From b536abdaa12e80c53da865356c95d2f803dbc151 Mon Sep 17 00:00:00 2001 From: teastep Date: Sun, 17 Jun 2007 21:35:42 +0000 Subject: [PATCH] Implement capabilities versioning git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@6579 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb --- Shorewall-perl/Shorewall/Config.pm | 13 ++++++++++++- 1 file changed, 12 insertions(+), 1 deletion(-) diff --git a/Shorewall-perl/Shorewall/Config.pm b/Shorewall-perl/Shorewall/Config.pm index d75c83b05..4984b7b09 100644 --- a/Shorewall-perl/Shorewall/Config.pm +++ b/Shorewall-perl/Shorewall/Config.pm @@ -1,4 +1,4 @@ -s# +# # Shorewall-perl 4.0 -- /usr/share/shorewall-perl/Shorewall/Config.pm # # This program is under GPL [http://www.gnu.org/copyleft/gpl.htm] @@ -132,6 +132,7 @@ sub initialize() { LOGPARMS => '', TC_SCRIPT => '', VERSION => '4.0.0-Beta5', + CAPVERSION => 30405 , ); # # From shorewall.conf file @@ -263,6 +264,7 @@ sub initialize() { MANGLE_FORWARD => undef, COMMENTS => undef, ADDRTYPE => undef, + CAPVERSION => undef, ); # # /etc/protocols and /etc/services @@ -300,6 +302,7 @@ sub initialize() { COMMENTS => 'Comments', ADDRTYPE => 'Address Type Match', TCPMSS_MATCH => 'TCP MSS', + CAPVERSION => 'Capability Version', ); # # Directories to search for configuration files @@ -862,6 +865,8 @@ sub determine_capabilities() { qt( "$iptables -F $sillyname" ); qt( "$iptables -X $sillyname" ); + + $capabilities{CAPVERSION} = $globals{CAPVERSION}; } # @@ -992,6 +997,12 @@ sub get_configuration( $ ) { } } + if ( $capabilities{CAPVERSION} ) { + warning_message "Your capabilities file is out of date -- it does not contain all of the capabilities defined by Shorewall version $globals{VERSION}" unless $capabilities{CAPVERSION} >= $globals{CAPVERSION}; + } else { + warning_message "Your capabilities file may be out of date"; + } + $globals{ORIGINAL_POLICY_MATCH} = $capabilities{POLICY_MATCH}; if ( $config{LOGRATE} || $config{LOGBURST} ) {