Unify file-related progress messages

git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@5759 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
This commit is contained in:
teastep 2007-03-30 15:57:08 +00:00
parent ccc8fc0b6c
commit f69be4124c
13 changed files with 128 additions and 71 deletions

View File

@ -110,12 +110,19 @@ sub process_accounting_rule( $$$$$$$$ ) {
sub setup_accounting() { sub setup_accounting() {
open_file 'accounting'; my $first_entry = 1;
my $fn = open_file 'accounting';
while ( read_a_line ) { while ( read_a_line ) {
my ( $action, $chain, $source, $dest, $proto, $ports, $sports, $user ) = split_line 8, 'Accounting File'; my ( $action, $chain, $source, $dest, $proto, $ports, $sports, $user ) = split_line 8, 'Accounting File';
if ( $first_entry ) {
progress_message2 "$doing $fn...";
$first_entry = 0;
}
process_accounting_rule $action, $chain, $source, $dest, $proto, $ports, $sports, $user; process_accounting_rule $action, $chain, $source, $dest, $proto, $ports, $sports, $user;
} }

View File

@ -304,7 +304,9 @@ sub expand_shell_variables( $ ) {
} }
# #
# Open a file, setting $currentfile. # Open a file, setting $currentfile. Returns the absolute pathname if the file
# exists, is non-empty and was successfully opened. Terminates with a fatal error
# if the file exists, is non-empty, but the open fails.
# #
sub open_file( $ ) { sub open_file( $ ) {
my $fname = find_file $_[0]; my $fname = find_file $_[0];
@ -352,7 +354,8 @@ sub pop_open() {
# - Ignore blank or comment-only lines. # - Ignore blank or comment-only lines.
# - Remove trailing comments. # - Remove trailing comments.
# - Compress out extra whitespace. # - Compress out extra whitespace.
# - Handle Line Continuation # - Handle Line Continuation (We don't continue comment lines, thus avoiding user frustration
# when the last line of a comment inadvertently ends with '\').
# - Expand shell variables from $ENV. # - Expand shell variables from $ENV.
# - Handle INCLUDE <filename> # - Handle INCLUDE <filename>
# #
@ -363,6 +366,7 @@ sub read_a_line {
$line = ''; $line = '';
while ( my $nextline = <$currentfile> ) { while ( my $nextline = <$currentfile> ) {
$currentlinenumber++; $currentlinenumber++;
next if $nextline =~ /^\s*#/; next if $nextline =~ /^\s*#/;
next if $nextline =~ /^\s*$/; next if $nextline =~ /^\s*$/;

View File

@ -53,14 +53,14 @@ sub validate_hosts_file()
my $ipsec = 0; my $ipsec = 0;
my $first_entry = 1; my $first_entry = 1;
open_file 'hosts'; my $fn = open_file 'hosts';
while ( read_a_line ) { while ( read_a_line ) {
my ($zone, $hosts, $options ) = split_line 3, 'hosts file'; my ($zone, $hosts, $options ) = split_line 3, 'hosts file';
if ( $first_entry ) { if ( $first_entry ) {
progress_message2 "Validating hosts file..."; progress_message2 "$doing $fn...";
$first_entry = 0; $first_entry = 0;
} }

View File

@ -132,13 +132,20 @@ sub validate_interfaces_file()
upnp => 1, upnp => 1,
); );
open_file 'interfaces'; my $fn = open_file 'interfaces';
my $first_entry = 1;
while ( read_a_line ) { while ( read_a_line ) {
my ($zone, $interface, $networks, $options ) = split_line 4, 'interfaces file'; my ($zone, $interface, $networks, $options ) = split_line 4, 'interfaces file';
my $zoneref; my $zoneref;
if ( $first_entry ) {
progress_message2 "$doing $fn...";
$first_entry = 0;
}
if ( $zone eq '-' ) { if ( $zone eq '-' ) {
$zone = ''; $zone = '';
} else { } else {

