forked from extern/shorewall_code
Some inconsequential cleanup
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@5672 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
This commit is contained in:
parent
7a82b87038
commit
db0f52c785
New
@ -143,11 +143,11 @@ sub new_action( $ ) {
|
||||
}
|
||||
|
||||
#
|
||||
# Add an entry to the requiredby hash
|
||||
# Record a 'requires' relationship between a pair of actions.
|
||||
#
|
||||
sub add_requiredby ( $$ ) {
|
||||
my ($requires , $requiredby ) = @_;
|
||||
$actions{$requiredby}{requires}{$requires} = 1;
|
||||
my ($requiredby , $requires ) = @_;
|
||||
$actions{$requires}{requires}{$requiredby} = 1;
|
||||
}
|
||||
|
||||
#
|
||||
@ -159,15 +159,10 @@ sub add_requiredby ( $$ ) {
|
||||
# set CHAIN to the name of the iptables chain where rules are to be added.
|
||||
# Similarly, LEVEL and TAG contain the log level and log tag respectively.
|
||||
#
|
||||
# For each <action>, we maintain two variables:
|
||||
#
|
||||
# <action>_actchain - The action chain number.
|
||||
# <action>_chains - List of ( level[:tag] , chainname ) pairs
|
||||
#
|
||||
# The maximum length of a chain name is 30 characters -- since the log
|
||||
# action chain name is 2-3 characters longer than the base chain name,
|
||||
# this function truncates the original chain name where necessary before
|
||||
# it adds the leading "%" and trailing sequence number.#
|
||||
# it adds the leading "%" and trailing sequence number.
|
||||
#
|
||||
sub createlogactionchain( $$ ) {
|
||||
my ( $action, $level ) = @_;
|
||||
@ -388,6 +383,7 @@ sub process_actions2 () {
|
||||
# Generate chain for non-builtin action invocation
|
||||
#
|
||||
sub process_action3( $$$$$ ) {
|
||||
my ( $chainref, $wholeaction, $action, $level, $tag ) = @_;
|
||||
#
|
||||
# This function is called to process each rule generated from an action file.
|
||||
#
|
||||
@ -408,7 +404,6 @@ sub process_action3( $$$$$ ) {
|
||||
'' );
|
||||
}
|
||||
|
||||
my ( $chainref, $wholeaction, $action, $level, $tag ) = @_;
|
||||
my $actionfile = find_file "action.$action";
|
||||
my $standard = ( $actionfile =~ /^($env{SHAREDIR})/ );
|
||||
|
||||
|
@ -3,6 +3,30 @@ Shorewall-pl 3.9.0
|
||||
This companion product to Shorewall 3.4.2 and later includes a complete
|
||||
rewrite of the compiler in Perl.
|
||||
|
||||
Shorewall-pl depends on Shorewall (3.4.2 or later). So if you want to use the
|
||||
new compiler, you must install both Shorewall and Shorewall-pl.
|
||||
|
||||
Even if you install Shorewall-pl, you have a choice of which compiler you use.
|
||||
The choice is specified in the shorewall.conf file so you can select the
|
||||
compiler to use on a system-by-system basis when running Shorewall Lite on
|
||||
remote systems.
|
||||
|
||||
I decided to make Shorewall-pl a separate product for several reasons:
|
||||
|
||||
a) Embedded applications are unlikely to adopt Shorewall-pl; even Mini-Perl
|
||||
has a substantial disk and Ram footprint.
|
||||
|
||||
b) Because of the gross incompatibilities between the new compiler and the
|
||||
old (see below), migration to the new compiler must be voluntary.
|
||||
|
||||
c) By allowing Shorewall-pl to co-exist with the current Shorewall stable
|
||||
release (3.4), I'm hoping that the new compiler will get more testing and
|
||||
validation than it would if I were to package it with a new development
|
||||
version of Shorewall itself.
|
||||
|
||||
d) Along the same vein, I think that users will be more likely to experiment
|
||||
with the new compiler if they can easily fall back to the old one if things
|
||||
get sticky.
|
||||
|
||||
The good news:
|
||||
|
||||
@ -99,7 +123,7 @@ variables that you set or create.
|
||||
|
||||
To actually use the new compiler, add this to shorewall.conf:
|
||||
|
||||
SHOREWALL4=Yes
|
||||
SHOREWALL_PL=Yes
|
||||
|
||||
If you add this setting to /etc/shorewall/shorewall.conf then by
|
||||
default, the new compiler will be used on the system. If you add it to
|
||||
|
Loading…
Reference in New Issue
Block a user