Unify file-related progress messages

git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@5759 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
This commit is contained in:
teastep 2007-03-30 15:57:08 +00:00
parent ccc8fc0b6c
commit f69be4124c
13 changed files with 128 additions and 71 deletions

View File

@ -110,12 +110,19 @@ sub process_accounting_rule( $$$$$$$$ ) {
sub setup_accounting() {
open_file 'accounting';
my $first_entry = 1;
my $fn = open_file 'accounting';
while ( read_a_line ) {
my ( $action, $chain, $source, $dest, $proto, $ports, $sports, $user ) = split_line 8, 'Accounting File';
if ( $first_entry ) {
progress_message2 "$doing $fn...";
$first_entry = 0;
}
process_accounting_rule $action, $chain, $source, $dest, $proto, $ports, $sports, $user;
}

View File

@ -304,7 +304,9 @@ sub expand_shell_variables( $ ) {
}
#
# Open a file, setting $currentfile.
# Open a file, setting $currentfile. Returns the absolute pathname if the file
# exists, is non-empty and was successfully opened. Terminates with a fatal error
# if the file exists, is non-empty, but the open fails.
#
sub open_file( $ ) {
my $fname = find_file $_[0];
@ -352,7 +354,8 @@ sub pop_open() {
# - Ignore blank or comment-only lines.
# - Remove trailing comments.
# - Compress out extra whitespace.
# - Handle Line Continuation
# - Handle Line Continuation (We don't continue comment lines, thus avoiding user frustration
# when the last line of a comment inadvertently ends with '\').
# - Expand shell variables from $ENV.
# - Handle INCLUDE <filename>
#
@ -363,6 +366,7 @@ sub read_a_line {
$line = '';
while ( my $nextline = <$currentfile> ) {
$currentlinenumber++;
next if $nextline =~ /^\s*#/;
next if $nextline =~ /^\s*$/;

View File

@ -53,14 +53,14 @@ sub validate_hosts_file()
my $ipsec = 0;
my $first_entry = 1;
open_file 'hosts';
my $fn = open_file 'hosts';
while ( read_a_line ) {
my ($zone, $hosts, $options ) = split_line 3, 'hosts file';
if ( $first_entry ) {
progress_message2 "Validating hosts file...";
progress_message2 "$doing $fn...";
$first_entry = 0;
}

View File

@ -132,13 +132,20 @@ sub validate_interfaces_file()
upnp => 1,
);
open_file 'interfaces';
my $fn = open_file 'interfaces';
my $first_entry = 1;
while ( read_a_line ) {
my ($zone, $interface, $networks, $options ) = split_line 4, 'interfaces file';
my $zoneref;
if ( $first_entry ) {
progress_message2 "$doing $fn...";
$first_entry = 0;
}
if ( $zone eq '-' ) {
$zone = '';
} else {

View File

@ -240,14 +240,14 @@ sub setup_masq()
{
my $first_entry = 1;
open_file 'masq';
my $fn = open_file 'masq';
while ( read_a_line ) {
my ($fullinterface, $networks, $addresses, $proto, $ports, $ipsec) = split_line 6, 'masq file';
if ( $first_entry ) {
progress_message2 "$doing Masq file...";
progress_message2 "$doing $fn...";
require_capability( 'NAT_ENABLED' , 'a non-empty masq file' );
$first_entry = 0;
}
@ -354,14 +354,14 @@ sub setup_nat() {
my $first_entry = 1;
open_file 'nat';
my $fn = open_file 'nat';
while ( read_a_line ) {
my ( $external, $interface, $internal, $allints, $localnat ) = split_line 5, 'nat file';
if ( $first_entry ) {
progress_message2 "$doing one-to-one NAT...";
progress_message2 "$doing $fn...";
require_capability( 'NAT_ENABLED' , 'a non-empty nat file' );
$first_entry = 0;
}
@ -389,14 +389,14 @@ sub setup_netmap() {
my $first_entry = 1;
open_file 'netmap';
my $fn = open_file 'netmap';
while ( read_a_line ) {
my ( $type, $net1, $interface, $net2 ) = split_line 4, 'netmap file';
if ( $first_entry ) {
progress_message2 "$doing NETMAP...";
progress_message2 "$doing $fn...";
require_capability( 'NAT_ENABLED' , 'a non-empty netmap file' );
$first_entry = 0;
}

