holm/shorewall_code
1
0
Fork 0
forked from extern/shorewall_code
Code Pull Requests Activity

Finish implementing alternate parameter syntax

Browse Source 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@7694 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
This commit is contained in:
teastep 2007-11-19 18:58:49 +00:00
parent 1c293a8386
commit e101e6d0dd
2 changed files with 27 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

32
Shorewall-perl/Shorewall/Actions.pm
View File

@ -34,6 +34,7 @@ use strict;
our @ISA = qw(Exporter); our @ISA = qw(Exporter);
our @EXPORT = qw( merge_levels our @EXPORT = qw( merge_levels
isolate_basic_target isolate_basic_target
get_target_param
add_requiredby add_requiredby
createactionchain createactionchain
find_logactionchain find_logactionchain
@ -219,7 +220,22 @@ sub merge_macro_column( $$ ) {
# Get Macro Name -- strips away trailing /* and :* from the first column in a rule, macro or action. # Get Macro Name -- strips away trailing /* and :* from the first column in a rule, macro or action.
# #
sub isolate_basic_target( $ ) { sub isolate_basic_target( $ ) {
( split '[/:]', $_[0])[0]; my $target = ( split '[/:]', $_[0])[0];
$target =~ /^(\w+)[(].*[)]$/ ? $1 : $target;
}
#
# Split the passed target into the basic target and parameter
#
sub get_target_param( $ ) {
my ( $target, $param ) = split '/', $_[0];
unless ( defined $param ) {
( $target, $param ) = ( $1, $2 ) if $target =~ /^(\w+)[(](.*)[)]$/;
}
( $target, $param );
} }
# #
@ -428,7 +444,7 @@ sub process_action1 ( $$ ) {
} elsif ( $target eq 'COMMENT' ) { } elsif ( $target eq 'COMMENT' ) {
fatal_error "Invalid TARGET ($wholetarget)" unless $wholetarget eq $target; fatal_error "Invalid TARGET ($wholetarget)" unless $wholetarget eq $target;
} else { } else {
( $target, my $param ) = split '/', $target; ( $target, my $param ) = get_target_param $target;
return if $target eq 'NFQUEUE'; return if $target eq 'NFQUEUE';
@ -532,13 +548,17 @@ sub process_action( $$$$$$$$$$ ) {
my ( $action , $level ) = split_action $target; my ( $action , $level ) = split_action $target;
( $action, my $param ) = get_target_param $action;
$param = 1 unless defined $param;
expand_rule ( $chainref , expand_rule ( $chainref ,
NO_RESTRICT , NO_RESTRICT ,
do_proto( $proto, $ports, $sports ) . do_ratelimit( $rate, $action ) . do_user $user , do_proto( $proto, $ports, $sports ) . do_ratelimit( $rate, $action ) . do_user $user ,
$source , $source ,
$dest , $dest ,
'', #Original Dest '', #Original Dest
'-j ' . ($action eq 'REJECT' ? 'reject' : $action eq 'CONTINUE' ? 'RETURN' : $action), '-j ' . ($action eq 'REJECT' ? 'reject' : $action eq 'CONTINUE' ? 'RETURN' : $action eq 'NFQUEUE' ? "NFQUEUE --queue-num $param" : $action),
$level , $level ,
$action , $action ,
'' ); '' );
@ -634,7 +654,9 @@ sub process_action3( $$$$$ ) {
my ( $action2 , $level2 ) = split_action $target2; my ( $action2 , $level2 ) = split_action $target2;
my $action2type = $targets{isolate_basic_target $action2}; ( $action2 , my $param ) = get_target_param $action2;
my $action2type = $targets{$action2};
unless ( $action2type == STANDARD ) { unless ( $action2type == STANDARD ) {
if ( $action2type & ACTION ) { if ( $action2type & ACTION ) {
@ -645,8 +667,6 @@ sub process_action3( $$$$$ ) {
} }
if ( $action2type == MACRO ) { if ( $action2type == MACRO ) {
( $action2, my $param ) = split '/', $action2;
fatal_error "Null Macro" unless my $fn = $macros{$action2}; fatal_error "Null Macro" unless my $fn = $macros{$action2};
process_macro3( $fn, $param, $chainref, $action, $source, $dest, $proto, $ports, $sports, $rate, $user ); process_macro3( $fn, $param, $chainref, $action, $source, $dest, $proto, $ports, $sports, $rate, $user );

2
Shorewall-perl/Shorewall/Rules.pm
View File

@ -894,7 +894,7 @@ sub process_macro ( $$$$$$$$$$$$$ ) {
sub process_rule1 ( $$$$$$$$$$$ ) { sub process_rule1 ( $$$$$$$$$$$ ) {
my ( $target, $source, $dest, $proto, $ports, $sports, $origdest, $ratelimit, $user, $mark, $wildcard ) = @_; my ( $target, $source, $dest, $proto, $ports, $sports, $origdest, $ratelimit, $user, $mark, $wildcard ) = @_;
my ( $action, $loglevel) = split_action $target; my ( $action, $loglevel) = split_action $target;
my ( $basictarget, $param ) = split '/', $action; my ( $basictarget, $param ) = get_target_param $action;
my $rule = ''; my $rule = '';
my $actionchainref; my $actionchainref;
my $optimize = $wildcard ? ( $basictarget =~ /!$/ ? 0 : $config{OPTIMIZE} ) : 0; my $optimize = $wildcard ? ( $basictarget =~ /!$/ ? 0 : $config{OPTIMIZE} ) : 0;