View File

@ -240,14 +240,14 @@ sub setup_masq()
{ {
my $first_entry = 1; my $first_entry = 1;
open_file 'masq'; my $fn = open_file 'masq';
while ( read_a_line ) { while ( read_a_line ) {
my ($fullinterface, $networks, $addresses, $proto, $ports, $ipsec) = split_line 6, 'masq file'; my ($fullinterface, $networks, $addresses, $proto, $ports, $ipsec) = split_line 6, 'masq file';
if ( $first_entry ) { if ( $first_entry ) {
progress_message2 "$doing Masq file..."; progress_message2 "$doing $fn...";
require_capability( 'NAT_ENABLED' , 'a non-empty masq file' ); require_capability( 'NAT_ENABLED' , 'a non-empty masq file' );
$first_entry = 0; $first_entry = 0;
} }
@ -354,14 +354,14 @@ sub setup_nat() {
my $first_entry = 1; my $first_entry = 1;
open_file 'nat'; my $fn = open_file 'nat';
while ( read_a_line ) { while ( read_a_line ) {
my ( $external, $interface, $internal, $allints, $localnat ) = split_line 5, 'nat file'; my ( $external, $interface, $internal, $allints, $localnat ) = split_line 5, 'nat file';
if ( $first_entry ) { if ( $first_entry ) {
progress_message2 "$doing one-to-one NAT..."; progress_message2 "$doing $fn...";
require_capability( 'NAT_ENABLED' , 'a non-empty nat file' ); require_capability( 'NAT_ENABLED' , 'a non-empty nat file' );
$first_entry = 0; $first_entry = 0;
} }
@ -389,14 +389,14 @@ sub setup_netmap() {
my $first_entry = 1; my $first_entry = 1;
open_file 'netmap'; my $fn = open_file 'netmap';
while ( read_a_line ) { while ( read_a_line ) {
my ( $type, $net1, $interface, $net2 ) = split_line 4, 'netmap file'; my ( $type, $net1, $interface, $net2 ) = split_line 4, 'netmap file';
if ( $first_entry ) { if ( $first_entry ) {
progress_message2 "$doing NETMAP..."; progress_message2 "$doing $fn...";
require_capability( 'NAT_ENABLED' , 'a non-empty netmap file' ); require_capability( 'NAT_ENABLED' , 'a non-empty netmap file' );
$first_entry = 0; $first_entry = 0;
} }

View File

@ -128,14 +128,19 @@ sub validate_policy()
} }
} }
open_file 'policy'; my $fn = open_file 'policy';
my $first_entry = 1;
while ( read_a_line ) { while ( read_a_line ) {
my ( $client, $server, $policy, $loglevel, $synparams ) = split_line 5, 'policy file'; my ( $client, $server, $policy, $loglevel, $synparams ) = split_line 5, 'policy file';
$loglevel = '' unless defined $loglevel; if ( $first_entry ) {
$synparams = '' unless defined $synparams; progress_message2 "$doing $fn...";
$first_entry = 0;
}
$loglevel = '' if $loglevel eq '-'; $loglevel = '' if $loglevel eq '-';
$synparams = '' if $synparams eq '-'; $synparams = '' if $synparams eq '-';

View File

@ -79,7 +79,6 @@ sub setup_route_marking() {
} }
sub setup_providers() { sub setup_providers() {
my $fn = find_file 'providers';
my $providers = 0; my $providers = 0;
sub copy_table( $$ ) { sub copy_table( $$ ) {
@ -344,7 +343,7 @@ sub setup_providers() {
# #
# Setup_Providers() Starts Here.... # Setup_Providers() Starts Here....
# #
open_file $fn; my $fn = open_file 'providers';
while ( read_a_line ) { while ( read_a_line ) {
unless ( $providers ) { unless ( $providers ) {
@ -427,17 +426,21 @@ sub setup_providers() {
emit "\$echocommand \"$providers{$table}{number}\\t$table\" >> /etc/iproute2/rt_tables"; emit "\$echocommand \"$providers{$table}{number}\\t$table\" >> /etc/iproute2/rt_tables";
} }
my $fn = find_file 'route_rules'; my $fn = open_file 'route_rules';
if ( -f $fn ) { if ( $fn ) {
progress_message2 "$doing $fn...";
my $first_entry = 0;
emit ''; emit '';
open_file $fn;
while ( read_a_line ) { while ( read_a_line ) {
if ( $first_entry ) {
progress_message2 "$doing $fn...";
$first_entry = 0;
}
my ( $source, $dest, $provider, $priority ) = split_line 4, 'route_rules file'; my ( $source, $dest, $provider, $priority ) = split_line 4, 'route_rules file';
add_an_rtrule( $source, $dest, $provider , $priority ); add_an_rtrule( $source, $dest, $provider , $priority );

