From cda4c6ed11b240369612eb50aad934a089c7a6e2 Mon Sep 17 00:00:00 2001
From: Tom Eastep <teastep@shorewall.net>
Date: Thu, 5 Jan 2012 16:49:26 -0800
Subject: [PATCH] Implement 'stat' provider option -- phase 1

Signed-off-by: Tom Eastep <teastep@shorewall.net>
---
 Shorewall/Perl/Shorewall/Config.pm    |  9 +++++----
 Shorewall/Perl/Shorewall/Providers.pm | 25 ++++++++++++++++++-------
 2 files changed, 23 insertions(+), 11 deletions(-)

diff --git a/Shorewall/Perl/Shorewall/Config.pm b/Shorewall/Perl/Shorewall/Config.pm
index dc4e585fe..3e0ff0b18 100644
--- a/Shorewall/Perl/Shorewall/Config.pm
+++ b/Shorewall/Perl/Shorewall/Config.pm
@@ -289,7 +289,7 @@ my  %capdesc = ( NAT_ENABLED     => 'NAT',
 		 IPTABLES_S      => 'iptables -S',
 		 BASIC_FILTER    => 'Basic Filter',
 		 CT_TARGET       => 'CT Target',
-		 STATISTICS_MATCH => 
+		 STATISTIC_MATCH => 
 		                    'Statistics Match',
 		 CAPVERSION      => 'Capability Version',
 		 KERNELVERSION   => 'Kernel Version',
@@ -680,7 +680,7 @@ sub initialize( $ ) {
 	       IPTABLES_S => undef,
 	       BASIC_FILTER => undef,
 	       CT_TARGET => undef,
-	       STATISTICS_MATCH => undef,
+	       STATISTIC_MATCH => undef,
 	       CAPVERSION => undef,
 	       KERNELVERSION => undef,
 	       );
@@ -2762,7 +2762,7 @@ sub Ct_Target() {
     $ct_target;
 }
 
-sub Statistics_Match() {
+sub Statistic_Match() {
     qt1( "$iptables -A $sillyname -m statistic --mode nth --every 2 --packet 1" );
 }
 
@@ -2820,7 +2820,7 @@ our %detect_capability =
       RAWPOST_TABLE => \&Rawpost_Table,
       REALM_MATCH => \&Realm_Match,
       RECENT_MATCH => \&Recent_Match,
-      STATISTICS_MATCH => \&Statistics_Match,
+      STATISTIC_MATCH => \&Statistic_Match,
       TCPMSS_MATCH => \&Tcpmss_Match,
       TIME_MATCH => \&Time_Match,
       TPROXY_TARGET => \&Tproxy_Target,
@@ -2957,6 +2957,7 @@ sub determine_capabilities() {
 	$capabilities{IPTABLES_S}      = detect_capability( 'IPTABLES_S' );
 	$capabilities{BASIC_FILTER}    = detect_capability( 'BASIC_FILTER' );
 	$capabilities{CT_TARGET}       = detect_capability( 'CT_TARGET' );
+	$capabilities{STATISTIC_MATCH} = detect_capability( 'STATISTIC_MATCH' );
 
 
 	qt1( "$iptables -F $sillyname" );
diff --git a/Shorewall/Perl/Shorewall/Providers.pm b/Shorewall/Perl/Shorewall/Providers.pm
index 5b4741d94..874965bb4 100644
--- a/Shorewall/Perl/Shorewall/Providers.pm
+++ b/Shorewall/Perl/Shorewall/Providers.pm
@@ -53,6 +53,7 @@ my  @routemarked_providers;
 my  %routemarked_interfaces;
 our @routemarked_interfaces;
 my  %provider_interfaces;
+my  @stat_providers;
 
 my $balancing;
 my $fallback;
@@ -82,14 +83,15 @@ use constant { ROUTEMARKED_SHARED => 1, ROUTEMARKED_UNSHARED => 2 };
 sub initialize( $ ) {
     $family = shift;
 
-    @routemarked_providers = ();
+    @routemarked_providers  = ();
     %routemarked_interfaces = ();
     @routemarked_interfaces = ();
     %provider_interfaces    = ();
-    $balancing           = 0;
-    $fallback            = 0;
-    $first_default_route  = 1;
-    $first_fallback_route = 1;
+    @stat_providers         = ();
+    $balancing              = 0;
+    $fallback               = 0;
+    $first_default_route    = 1;
+    $first_fallback_route   = 1;
 
     %providers  = ( local   => { number => LOCAL_TABLE   , mark => 0 , optional => 0 ,routes => [], rules => [] } ,
 		    main    => { number => MAIN_TABLE    , mark => 0 , optional => 0 ,routes => [], rules => [] } ,
@@ -366,8 +368,8 @@ sub process_a_provider() {
 	$gateway = '';
     }
 
-    my ( $loose, $track,                   $balance , $default, $default_balance,                $optional,                           $mtu, $local ) =
-	(0,      $config{TRACK_PROVIDERS}, 0 ,        0,        $config{USE_DEFAULT_RT} ? 1 : 0, interface_is_optional( $interface ), ''  , 0 );
+    my ( $loose, $track,                   $balance , $default, $default_balance,                $optional,                           $mtu, $local , $stat ) =
+	(0,      $config{TRACK_PROVIDERS}, 0 ,        0,        $config{USE_DEFAULT_RT} ? 1 : 0, interface_is_optional( $interface ), ''  , 0      , 0);
 
     unless ( $options eq '-' ) {
 	for my $option ( split_list $options, 'option' ) {
@@ -408,6 +410,8 @@ sub process_a_provider() {
 		$local = 1;
 		$track = 0           if $config{TRACK_PROVIDERS};
 		$default_balance = 0 if $config{USE_DEFAULT_RT};
+	    } elsif ( $option eq 'stat' ) {
+		$stat = 1;
 	    } else {
 		fatal_error "Invalid option ($option)";
 	    }
@@ -488,6 +492,7 @@ sub process_a_provider() {
 			   duplicate   => $duplicate ,
 			   address     => $address ,
 			   local       => $local ,
+			   stat        => $stat ,
 			   rules       => [] ,
 			   routes      => [] ,
 			 };
@@ -506,6 +511,12 @@ sub process_a_provider() {
 	push @routemarked_providers, $providers{$table};
     }
 
+    if ( $stat ) {
+	require_capability 'STATISTIC_MATCH', q(The 'stat' option), 's';
+	fatal_error q('stat' requires either 'balance' or 'fallback=<weight>') unless $balance || $default > 0;
+	push @stat_providers, $providers{$table};
+    }
+
     push @providers, $table;
 
     progress_message "   Provider \"$currentline\" $done";