1
0

Some inconsequential cleanup

git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@5672 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
This commit is contained in:
teastep 2007-03-24 21:12:10 +00:00
parent 7a82b87038
commit db0f52c785
2 changed files with 30 additions and 11 deletions

View File

@ -143,11 +143,11 @@ sub new_action( $ ) {
}
#
# Add an entry to the requiredby hash
# Record a 'requires' relationship between a pair of actions.
#
sub add_requiredby ( $$ ) {
my ($requires , $requiredby ) = @_;
$actions{$requiredby}{requires}{$requires} = 1;
my ($requiredby , $requires ) = @_;
$actions{$requires}{requires}{$requiredby} = 1;
}
#
@ -159,15 +159,10 @@ sub add_requiredby ( $$ ) {
# set CHAIN to the name of the iptables chain where rules are to be added.
# Similarly, LEVEL and TAG contain the log level and log tag respectively.
#
# For each <action>, we maintain two variables:
#
# <action>_actchain - The action chain number.
# <action>_chains - List of ( level[:tag] , chainname ) pairs
#
# The maximum length of a chain name is 30 characters -- since the log
# action chain name is 2-3 characters longer than the base chain name,
# this function truncates the original chain name where necessary before
# it adds the leading "%" and trailing sequence number.#
# it adds the leading "%" and trailing sequence number.
#
sub createlogactionchain( $$ ) {
my ( $action, $level ) = @_;
@ -388,6 +383,7 @@ sub process_actions2 () {
# Generate chain for non-builtin action invocation
#
sub process_action3( $$$$$ ) {
my ( $chainref, $wholeaction, $action, $level, $tag ) = @_;
#
# This function is called to process each rule generated from an action file.
#
@ -408,7 +404,6 @@ sub process_action3( $$$$$ ) {
'' );
}
my ( $chainref, $wholeaction, $action, $level, $tag ) = @_;
my $actionfile = find_file "action.$action";
my $standard = ( $actionfile =~ /^($env{SHAREDIR})/ );

View File

@ -3,6 +3,30 @@ Shorewall-pl 3.9.0
This companion product to Shorewall 3.4.2 and later includes a complete
rewrite of the compiler in Perl.
Shorewall-pl depends on Shorewall (3.4.2 or later). So if you want to use the
new compiler, you must install both Shorewall and Shorewall-pl.
Even if you install Shorewall-pl, you have a choice of which compiler you use.
The choice is specified in the shorewall.conf file so you can select the
compiler to use on a system-by-system basis when running Shorewall Lite on
remote systems.
I decided to make Shorewall-pl a separate product for several reasons:
a) Embedded applications are unlikely to adopt Shorewall-pl; even Mini-Perl
has a substantial disk and Ram footprint.
b) Because of the gross incompatibilities between the new compiler and the
old (see below), migration to the new compiler must be voluntary.
c) By allowing Shorewall-pl to co-exist with the current Shorewall stable
release (3.4), I'm hoping that the new compiler will get more testing and
validation than it would if I were to package it with a new development
version of Shorewall itself.
d) Along the same vein, I think that users will be more likely to experiment
with the new compiler if they can easily fall back to the old one if things
get sticky.
The good news:
@ -99,7 +123,7 @@ variables that you set or create.
To actually use the new compiler, add this to shorewall.conf:
SHOREWALL4=Yes
SHOREWALL_PL=Yes
If you add this setting to /etc/shorewall/shorewall.conf then by
default, the new compiler will be used on the system. If you add it to