View File

@ -128,14 +128,19 @@ sub validate_policy()
}
}
open_file 'policy';
my $fn = open_file 'policy';
my $first_entry = 1;
while ( read_a_line ) {
my ( $client, $server, $policy, $loglevel, $synparams ) = split_line 5, 'policy file';
$loglevel = '' unless defined $loglevel;
$synparams = '' unless defined $synparams;
if ( $first_entry ) {
progress_message2 "$doing $fn...";
$first_entry = 0;
}
$loglevel = '' if $loglevel eq '-';
$synparams = '' if $synparams eq '-';

View File

@ -79,7 +79,6 @@ sub setup_route_marking() {
}
sub setup_providers() {
my $fn = find_file 'providers';
my $providers = 0;
sub copy_table( $$ ) {
@ -344,7 +343,7 @@ sub setup_providers() {
#
# Setup_Providers() Starts Here....
#
open_file $fn;
my $fn = open_file 'providers';
while ( read_a_line ) {
unless ( $providers ) {
@ -427,17 +426,21 @@ sub setup_providers() {
emit "\$echocommand \"$providers{$table}{number}\\t$table\" >> /etc/iproute2/rt_tables";
}
my $fn = find_file 'route_rules';
my $fn = open_file 'route_rules';
if ( -f $fn ) {
progress_message2 "$doing $fn...";
if ( $fn ) {
my $first_entry = 0;
emit '';
open_file $fn;
while ( read_a_line ) {
if ( $first_entry ) {
progress_message2 "$doing $fn...";
$first_entry = 0;
}
my ( $source, $dest, $provider, $priority ) = split_line 4, 'route_rules file';
add_an_rtrule( $source, $dest, $provider , $priority );

View File

@ -81,8 +81,11 @@ progress_message \" Host $address connected to $interface added to ARP on $ext
sub setup_proxy_arp() {
my $interfaces= find_interfaces_by_option 'proxyarp';
my $fn = open_file 'proxyarp';
if ( @$interfaces || open_file 'proxyarp' ) {
if ( @$interfaces || $fn ) {
my $first_entry = 1;
save_progress_message "Setting up Proxy ARP...";
@ -92,6 +95,11 @@ sub setup_proxy_arp() {
my ( $address, $interface, $external, $haveroute, $persistent ) = split_line 5, 'proxyarp file';
if ( $first_entry ) {
progress_message2 "$doing $fn...";
$first_entry = 0;
}
$set{$interface} = 1;
$reset{$external} = 1 unless $set{$external};