View File

@ -81,8 +81,11 @@ progress_message \" Host $address connected to $interface added to ARP on $ext
sub setup_proxy_arp() { sub setup_proxy_arp() {
my $interfaces= find_interfaces_by_option 'proxyarp'; my $interfaces= find_interfaces_by_option 'proxyarp';
my $fn = open_file 'proxyarp';
if ( @$interfaces || open_file 'proxyarp' ) { if ( @$interfaces || $fn ) {
my $first_entry = 1;
save_progress_message "Setting up Proxy ARP..."; save_progress_message "Setting up Proxy ARP...";
@ -92,6 +95,11 @@ sub setup_proxy_arp() {
my ( $address, $interface, $external, $haveroute, $persistent ) = split_line 5, 'proxyarp file'; my ( $address, $interface, $external, $haveroute, $persistent ) = split_line 5, 'proxyarp file';
if ( $first_entry ) {
progress_message2 "$doing $fn...";
$first_entry = 0;
}
$set{$interface} = 1; $set{$interface} = 1;
$reset{$external} = 1 unless $set{$external}; $reset{$external} = 1 unless $set{$external};

View File

@ -64,7 +64,7 @@ sub process_tos() {
my $chain = $capabilities{MANGLE_FORWARD} ? 'fortos' : 'pretos'; my $chain = $capabilities{MANGLE_FORWARD} ? 'fortos' : 'pretos';
my $stdchain = $capabilities{MANGLE_FORWARD} ? 'FORWARD' : 'PREROUTING'; my $stdchain = $capabilities{MANGLE_FORWARD} ? 'FORWARD' : 'PREROUTING';
if ( open_file 'tos' ) { if ( my $fn = open_file 'tos' ) {
my $first_entry = 1; my $first_entry = 1;
my ( $pretosref, $outtosref ); my ( $pretosref, $outtosref );
@ -74,7 +74,7 @@ sub process_tos() {
my ($src, $dst, $proto, $sports, $ports , $tos ) = split_line 6, 'tos file'; my ($src, $dst, $proto, $sports, $ports , $tos ) = split_line 6, 'tos file';
if ( $first_entry ) { if ( $first_entry ) {
progress_message2 'Setting up TOS...'; progress_message2 "$doing $fn...";
$pretosref = ensure_chain 'mangle' , $chain; $pretosref = ensure_chain 'mangle' , $chain;
$outtosref = ensure_chain 'mangle' , 'outtos'; $outtosref = ensure_chain 'mangle' , 'outtos';
$first_entry = 0; $first_entry = 0;
@ -127,14 +127,19 @@ sub setup_ecn()
my %interfaces; my %interfaces;
my @hosts; my @hosts;
if ( open_file 'ecn' ) { if ( my $fn = open_file 'ecn' ) {
progress_message2 join( '' , "$doing ", find_file( 'ecn' ), '...' ); my $first_entry = 1;
while ( read_a_line ) { while ( read_a_line ) {
my ($interface, $hosts ) = split_line 2, 'ecn file'; my ($interface, $hosts ) = split_line 2, 'ecn file';
if ( $first_entry ) {
progress_message2 "$doing $fn...";
$first_entry = 0;
}
fatal_error "Unknown interface ( $interface )" unless known_interface $interface; fatal_error "Unknown interface ( $interface )" unless known_interface $interface;
$interfaces{$interface} = 1; $interfaces{$interface} = 1;
@ -189,7 +194,9 @@ sub setup_rfc1918_filteration( $ ) {
