holm/shorewall_code
1
0
Fork 0
forked from extern/shorewall_code
Code Pull Requests Activity

Implement format-2 Actions

Browse Source 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
This commit is contained in:
Tom Eastep 2010-12-12 12:09:48 -08:00
parent 1bbe95ead8
commit dfa47cc300
1 changed files with 39 additions and 18 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

57
Shorewall/Perl/Shorewall/Actions.pm
View File

@ -590,9 +590,9 @@ sub process_actions1() {
while ( read_a_line ) { while ( read_a_line ) {
my ($wholetarget, @rest ) = split_line 1, 9, 'action file'; my ($wholetarget, @rest ) = split_line 1, 13, 'action file';
process_action1( $action, $wholetarget ); process_action1( $action, $wholetarget ) unless $wholetarget eq 'FORMAT';
} }
@ -627,8 +627,8 @@ sub process_actions2 () {
# #
# This function is called to process each rule generated from an action file. # This function is called to process each rule generated from an action file.
# #
sub process_action( $$$$$$$$$$$$$$ ) { sub process_action( $$$$$$$$$$$$$$$ ) {
my ($chainref, $actionname, $target, $source, $dest, $proto, $ports, $sports, $rate, $user, $mark, $connlimit, $time, $headers ) = @_; my ($chainref, $actionname, $target, $source, $dest, $proto, $ports, $sports, $origdest, $rate, $user, $mark, $connlimit, $time, $headers ) = @_;
my ( $action , $level ) = split_action $target; my ( $action , $level ) = split_action $target;
@ -655,7 +655,7 @@ sub process_action( $$$$$$$$$$$$$$ ) {
do_headers ( $headers ) , do_headers ( $headers ) ,
$source , $source ,
$dest , $dest ,
'', #Original Dest $origdest ,
$action , $action ,
$level , $level ,
$action , $action ,
@ -665,8 +665,8 @@ sub process_action( $$$$$$$$$$$$$$ ) {
# #
# Expand Macro in action files. # Expand Macro in action files.
# #
sub process_macro3( $$$$$$$$$$$$ ) { sub process_macro3( $$$$$$$$$$$$$$$$ ) {
my ( $macro, $param, $chainref, $action, $source, $dest, $proto, $ports, $sports, $rate, $user, $mark ) = @_; my ( $macro, $param, $chainref, $action, $source, $dest, $proto, $ports, $sports, $origdest, $rate, $user, $mark, $connlimit, $time, $headers ) = @_;
my $nocomment = no_comment; my $nocomment = no_comment;
@ -741,14 +741,21 @@ sub process_macro3( $$$$$$$$$$$$ ) {
$mdest = '' if $mdest eq '-'; $mdest = '' if $mdest eq '-';
$mproto = merge_macro_column $mproto, $proto; process_action( $chainref,
$mports = merge_macro_column $mports, $ports; $action,
$msports = merge_macro_column $msports, $sports; $mtarget,
$mrate = merge_macro_column $mrate, $rate; $msource,
$muser = merge_macro_column $muser, $user; $mdest,
$mmark = merge_macro_column $mmark, $mark; merge_macro_column( $mproto, $proto ),
merge_macro_column( $mports, $ports ),
process_action $chainref, $action, $mtarget, $msource, $mdest, $mproto, $mports, $msports, $mrate, $muser, $mark, $mconnlimit, $mtime, $mheaders; merge_macro_column( $msports, $sports ),
merge_macro_column( $morigdest, $origdest ),
merge_macro_column( $mrate, $rate ),
merge_macro_column( $muser, $user ),
merge_macro_column( $mmark, $mark ),
merge_macro_column( $mconnlimit, $connlimit ),
merge_macro_column( $mtime, $time ),
merge_macro_column( $mheaders, $headers ) );
} }
pop_open; pop_open;
@ -764,6 +771,7 @@ sub process_macro3( $$$$$$$$$$$$ ) {
sub process_action3( $$$$$ ) { sub process_action3( $$$$$ ) {
my ( $chainref, $wholeaction, $action, $level, $tag ) = @_; my ( $chainref, $wholeaction, $action, $level, $tag ) = @_;
my $actionfile = find_file "action.$action"; my $actionfile = find_file "action.$action";
my $format = 1;
fatal_error "Missing Action File ($actionfile)" unless -f $actionfile; fatal_error "Missing Action File ($actionfile)" unless -f $actionfile;
@ -773,13 +781,26 @@ sub process_action3( $$$$$ ) {
while ( read_a_line ) { while ( read_a_line ) {
my ($target, $source, $dest, $proto, $ports, $sports, $rate, $user, $mark ) = split_line1 1, 9, 'action file'; my ($target, $source, $dest, $proto, $ports, $sports, $origdest, $rate, $user, $mark, $connlimit, $time, $headers );
if ( $format == 1 ) {
($target, $source, $dest, $proto, $ports, $sports, $rate, $user, $mark ) = split_line1 1, 9, 'action file';
$connlimit = $time = $headers = '-';
} else {
($target, $source, $dest, $proto, $ports, $sports, $origdest, $rate, $user, $mark, $connlimit, $time, $headers ) = split_line1 1, 13, 'action file';
}
if ( $target eq 'COMMENT' ) { if ( $target eq 'COMMENT' ) {
process_comment; process_comment;
next; next;
} }
if ( $target eq 'FORMAT' ) {
my @columns = split_line 2, 2, 'action file';
fatal_error "FORMAT must be 1 or 2" unless $source =~ /^[12]$/;
next;
}
my $target2 = merge_levels $wholeaction, $target; my $target2 = merge_levels $wholeaction, $target;
my ( $action2 , $level2 ) = split_action $target2; my ( $action2 , $level2 ) = split_action $target2;
@ -797,9 +818,9 @@ sub process_action3( $$$$$ ) {
} }
if ( $action2type == MACRO ) { if ( $action2type == MACRO ) {
process_macro3( $action2, $param, $chainref, $action, $source, $dest, $proto, $ports, $sports, $rate, $user, $mark ); process_macro3( $action2, $param, $chainref, $action, $source, $dest, $proto, $ports, $sports, $origdest, $rate, $user, $mark, $connlimit, $time, $headers );
} else { } else {
process_action $chainref, $action, $target2, $source, $dest, $proto, $ports, $sports, $rate, $user, $mark, '-', '-', '-'; process_action( $chainref, $action, $target2, $source, $dest, $proto, $ports, $sports, $origdest, $rate, $user, $mark, $connlimit, $time, $headers );
} }
} }