View File

@ -64,7 +64,7 @@ sub process_tos() {
my $chain = $capabilities{MANGLE_FORWARD} ? 'fortos' : 'pretos';
my $stdchain = $capabilities{MANGLE_FORWARD} ? 'FORWARD' : 'PREROUTING';
if ( open_file 'tos' ) {
if ( my $fn = open_file 'tos' ) {
my $first_entry = 1;
my ( $pretosref, $outtosref );
@ -74,7 +74,7 @@ sub process_tos() {
my ($src, $dst, $proto, $sports, $ports , $tos ) = split_line 6, 'tos file';
if ( $first_entry ) {
progress_message2 'Setting up TOS...';
progress_message2 "$doing $fn...";
$pretosref = ensure_chain 'mangle' , $chain;
$outtosref = ensure_chain 'mangle' , 'outtos';
$first_entry = 0;
@ -127,14 +127,19 @@ sub setup_ecn()
my %interfaces;
my @hosts;
if ( open_file 'ecn' ) {
progress_message2 join( '' , "$doing ", find_file( 'ecn' ), '...' );
if ( my $fn = open_file 'ecn' ) {
my $first_entry = 1;
while ( read_a_line ) {
my ($interface, $hosts ) = split_line 2, 'ecn file';
if ( $first_entry ) {
progress_message2 "$doing $fn...";
$first_entry = 0;
}
fatal_error "Unknown interface ( $interface )" unless known_interface $interface;
$interfaces{$interface} = 1;
@ -189,7 +194,9 @@ sub setup_rfc1918_filteration( $ ) {
$chainref = new_standard_chain 'rfc1918d' if $config{RFC1918_STRICT};
open_file 'rfc1918';
my $fn = open_file 'rfc1918';
my $first_entry = 1;
while ( read_a_line ) {
@ -197,6 +204,11 @@ sub setup_rfc1918_filteration( $ ) {
my $s_target;
if ( $first_entry ) {
progress_message2 "$doing $fn...";
$first_entry = 0;
}
if ( $target eq 'logdrop' ) {
$target = 'rfc1918';
$s_target = 'rfc1918';
@ -249,8 +261,6 @@ sub setup_blacklist() {
my ( $level, $disposition ) = @config{'BLACKLIST_LOGLEVEL', 'BLACKLIST_DISPOSITION' };
progress_message2 " Setting up Blacklist...";
new_standard_chain 'blacklst';
my $target = $disposition eq 'REJECT' ? 'reject' : $disposition;
@ -265,14 +275,19 @@ sub setup_blacklist() {
$target = 'blacklog';
}
if ( open_file 'blacklist' ) {
if ( my $fn = open_file 'blacklist' ) {
progress_message( join( '', ' Processing ', find_file( 'blacklist' ), '...' ) );
my $first_entry = 1;
while ( read_a_line ) {
my ( $networks, $protocol, $ports ) = split_line 3, 'blacklist file';
if ( $first_entry ) {
progress_message2 "$doing $fn...";
$first_entry = 0;
}
expand_rule
ensure_filter_chain( 'blacklst' , 0 ) ,
NO_RESTRICT ,
@ -348,12 +363,11 @@ sub process_criticalhosts() {
sub process_routestopped() {
my $fn = find_file 'routestopped';
my ( @allhosts, %source, %dest );
progress_message2 "$doing $fn...";
my $fn = open_file 'routestopped';
open_file $fn;
my $first_entry = 1;
while ( read_a_line ) {
@ -361,6 +375,11 @@ sub process_routestopped() {
my ($interface, $hosts, $options ) = split_line 3, 'routestopped file';
if ( $first_entry ) {
progress_message2 "$doing $fn...";
$first_entry = 0;
}
$hosts = ALLIPv4 unless $hosts && $hosts ne '-';
my @hosts;
@ -478,7 +497,7 @@ sub add_common_rules() {
}
if ( @$list ) {
progress_message2 ' Adding Anti-smurf Rules';
progress_message2 'Adding Anti-smurf Rules';
for my $hostref ( @$list ) {
$interface = $hostref->[0];
my $ipsec = $hostref->[1];
@ -502,7 +521,7 @@ sub add_common_rules() {
$list = find_interfaces_by_option 'dhcp';
if ( @$list ) {
progress_message2 ' Adding rules for DHCP';
progress_message2 'Adding rules for DHCP';
for $interface ( @$list ) {
for $chain ( @{first_chains $interface}) {
@ -515,18 +534,14 @@ sub add_common_rules() {
$list = find_hosts_by_option 'norfc1918';
if ( @$list ) {
progress_message2 ' Enabling RFC1918 Filtering';
setup_rfc1918_filteration $list;
}
setup_rfc1918_filteration $list if @$list;
$list = find_hosts_by_option 'tcpflags';
if ( @$list ) {
my $disposition;
progress_message2 " $doing TCP Flags filtering...";
progress_message2 "$doing TCP Flags filtering...";
$chainref = new_standard_chain 'tcpflags';
@ -585,7 +600,7 @@ sub add_common_rules() {
$list = find_interfaces_by_option 'upnp';
if ( @$list ) {
progress_message2 ' $doing UPnP';
progress_message2 '$doing UPnP';
(new_chain 'nat', 'UPnP')->{referenced} = 1;
@ -639,12 +654,19 @@ sub setup_mac_lists( $ ) {
}
}
open_file 'maclist';
my $fn = open_file 'maclist';
my $first_entry = 1;
while ( read_a_line ) {
my ( $disposition, $interface, $mac, $addresses ) = split_line 4, 'maclist file';
if ( $first_entry ) {
progress_message2 "$doing $fn...";
$first_entry = 0;
}
if ( $disposition eq 'COMMENT' ) {
if ( $capabilities{COMMENTS} ) {
( $comment = $line ) =~ s/^\s*COMMENT\s*//;
@ -1169,12 +1191,19 @@ sub process_rule ( $$$$$$$$$ ) {
#
sub process_rules() {
open_file 'rules';
my $fn = open_file 'rules';
my $first_entry = 1;
while ( read_a_line ) {
my ( $target, $source, $dest, $proto, $ports, $sports, $origdest, $ratelimit, $user ) = split_line 9, 'rules file';
if ( $first_entry ) {
progress_message2 "$doing $fn...";
$first_entry = 0;
}
if ( $target eq 'COMMENT' ) {
if ( $capabilities{COMMENTS} ) {
( $comment = $line ) =~ s/^\s*COMMENT\s*//;

