holm/shorewall_code
1
0
Fork 0
forked from extern/shorewall_code
Code Pull Requests Activity

Rename 'ipset v4' -> 'ipset v5'

Browse Source 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
This commit is contained in:
Tom Eastep 2011-06-22 17:09:23 -07:00
parent 04d551d8ca
commit 9fa5e62d4f
3 changed files with 14 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
Shorewall/Perl/Shorewall/Config.pm
View File

@ -609,7 +609,7 @@ sub initialize( $ ) {
OWNER_MATCH => undef, OWNER_MATCH => undef,
IPSET_MATCH => undef, IPSET_MATCH => undef,
OLD_IPSET_MATCH => undef, OLD_IPSET_MATCH => undef,
IPSET_V4 => undef, IPSET_V5 => undef,
CONNMARK => undef, CONNMARK => undef,
XCONNMARK => undef, XCONNMARK => undef,
CONNMARK_MATCH => undef, CONNMARK_MATCH => undef,
@ -2531,7 +2531,7 @@ sub IPSet_Match() {
$result; $result;
} }
sub IPSET_V4() { sub IPSET_V5() {
my $ipset = $config{IPSET} || 'ipset'; my $ipset = $config{IPSET} || 'ipset';
my $result = 0; my $result = 0;
@ -2644,6 +2644,7 @@ our %detect_capability =
IPRANGE_MATCH => \&IPRange_Match, IPRANGE_MATCH => \&IPRange_Match,
IPSET_MATCH => \&IPSet_Match, IPSET_MATCH => \&IPSet_Match,
OLD_IPSET_MATCH => \&Old_IPSet_Match, OLD_IPSET_MATCH => \&Old_IPSet_Match,
IPSET_V5 => \&IPSET_V5,
KLUDGEFREE => \&Kludgefree, KLUDGEFREE => \&Kludgefree,
LENGTH_MATCH => \&Length_Match, LENGTH_MATCH => \&Length_Match,
LOGMARK_TARGET => \&Logmark_Target, LOGMARK_TARGET => \&Logmark_Target,
@ -2783,6 +2784,7 @@ sub determine_capabilities() {
$capabilities{MANGLE_FORWARD} = detect_capability( 'MANGLE_FORWARD' ); $capabilities{MANGLE_FORWARD} = detect_capability( 'MANGLE_FORWARD' );
$capabilities{RAW_TABLE} = detect_capability( 'RAW_TABLE' ); $capabilities{RAW_TABLE} = detect_capability( 'RAW_TABLE' );
$capabilities{IPSET_MATCH} = detect_capability( 'IPSET_MATCH' ); $capabilities{IPSET_MATCH} = detect_capability( 'IPSET_MATCH' );
$capabilities{OLD_IPSET_MATCH} = detect_capability( 'OLD_IPSET_MATCH' );
$capabilities{USEPKTTYPE} = detect_capability( 'USEPKTTYPE' ); $capabilities{USEPKTTYPE} = detect_capability( 'USEPKTTYPE' );
$capabilities{ADDRTYPE} = detect_capability( 'ADDRTYPE' ); $capabilities{ADDRTYPE} = detect_capability( 'ADDRTYPE' );
$capabilities{TCPMSS_MATCH} = detect_capability( 'TCPMSS_MATCH' ); $capabilities{TCPMSS_MATCH} = detect_capability( 'TCPMSS_MATCH' );
@ -2799,6 +2801,7 @@ sub determine_capabilities() {
$capabilities{MARK_ANYWHERE} = detect_capability( 'MARK_ANYWHERE' ); $capabilities{MARK_ANYWHERE} = detect_capability( 'MARK_ANYWHERE' );
$capabilities{ACCOUNT_TARGET} = detect_capability( 'ACCOUNT_TARGET' ); $capabilities{ACCOUNT_TARGET} = detect_capability( 'ACCOUNT_TARGET' );
$capabilities{AUDIT_TARGET} = detect_capability( 'AUDIT_TARGET' ); $capabilities{AUDIT_TARGET} = detect_capability( 'AUDIT_TARGET' );
$capabilities{IPSET_V5} = detect_capability( 'IPSET_V5' );
qt1( "$iptables -F $sillyname" ); qt1( "$iptables -F $sillyname" );