$chainref = new_standard_chain 'rfc1918d' if $config{RFC1918_STRICT}; $chainref = new_standard_chain 'rfc1918d' if $config{RFC1918_STRICT};
open_file 'rfc1918'; my $fn = open_file 'rfc1918';
my $first_entry = 1;
while ( read_a_line ) { while ( read_a_line ) {
@ -197,6 +204,11 @@ sub setup_rfc1918_filteration( $ ) {
my $s_target; my $s_target;
if ( $first_entry ) {
progress_message2 "$doing $fn...";
$first_entry = 0;
}
if ( $target eq 'logdrop' ) { if ( $target eq 'logdrop' ) {
$target = 'rfc1918'; $target = 'rfc1918';
$s_target = 'rfc1918'; $s_target = 'rfc1918';
@ -249,8 +261,6 @@ sub setup_blacklist() {
my ( $level, $disposition ) = @config{'BLACKLIST_LOGLEVEL', 'BLACKLIST_DISPOSITION' }; my ( $level, $disposition ) = @config{'BLACKLIST_LOGLEVEL', 'BLACKLIST_DISPOSITION' };
progress_message2 " Setting up Blacklist...";
new_standard_chain 'blacklst'; new_standard_chain 'blacklst';
my $target = $disposition eq 'REJECT' ? 'reject' : $disposition; my $target = $disposition eq 'REJECT' ? 'reject' : $disposition;
@ -265,14 +275,19 @@ sub setup_blacklist() {
$target = 'blacklog'; $target = 'blacklog';
} }
if ( open_file 'blacklist' ) { if ( my $fn = open_file 'blacklist' ) {
progress_message( join( '', ' Processing ', find_file( 'blacklist' ), '...' ) ); my $first_entry = 1;
while ( read_a_line ) { while ( read_a_line ) {
my ( $networks, $protocol, $ports ) = split_line 3, 'blacklist file'; my ( $networks, $protocol, $ports ) = split_line 3, 'blacklist file';
if ( $first_entry ) {
progress_message2 "$doing $fn...";
$first_entry = 0;
}
expand_rule expand_rule
ensure_filter_chain( 'blacklst' , 0 ) , ensure_filter_chain( 'blacklst' , 0 ) ,
NO_RESTRICT , NO_RESTRICT ,
@ -348,12 +363,11 @@ sub process_criticalhosts() {
sub process_routestopped() { sub process_routestopped() {
my $fn = find_file 'routestopped';
my ( @allhosts, %source, %dest ); my ( @allhosts, %source, %dest );
progress_message2 "$doing $fn..."; my $fn = open_file 'routestopped';
open_file $fn; my $first_entry = 1;
while ( read_a_line ) { while ( read_a_line ) {
@ -361,6 +375,11 @@ sub process_routestopped() {
my ($interface, $hosts, $options ) = split_line 3, 'routestopped file'; my ($interface, $hosts, $options ) = split_line 3, 'routestopped file';
if ( $first_entry ) {
progress_message2 "$doing $fn...";
$first_entry = 0;
}
$hosts = ALLIPv4 unless $hosts && $hosts ne '-'; $hosts = ALLIPv4 unless $hosts && $hosts ne '-';
my @hosts; my @hosts;
@ -478,7 +497,7 @@ sub add_common_rules() {
} }
if ( @$list ) { if ( @$list ) {
progress_message2 ' Adding Anti-smurf Rules'; progress_message2 'Adding Anti-smurf Rules';
for my $hostref ( @$list ) { for my $hostref ( @$list ) {
$interface = $hostref->[0]; $interface = $hostref->[0];
