From bf3880ae59dbe35d361b5483b5fc11e27a43e77e Mon Sep 17 00:00:00 2001 From: Tom Eastep Date: Sun, 30 Dec 2018 12:41:55 -0800 Subject: [PATCH] Add some comments to the Misc module Signed-off-by: Tom Eastep --- Shorewall/Perl/Shorewall/Misc.pm | 25 +++++++++++++++++++++++++ 1 file changed, 25 insertions(+) diff --git a/Shorewall/Perl/Shorewall/Misc.pm b/Shorewall/Perl/Shorewall/Misc.pm index 0ba4ac69b..9ba490342 100644 --- a/Shorewall/Perl/Shorewall/Misc.pm +++ b/Shorewall/Perl/Shorewall/Misc.pm @@ -66,6 +66,9 @@ sub initialize( $ ) { $family = shift; } +# +# Warn that the tos file is no longer supported +# sub process_tos() { if ( my $fn = open_file 'tos' ) { @@ -145,6 +148,9 @@ sub setup_ecn() } } +# +# Add a logging rule followed by a jump +# sub add_rule_pair( $$$$$ ) { my ($chainref , $predicate , $target , $level, $tag ) = @_; @@ -402,6 +408,9 @@ EOF } } +# +# Convert a routestopped file into an equivalent stoppedrules file +# sub convert_routestopped() { if ( my $fn = open_file 'routestopped' ) { @@ -662,6 +671,9 @@ sub process_stoppedrules() { $result; } +# +# Generate the rules required when DOCKER=Yes +# sub create_docker_rules() { add_commands( $nat_table->{PREROUTING} , '[ -n "$g_docker" ] && echo "-A PREROUTING -m addrtype --dst-type LOCAL -j DOCKER" >&3' ); @@ -703,6 +715,9 @@ sub create_docker_rules() { sub setup_mss(); +# +# Add rules generated by .conf options and interface options +# sub add_common_rules ( $ ) { my ( $upgrade ) = @_; my $interface; @@ -1283,6 +1298,13 @@ my %maclist_targets = ( ACCEPT => { target => 'RETURN' , mangle => 1 } , REJECT => { target => 'reject' , mangle => 0 } , DROP => { target => 'DROP' , mangle => 1 } ); +# +# Create rules generated by the 'maclist' option and by entries in the maclist file. +# +# The function is called twice. The first call passes '1' and causes the maclist file +# to be processed. The second call passes '2' and generates the jumps for 'maclist' +# interfaces. +# sub setup_mac_lists( $ ) { my $phase = $_[0]; @@ -2454,6 +2476,9 @@ sub generate_matrix() { } } +# +# Generate MSS rules +# sub setup_mss( ) { my $clampmss = $config{CLAMPMSS}; my $option;