From a8d7675322cb54efafbfc26a118e7b90fc987750 Mon Sep 17 00:00:00 2001 From: Tom Eastep Date: Sun, 12 Mar 2017 09:01:22 -0700 Subject: [PATCH] Process config options in file order during update. Signed-off-by: Tom Eastep --- Shorewall/Perl/Shorewall/Config.pm | 24 +++++++++++------------- docs/KVM.xml | 21 ++++++++++----------- 2 files changed, 21 insertions(+), 24 deletions(-) diff --git a/Shorewall/Perl/Shorewall/Config.pm b/Shorewall/Perl/Shorewall/Config.pm index 705690ba3..68cd6636a 100644 --- a/Shorewall/Perl/Shorewall/Config.pm +++ b/Shorewall/Perl/Shorewall/Config.pm @@ -5432,6 +5432,7 @@ EOF sub process_shorewall_conf( $$ ) { my ( $update, $annotate ) = @_; my $file = find_file "$product.conf"; + my @vars; if ( -f $file ) { $globals{CONFIGDIR} = $configfile = $file; @@ -5448,7 +5449,11 @@ sub process_shorewall_conf( $$ ) { if ( $currentline =~ /^\s*([a-zA-Z]\w*)=(.*)$/ ) { my ($var, $val) = ($1, $2); - expand_variables( $val ) unless $update || $val =~ /^'.*'$/; + if ( $update ) { + push @vars, $var; + } else { + expand_variables( $val ) unless $val =~ /^'.*'$/; + } if ( exists $config{$var} ) { if ( $eliminated{$var} && ! $update ) { @@ -5493,19 +5498,12 @@ sub process_shorewall_conf( $$ ) { # Config file update requires that the option values not have # Shell variables expanded. We do that now. # - # We must first make LOG_LEVEL a variable because the order in which - # the values are processed below is not the order in which they appear - # in the config file. + # To handle options like LOG_LEVEL, we process the options + # in the order in which they appear in the .conf file. # - $config{LOG_LEVEL} = '' unless defined $config{LOG_LEVEL}; - - my %log_level = ( LOG_LEVEL => $config{LOG_LEVEL} ); - - add_variables( %log_level ); - - for ( values %config ) { - if ( supplied $_ ) { - expand_variables( $_ ) unless /^'.*'$/; + for ( @vars ) { + if ( supplied( my $val = $config{$_} ) ) { + expand_variables( $config{$_} ) unless $val =~ /^'.*'$/; } } } diff --git a/docs/KVM.xml b/docs/KVM.xml index f89097f12..75aabcc93 100644 --- a/docs/KVM.xml +++ b/docs/KVM.xml @@ -50,7 +50,7 @@ Linux Distributions. The following diagram shows the entire network. - + My personal laptop (Ursa) hosts the virtual machines. As shown in the diagram, Ursa has routes to the Internet through both the @@ -66,12 +66,12 @@
Networking Configuration - I use a network configuration where each VM has its own VNET and - tap device and the tap devices are all configured as ports on a Linux - Bridge. For clarity, I've only shown four of the virtual machines - available on the system. + I use a network configuration where each VM has its own VNET and tap + device and the tap devices are all configured as ports on a Linux Bridge. + For clarity, I've only shown four of the virtual machines available on the + system. - + I run dmsmasq to act as a DHCP server and name server for the VMs. @@ -82,11 +82,10 @@ With this configuration, and with only a single network interface on the laptop, this is just a simple two-interface masquerading setup where - the local network interface is br0. As with all bridges, br0 must be configured with the - option in two-interface masquerading setup where the + local network interface is br0. As + with all bridges, br0 must be + configured with the option in shorewall-interfaces(5). For additional information about this setup, including the Shorewall