holm/shorewall_code
1
0
Fork 0
forked from extern/shorewall_code
Code Pull Requests Activity

Build $VARDIR/zones file

Browse Source 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@5616 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
This commit is contained in:
teastep 2007-03-21 20:35:40 +00:00
parent 7dbdee5573
commit dd9323c2c3
4 changed files with 68 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
New/Shorewall/Proxyarp.pm
View File

@ -32,13 +32,13 @@ use strict;
our @ISA = qw(Exporter); our @ISA = qw(Exporter);
our @EXPORT = qw( our @EXPORT = qw(
setup_proxy_arp setup_proxy_arp
@proxyarp dump_proxy_arp
); );
our @EXPORT_OK = qw( ); our @EXPORT_OK = qw( );
our @VERSION = 1.00; our @VERSION = 1.00;
our @proxyarp; my @proxyarp;
sub setup_one_proxy_arp( $$$$$ ) { sub setup_one_proxy_arp( $$$$$ ) {
my ( $address, $interface, $external, $haveroute, $persistent) = @_; my ( $address, $interface, $external, $haveroute, $persistent) = @_;
@ -128,4 +128,10 @@ fi\n";
} }
} }
sub dump_proxy_arp() {
for $line ( @proxyarp ) {
emit_unindented $line;
}
}
1; 1;

11
New/Shorewall/Rules.pm
View File

@ -44,8 +44,7 @@ our @EXPORT = qw( add_common_rules
process_rules process_rules
generate_matrix generate_matrix
setup_mss setup_mss
dump_rule_chains
@rule_chains
); );
our @EXPORT_OK = qw( process_rule process_rule1 ); our @EXPORT_OK = qw( process_rule process_rule1 );
our @VERSION = 1.00; our @VERSION = 1.00;
@ -53,7 +52,7 @@ our @VERSION = 1.00;
# #
# Keep track of chains for the /var/lib/shorewall[-lite]/chains file # Keep track of chains for the /var/lib/shorewall[-lite]/chains file
# #
our @rule_chains; my @rule_chains;
# #
# Set to one if we find a SECTION # Set to one if we find a SECTION
# #
@ -1544,4 +1543,10 @@ sub setup_mss( $ ) {
add_rule $filter_table->{FORWARD} , "-p tcp --tcp-flags SYN,RST SYN -j TCPMSS $option"; add_rule $filter_table->{FORWARD} , "-p tcp --tcp-flags SYN,RST SYN -j TCPMSS $option";
} }
sub dump_rule_chains() {
for my $arrayref ( @rule_chains ) {
emit_unindented "@$arrayref";
}
}
1; 1;

42
New/Shorewall/Zones.pm
View File

@ -37,6 +37,7 @@ our @EXPORT = qw( NOTHING
determine_zones determine_zones
zone_report zone_report
dump_zone_contents
@zones @zones
%zones %zones
@ -304,4 +305,45 @@ sub zone_report()
} }
} }
sub dump_zone_contents()
{
for my $zone ( @zones )
{
my $zoneref = $zones{$zone};
my $hostref = $zoneref->{hosts};
my $type = $zoneref->{type};
my $optionref = $zoneref->{options};
my $exclusions = $zoneref->{exclusions};
my $entry = "$zone $type";
if ( $hostref ) {
for my $type ( sort keys %$hostref ) {
my $interfaceref = $hostref->{$type};
for my $interface ( sort keys %$interfaceref ) {
my $arrayref = $interfaceref->{$interface};
for my $groupref ( @$arrayref ) {
my $hosts = $groupref->{hosts};
if ( $hosts ) {
my $grouplist = join ',', ( @$hosts );
$entry .= " $interface:$grouplist";
}
}
}
}
}
if ( @$exclusions ) {
$entry .= ' exclude';
for my $host ( @$exclusions ) {
$entry .= " $host";
}
}
emit_unindented $entry;
}
}
1; 1;

14
New/compiler.pl
View File

@ -510,17 +510,19 @@ sub generate_script_3() {
emit 'cat > ${VARDIR}/proxyarp << __EOF__'; emit 'cat > ${VARDIR}/proxyarp << __EOF__';
for $line ( @proxyarp ) { dump_proxy_arp;
emit_unindented $line;
}
emit_unindented '__EOF__'; emit_unindented '__EOF__';
emit 'cat > ${VARDIR}/chains << __EOF__'; emit 'cat > ${VARDIR}/chains << __EOF__';
for my $arrayref ( @rule_chains ) { dump_rule_chains;
emit_unindented "@$arrayref";
} emit_unindented '__EOF__';
emit 'cat > ${VARDIR}/zones << __EOF__';
dump_zone_contents;
emit_unindented '__EOF__'; emit_unindented '__EOF__';