Make policy descriptions match what the user entered rather than what was generated by the compiler

Signed-off-by: Tom Eastep <teastep@shorewall.net>
This commit is contained in:
Tom Eastep 2015-05-20 10:58:57 -07:00
parent acd921cd08
commit f77d649ac7

View File

@ -224,6 +224,7 @@ sub initialize( $ ) {
$family = shift; $family = shift;
# #
# Chains created as a result of entries in the policy file # Chains created as a result of entries in the policy file
#
@policy_chains = (); @policy_chains = ();
# #
# This is updated from the *_DEFAULT settings in shorewall.conf. Those settings were stored # This is updated from the *_DEFAULT settings in shorewall.conf. Those settings were stored
@ -548,10 +549,10 @@ sub process_a_policy() {
$chainref->{provisional} = 0; $chainref->{provisional} = 0;
$chainref->{policy} = $policy; $chainref->{policy} = $policy;
} else { } else {
fatal_error qq(Policy "$client $server $policy" duplicates earlier policy "@{$chainref->{policypair}} $chainref->{policy}"); fatal_error qq(Policy "$client $server $originalpolicy" duplicates earlier policy "@{$chainref->{policypair}} $chainref->{policy}");
} }
} elsif ( $chainref->{policy} ) { } elsif ( $chainref->{policy} ) {
fatal_error qq(Policy "$client $server $policy" duplicates earlier policy "@{$chainref->{policypair}} $chainref->{policy}"); fatal_error qq(Policy "$client $server $originalpolicy" duplicates earlier policy "@{$chainref->{policypair}} $chainref->{policy}");
} else { } else {
convert_to_policy_chain( $chainref, $client, $server, $policy, 0 , $audit ); convert_to_policy_chain( $chainref, $client, $server, $policy, 0 , $audit );
push @policy_chains, ( $chainref ) unless $config{EXPAND_POLICIES} && ( $clientwild || $serverwild ); push @policy_chains, ( $chainref ) unless $config{EXPAND_POLICIES} && ( $clientwild || $serverwild );
@ -583,23 +584,23 @@ sub process_a_policy() {
for my $zone ( @zonelist ) { for my $zone ( @zonelist ) {
for my $zone1 ( @zonelist ) { for my $zone1 ( @zonelist ) {
set_policy_chain rules_chain( ${zone}, ${zone1} ), $client, $server, $chainref, $policy, $intrazone; set_policy_chain rules_chain( ${zone}, ${zone1} ), $client, $server, $chainref, $policy, $intrazone;
print_policy $zone, $zone1, $policy, $chain; print_policy $zone, $zone1, $originalpolicy, $chain;
} }
} }
} else { } else {
for my $zone ( all_zones ) { for my $zone ( all_zones ) {
set_policy_chain rules_chain( ${zone}, ${server} ), $client, $server, $chainref, $policy, $intrazone; set_policy_chain rules_chain( ${zone}, ${server} ), $client, $server, $chainref, $policy, $intrazone;
print_policy $zone, $server, $policy, $chain; print_policy $zone, $server, $originalpolicy, $chain;
} }
} }
} elsif ( $serverwild ) { } elsif ( $serverwild ) {
for my $zone ( @zonelist ) { for my $zone ( @zonelist ) {
set_policy_chain rules_chain( ${client}, ${zone} ), $client, $server, $chainref, $policy, $intrazone; set_policy_chain rules_chain( ${client}, ${zone} ), $client, $server, $chainref, $policy, $intrazone;
print_policy $client, $zone, $policy, $chain; print_policy $client, $zone, $originalpolicy, $chain;
} }
} else { } else {
print_policy $client, $server, $policy, $chain; print_policy $client, $server, $originalpolicy, $chain;
} }
} }