diff --git a/New/compiler.pl b/New/compiler.pl index 227700d2c..e3f04be2c 100755 --- a/New/compiler.pl +++ b/New/compiler.pl @@ -15,6 +15,7 @@ use Shorewall::Providers; use Shorewall::Policy; use Shorewall::Macros; use Shorewall::Actions; +use Shorewall::Accounting; # # Set to one if we find a SECTION @@ -928,100 +929,6 @@ sub process_rules() { $section = 'DONE'; } -# -# Accounting -# -my $jumpchainref; - -sub process_accounting_rule( $$$$$$$$ ) { - my ($action, $chain, $source, $dest, $proto, $ports, $sports, $user ) = @_; - - sub accounting_error() { - warning_message "Invalid Accounting rule \"$line\""; - } - - sub jump_to_chain( $ ) { - my $jumpchain = $_[0]; - $jumpchainref = ensure_chain( 'filter', $jumpchain ); - "-j $jumpchain"; - } - - $chain = 'accounting' unless $chain and $chain ne '-'; - - my $chainref = ensure_filter_chain $chain , 0; - - my $target = ''; - - my $rule = do_proto( $proto, $ports, $sports ) . do_user ( $user ); - my $rule2 = 0; - - unless ( $action eq 'COUNT' ) { - if ( $action eq 'DONE' ) { - $target = '-j RETURN'; - } else { - ( $action, my $cmd ) = split /:/, $action; - if ( $cmd ) { - if ( $cmd eq 'COUNT' ) { - $rule2=1; - $target = jump_to_chain $action; - } elsif ( $cmd ne 'JUMP' ) { - accounting_error; - } - } else { - $target = jump_to_chain $action; - } - } - } - - expand_rule - $chainref , - $rule , - $source , - $dest , - '' , - $target , - '' , - '' , - '' ; - - if ( $rule2 ) { - expand_rule - $jumpchainref , - $rule , - $source , - $dest , - '' , - '' , - '' , - '' , - '' ; - } -} - -sub setup_accounting() { - - open ACC, "$ENV{TMP_DIR}/accounting" or fatal_error "Unable to open stripped accounting file: $!"; - - while ( $line = ) { - - chomp $line; - $line =~ s/\s+/ /g; - - my ( $action, $chain, $source, $dest, $proto, $ports, $sports, $user, $extra ) = split /\s+/, $line; - - accounting_error if $extra; - process_accounting_rule $action, $chain, $source, $dest, $proto, $ports, $sports, $user; - } - - close ACC; - - if ( $filter_table->{accounting} ) { - for my $chain qw/INPUT FORWARD OUTPUT/ { - insert_rule $filter_table->{$chain}, 1, '-j accounting'; - } - } -} - # # To quote an old comment, generate_matrix makes a sows ear out of a silk purse. #