my $ipsec = $hostref->[1]; my $ipsec = $hostref->[1];
@ -502,7 +521,7 @@ sub add_common_rules() {
$list = find_interfaces_by_option 'dhcp'; $list = find_interfaces_by_option 'dhcp';
if ( @$list ) { if ( @$list ) {
progress_message2 ' Adding rules for DHCP'; progress_message2 'Adding rules for DHCP';
for $interface ( @$list ) { for $interface ( @$list ) {
for $chain ( @{first_chains $interface}) { for $chain ( @{first_chains $interface}) {
@ -515,18 +534,14 @@ sub add_common_rules() {
$list = find_hosts_by_option 'norfc1918'; $list = find_hosts_by_option 'norfc1918';
if ( @$list ) { setup_rfc1918_filteration $list if @$list;
progress_message2 ' Enabling RFC1918 Filtering';
setup_rfc1918_filteration $list;
}
$list = find_hosts_by_option 'tcpflags'; $list = find_hosts_by_option 'tcpflags';
if ( @$list ) { if ( @$list ) {
my $disposition; my $disposition;
progress_message2 " $doing TCP Flags filtering..."; progress_message2 "$doing TCP Flags filtering...";
$chainref = new_standard_chain 'tcpflags'; $chainref = new_standard_chain 'tcpflags';
@ -585,7 +600,7 @@ sub add_common_rules() {
$list = find_interfaces_by_option 'upnp'; $list = find_interfaces_by_option 'upnp';
if ( @$list ) { if ( @$list ) {
progress_message2 ' $doing UPnP'; progress_message2 '$doing UPnP';
(new_chain 'nat', 'UPnP')->{referenced} = 1; (new_chain 'nat', 'UPnP')->{referenced} = 1;
@ -639,12 +654,19 @@ sub setup_mac_lists( $ ) {
} }
} }
open_file 'maclist'; my $fn = open_file 'maclist';
my $first_entry = 1;
while ( read_a_line ) { while ( read_a_line ) {
my ( $disposition, $interface, $mac, $addresses ) = split_line 4, 'maclist file'; my ( $disposition, $interface, $mac, $addresses ) = split_line 4, 'maclist file';
if ( $first_entry ) {
progress_message2 "$doing $fn...";
$first_entry = 0;
}
if ( $disposition eq 'COMMENT' ) { if ( $disposition eq 'COMMENT' ) {
if ( $capabilities{COMMENTS} ) { if ( $capabilities{COMMENTS} ) {
( $comment = $line ) =~ s/^\s*COMMENT\s*//; ( $comment = $line ) =~ s/^\s*COMMENT\s*//;
@ -1169,12 +1191,19 @@ sub process_rule ( $$$$$$$$$ ) {
# #
sub process_rules() { sub process_rules() {
open_file 'rules'; my $fn = open_file 'rules';
my $first_entry = 1;
while ( read_a_line ) { while ( read_a_line ) {
my ( $target, $source, $dest, $proto, $ports, $sports, $origdest, $ratelimit, $user ) = split_line 9, 'rules file'; my ( $target, $source, $dest, $proto, $ports, $sports, $origdest, $ratelimit, $user ) = split_line 9, 'rules file';
if ( $first_entry ) {
progress_message2 "$doing $fn...";
$first_entry = 0;
}
if ( $target eq 'COMMENT' ) { if ( $target eq 'COMMENT' ) {
if ( $capabilities{COMMENTS} ) { if ( $capabilities{COMMENTS} ) {
( $comment = $line ) =~ s/^\s*COMMENT\s*//; ( $comment = $line ) =~ s/^\s*COMMENT\s*//;