7
Shorewall/lib.cli
View File

@ -1672,7 +1672,7 @@ determine_capabilities() {
OWNER_MATCH= OWNER_MATCH=
IPSET_MATCH= IPSET_MATCH=
OLD_IPSET_MATCH= OLD_IPSET_MATCH=
IPSET_V4= IPSET_V5=
CONNMARK= CONNMARK=
XCONNMARK= XCONNMARK=
CONNMARK_MATCH= CONNMARK_MATCH=
@ -1821,7 +1821,7 @@ determine_capabilities() {
local have_ipset local have_ipset
if qt ipset -N $chain hash:ip family inet; then if qt ipset -N $chain hash:ip family inet; then
IPSET_V4=Yes IPSET_V5=Yes
have_ipset=Yes have_ipset=Yes
elif qt ipset -N $chain iphash ; then elif qt ipset -N $chain iphash ; then
have_ipset=Yes have_ipset=Yes
@ -1942,7 +1942,7 @@ report_capabilities() {
report_capability "Header Match" $HEADER_MATCH report_capability "Header Match" $HEADER_MATCH
report_capability "ACCOUNT Target" $ACCOUNT_TARGET report_capability "ACCOUNT Target" $ACCOUNT_TARGET
report_capability "AUDIT Target" $AUDIT_TARGET report_capability "AUDIT Target" $AUDIT_TARGET
report_capability "ipset V4" $IPSET_V4 report_capability "ipset V5" $IPSET_V5
fi fi
[ -n "$PKTTYPE" ] || USEPKTTYPE= [ -n "$PKTTYPE" ] || USEPKTTYPE=
@ -2011,6 +2011,7 @@ report_capabilities1() {
report_capability1 HEADER_MATCH report_capability1 HEADER_MATCH
report_capability1 ACCOUNT_TARGET report_capability1 ACCOUNT_TARGET
report_capability1 AUDIT_TARGET report_capability1 AUDIT_TARGET
report_capability1 IPSET_V5
echo CAPVERSION=$SHOREWALL_CAPVERSION echo CAPVERSION=$SHOREWALL_CAPVERSION
echo KERNELVERSION=$KERNELVERSION echo KERNELVERSION=$KERNELVERSION

10
Shorewall6/lib.cli
View File

@ -1499,7 +1499,7 @@ determine_capabilities() {
OWNER_MATCH= OWNER_MATCH=
IPSET_MATCH= IPSET_MATCH=
OLD_IPSET_MATCH= OLD_IPSET_MATCH=
IPSET_V4= IPSET_V5=
CONNMARK= CONNMARK=
XCONNMARK= XCONNMARK=
CONNMARK_MATCH= CONNMARK_MATCH=
@ -1535,7 +1535,7 @@ determine_capabilities() {
HEADER_MATCH= HEADER_MATCH=
ACCOUNT_TARGET= ACCOUNT_TARGET=
AUDIT_TARGET= AUDIT_TARGET=
IPSET_V4= IPSET_V5=
chain=fooX$$ chain=fooX$$
@ -1654,7 +1654,7 @@ determine_capabilities() {
qt ipset -X $chain # Just in case something went wrong the last time qt ipset -X $chain # Just in case something went wrong the last time
if qt ipset -N $chain hash:ip family inet6; then if qt ipset -N $chain hash:ip family inet6; then
IPSET_V4=Yes IPSET_V5=Yes
if qt $IP6TABLES -A $chain -m set --set $chain src -j ACCEPT; then if qt $IP6TABLES -A $chain -m set --set $chain src -j ACCEPT; then
qt $IP6TABLES -D $chain -m set --set $chain src -j ACCEPT qt $IP6TABLES -D $chain -m set --set $chain src -j ACCEPT
IPSET_MATCH=Yes IPSET_MATCH=Yes
@ -1767,7 +1767,7 @@ report_capabilities() {
report_capability "Header Match" $HEADER_MATCH report_capability "Header Match" $HEADER_MATCH
report_capability "ACCOUNT Target" $ACCOUNT_TARGET report_capability "ACCOUNT Target" $ACCOUNT_TARGET
report_capability "AUDIT Target" $AUDIT_TARGET report_capability "AUDIT Target" $AUDIT_TARGET
report_capability "IPSET V4" $IPSET_V4 report_capability "ipset V5" $IPSET_V5
fi fi
[ -n "$PKTTYPE" ] || USEPKTTYPE= [ -n "$PKTTYPE" ] || USEPKTTYPE=
@ -1833,7 +1833,7 @@ report_capabilities1() {
report_capability1 HEADER_MATCH report_capability1 HEADER_MATCH
report_capability1 ACCOUNT_TARGET report_capability1 ACCOUNT_TARGET
report_capability1 AUDIT_TARGET report_capability1 AUDIT_TARGET
report_capability1 IPSET_V4 report_capability1 IPSET_V5
echo CAPVERSION=$SHOREWALL_CAPVERSION echo CAPVERSION=$SHOREWALL_CAPVERSION
echo KERNELVERSION=$KERNELVERSION echo KERNELVERSION=$KERNELVERSION