
||||
|
||||
@ -252,10 +252,10 @@ sub validate_policy()
|
||||
$default = $default_actions{$policy} || '';
|
||||
}
|
||||
|
||||
fatal_error "Invalid policy $policy" unless exists $validpolicies{$policy};
|
||||
fatal_error "Invalid policy ($policy)" unless exists $validpolicies{$policy};
|
||||
|
||||
if ( defined $queue ) {
|
||||
fatal_error "Invalid policy ($policy/$queue)" unless $policy eq 'NFQUEUE';
|
||||
fatal_error "Invalid policy ($policy($queue))" unless $policy eq 'NFQUEUE';
|
||||
require_capability( 'NFQUEUE_TARGET', 'An NFQUEUE Policy', 's' );
|
||||
my $queuenum = numeric_value( $queue );
|
||||
fatal_error "Invalid NFQUEUE queue number ($queue)" unless defined( $queuenum) && $queuenum <= 65535;
|
||||
|
||||
@ -274,8 +274,10 @@ sub process_tc_rule( $$$$$$$$$$$ ) {
|
||||
validate_mark $mark;
|
||||
|
||||
if ( $config{HIGH_ROUTE_MARKS} ) {
|
||||
my $val = numeric_value( $cmd );
|
||||
fatal_error "Invalid MARK/CLASSIFY ($cmd)" unless defined $val;
|
||||
fatal_error 'Marks < 256 may not be set in the PREROUTING or OUTPUT chains when HIGH_ROUTE_MARKS=Yes'
|
||||
if $cmd && ( $chain eq 'tcpre' || $chain eq 'tcout' ) && numeric_value( $cmd ) <= 0xFF;
|
||||
if $cmd && ( $chain eq 'tcpre' || $chain eq 'tcout' ) && $val <= 0xFF;
|
||||
}
|
||||
}
|
||||
}
|
||||
@ -475,6 +477,7 @@ sub validate_tc_class( $$$$$$ ) {
|
||||
fatal_error "Invalid Mark ($mark)" unless $mark =~ /^([0-9]+|0x[0-9a-f]+)$/ && numeric_value( $mark ) <= 0xff;
|
||||
|
||||
$markval = numeric_value( $mark );
|
||||
fatal_error "Invalid MARK ($markval)" unless defined $markval;
|
||||
fatal_error "Duplicate MARK ($mark)" if $tcref->{$classnumber};
|
||||
$classnumber = $devnum . $mark;
|
||||
}
|
||||
@ -623,8 +626,8 @@ sub process_tc_filter( $$$$$$ ) {
|
||||
|
||||
my ( $icmptype , $icmpcode ) = split '//', validate_icmp( $portrange );
|
||||
|
||||
$icmptype = in_hex2 numeric_value $icmptype;
|
||||
$icmpcode = in_hex2 numeric_value $icmpcode if defined $icmpcode;
|
||||
$icmptype = in_hex2 numeric_value1 $icmptype;
|
||||
$icmpcode = in_hex2 numeric_value1 $icmpcode if defined $icmpcode;
|
||||
|
||||
my $rule1 = " match u8 $icmptype 0xff at nexthdr+0";
|
||||
$rule1 .= "\\\n match u8 $icmpcode 0xff at nexthdr+1" if defined $icmpcode;
|
||||
|
||||
Loading…
Reference in New Issue
Block a user