View File

@ -349,15 +349,12 @@ sub validate_tc_class( $$$$$$ ) {
} }
sub setup_traffic_shaping() { sub setup_traffic_shaping() {
my $first_entry = 1;
save_progress_message "Setting up Traffic Control..."; save_progress_message "Setting up Traffic Control...";
my $fn = find_file 'tcdevices'; my $fn = open_file 'tcdevices';
if ( -f $fn ) { if ( $fn ) {
my $first_entry = 1;
open_file $fn;
while ( read_a_line ) { while ( read_a_line ) {
@ -373,12 +370,10 @@ sub setup_traffic_shaping() {
} }
} }
$fn = find_file 'tcclasses'; $fn = open_file 'tcclasses';
if ( -f $fn ) { if ( $fn ) {
$first_entry = 1; my $first_entry = 1;
open_file $fn;
while ( read_a_line ) { while ( read_a_line ) {
@ -510,16 +505,14 @@ sub setup_tc() {
} }
} }
my $fn = find_file 'tcrules'; if ( my $fn = open_file 'tcrules' ) {
if ( open_file $fn ) {
while ( read_a_line ) { while ( read_a_line ) {
my ( $mark, $source, $dest, $proto, $ports, $sports, $user, $testval, $length, $tos ) = split_line 10, 'tcrules file'; my ( $mark, $source, $dest, $proto, $ports, $sports, $user, $testval, $length, $tos ) = split_line 10, 'tcrules file';
if ( $first_entry ) { if ( $first_entry ) {
progress_message2 "$doing TC Rules..."; progress_message2 "$doing $fn...";
require_capability( 'MANGLE_ENABLED' , 'a non-empty tcrules file' ); require_capability( 'MANGLE_ENABLED' , 'a non-empty tcrules file' );
$first_entry = 0; $first_entry = 0;
} }

View File

@ -233,14 +233,14 @@ sub setup_tunnels() {
# #
# Setup_Tunnels() Starts Here # Setup_Tunnels() Starts Here
# #
open_file 'tunnels'; my $fn = open_file 'tunnels';
while ( read_a_line ) { while ( read_a_line ) {
my ( $kind, $zone, $gateway, $gatewayzones ) = split_line 4, 'tunnels file'; my ( $kind, $zone, $gateway, $gatewayzones ) = split_line 4, 'tunnels file';
if ( $first_entry ) { if ( $first_entry ) {
progress_message2 "$doing Tunnels..."; progress_message2 "$doing $fn...";
$first_entry = 0; $first_entry = 0;
} }

View File

@ -180,7 +180,9 @@ sub determine_zones()
{ {
my @z; my @z;
open_file 'zones'; my $fn = open_file 'zones';
my $first_entry = 1;
while ( read_a_line ) { while ( read_a_line ) {
@ -188,6 +190,11 @@ sub determine_zones()
my ($zone, $type, $options, $in_options, $out_options ) = split_line 5, 'zones file'; my ($zone, $type, $options, $in_options, $out_options ) = split_line 5, 'zones file';
if ( $first_entry ) {
progress_message2 "$doing $fn...";
$first_entry = 0;
}
if ( $zone =~ /(\w+):([\w,]+)/ ) { if ( $zone =~ /(\w+):([\w,]+)/ ) {
$zone = $1; $zone = $1;
@parents = split ',', $2; @parents = split ',', $2;

View File

@ -656,12 +656,10 @@ sub compiler( $ ) {
# #
# Process the zones file. # Process the zones file.
# #
progress_message2 "Determining Zones...";
determine_zones; determine_zones;
# #
# Process the interfaces file. # Process the interfaces file.
# #
progress_message2 "Validating interfaces file...";
validate_interfaces_file; validate_interfaces_file;
# #
# Process the hosts file. # Process the hosts file.
@ -680,7 +678,6 @@ sub compiler( $ ) {
# #
# Process the Policy File. # Process the Policy File.
# #
progress_message2 "Validating Policy file...";
validate_policy; validate_policy;
# #
# Compile the 'stop_firewall()' function # Compile the 'stop_firewall()' function
@ -693,7 +690,6 @@ sub compiler( $ ) {
# #
# Do all of the zone-independent stuff # Do all of the zone-independent stuff
# #
progress_message2 "$doing Common Rules...";
add_common_rules; add_common_rules;
# #
# /proc stuff # /proc stuff
@ -735,7 +731,6 @@ sub compiler( $ ) {
# #
# Process the rules file. # Process the rules file.
# #
progress_message2 "$doing Rules...";
process_rules; process_rules;
# #
# Add Tunnel rules. # Add Tunnel rules.
@ -767,7 +762,6 @@ sub compiler( $ ) {
# #
# Accounting. # Accounting.
# #
progress_message2 "$doing Accounting...";
setup_accounting; setup_accounting;
progress_message2 'Generating Rule Matrix...'; progress_message2 'Generating Rule Matrix...';