From bbeee2943e6b8c7da112882c20442aaffa9a12b6 Mon Sep 17 00:00:00 2001
From: teastep <teastep@fbd18981-670d-0410-9b5c-8dc0c1a9a2bb>
Date: Sun, 11 Mar 2007 22:12:41 +0000
Subject: [PATCH] Adjust exported variables; make iptables restoration into a
 function

git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@5498 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
---
 New/compiler.pl | 32 ++++++++++++++++++++++++--------
 1 file changed, 24 insertions(+), 8 deletions(-)

diff --git a/New/compiler.pl b/New/compiler.pl
index 5eeed4347..4e4170a00 100755
--- a/New/compiler.pl
+++ b/New/compiler.pl
@@ -105,6 +105,11 @@ my %config = ( STARTUP_ENABLED => undef,
 	       ORIGINAL_POLICY_MATCH => undef,
 	       );
 #
+# Config options and global settings that are to be copied to object
+#
+my @propagateconfig = qw/ CLEAR_TC DISABLE_IPV6 ADMINISABSENTMINDED IP_FORWARDING MODULESDIR MODULE_SUFFIX LOGFORMAT /;
+my @propagateenv    = qw/ LOGLIMIT LOGTAGONLY LOGRULENUMBERS /;
+#
 # From parsing the capabilities file
 #
 my %capabilities = 
@@ -5127,17 +5132,19 @@ sub generate_matrix() {
 }
 
 sub create_iptables_restore_file() {
-    print $object "#Generated by Shorewall $env{VERSION} - " . ( localtime ) . "\n";
+    emit 'restore_iptables()';
+    emit '{';
+    emit '    iptables-restore << __EOF__';
 
     for my $table qw/raw nat mangle filter/ {
-	print $object "*$table\n";
+	emit "*$table";
 	my @chains;
 	for my $chain ( grep $chain_table{$table}{$_}->{referenced} , ( sort keys %{$chain_table{$table}} ) ) {
 	    my $chainref =  $chain_table{$table}{$chain};
 	    if ( $chainref->{builtin} ) {
-		print $object ":$chainref->{name} $chainref->{policy} [0:0]\n";
+		emit ":$chainref->{name} $chainref->{policy} [0:0]";
 	    } else {
-		print $object ":$chainref->{name} - [0:0]\n";
+		emit ":$chainref->{name} - [0:0]";
 	    }
 
 	    push @chains, $chainref;
@@ -5146,11 +5153,15 @@ sub create_iptables_restore_file() {
 	for my $chainref ( @chains ) {
 	    my $name = $chainref->{name};
 	    for my $rule ( @{$chainref->{rules}} ) {
-		print $object "-A $name $rule\n";
+		emit "-A $name $rule";
 	    }
 	}
-	print $object "COMMIT\n";
+
+	emit 'COMMIT';
+	emit '__EOF__';
     }
+
+    emit '}';
 }
        
 #
@@ -5475,8 +5486,13 @@ sub compile_firewall( $ ) {
 
 	$indent = '    ';
 
-	while ( my ( $option, $value ) = ( each %config ) ) {
-	    $value |= '';
+	for my $option ( @propagateconfig ) {
+	    my $value = $config{$option} || '';
+	    emit "${option}=\"${value}\"";
+	}
+
+	for my $option ( @propagateenv ) {
+	    my $value = $env{$option} || '';
 	    emit "${option}=\"${value}\"";
 	}