View File

@ -349,15 +349,12 @@ sub validate_tc_class( $$$$$$ ) {
}
sub setup_traffic_shaping() {
my $first_entry = 1;
save_progress_message "Setting up Traffic Control...";
my $fn = find_file 'tcdevices';
my $fn = open_file 'tcdevices';
if ( -f $fn ) {
open_file $fn;
if ( $fn ) {
my $first_entry = 1;
while ( read_a_line ) {
@ -373,12 +370,10 @@ sub setup_traffic_shaping() {
}
}
$fn = find_file 'tcclasses';
$fn = open_file 'tcclasses';
if ( -f $fn ) {
$first_entry = 1;
open_file $fn;
if ( $fn ) {
my $first_entry = 1;
while ( read_a_line ) {
@ -510,16 +505,14 @@ sub setup_tc() {
}
}
my $fn = find_file 'tcrules';
if ( open_file $fn ) {
if ( my $fn = open_file 'tcrules' ) {
while ( read_a_line ) {
my ( $mark, $source, $dest, $proto, $ports, $sports, $user, $testval, $length, $tos ) = split_line 10, 'tcrules file';
if ( $first_entry ) {
progress_message2 "$doing TC Rules...";
progress_message2 "$doing $fn...";
require_capability( 'MANGLE_ENABLED' , 'a non-empty tcrules file' );
$first_entry = 0;
}

View File

@ -233,14 +233,14 @@ sub setup_tunnels() {
#
# Setup_Tunnels() Starts Here
#
open_file 'tunnels';
my $fn = open_file 'tunnels';
while ( read_a_line ) {
my ( $kind, $zone, $gateway, $gatewayzones ) = split_line 4, 'tunnels file';
if ( $first_entry ) {
progress_message2 "$doing Tunnels...";
progress_message2 "$doing $fn...";
$first_entry = 0;
}

View File

@ -180,7 +180,9 @@ sub determine_zones()
{
my @z;
open_file 'zones';
my $fn = open_file 'zones';
my $first_entry = 1;
while ( read_a_line ) {
@ -188,6 +190,11 @@ sub determine_zones()
my ($zone, $type, $options, $in_options, $out_options ) = split_line 5, 'zones file';
if ( $first_entry ) {
progress_message2 "$doing $fn...";
$first_entry = 0;
}
if ( $zone =~ /(\w+):([\w,]+)/ ) {
$zone = $1;
@parents = split ',', $2;

View File

@ -656,12 +656,10 @@ sub compiler( $ ) {
#
# Process the zones file.
#
progress_message2 "Determining Zones...";
determine_zones;
#
# Process the interfaces file.
#
progress_message2 "Validating interfaces file...";
validate_interfaces_file;
#
# Process the hosts file.
@ -680,7 +678,6 @@ sub compiler( $ ) {
#
# Process the Policy File.
#
progress_message2 "Validating Policy file...";
validate_policy;
#
# Compile the 'stop_firewall()' function
@ -693,7 +690,6 @@ sub compiler( $ ) {
#
# Do all of the zone-independent stuff
#
progress_message2 "$doing Common Rules...";
add_common_rules;
#
# /proc stuff
@ -735,7 +731,6 @@ sub compiler( $ ) {
#
# Process the rules file.
#
progress_message2 "$doing Rules...";
process_rules;
#
# Add Tunnel rules.
@ -767,7 +762,6 @@ sub compiler( $ ) {
#
# Accounting.
#
progress_message2 "$doing Accounting...";
setup_accounting;
progress_message2 'Generating Rule Matrix...';