forked from extern/shorewall_code
Move a function; don't export %policy_actions
This commit is contained in:
parent
e1b4e345fb
commit
fc2d76aa7a
@ -31,7 +31,7 @@ use Shorewall::Chains qw( :DEFAULT :internal) ;
|
||||
use strict;
|
||||
|
||||
our @ISA = qw(Exporter);
|
||||
our @EXPORT = qw( validate_policy apply_policy_rules complete_standard_chain setup_syn_flood_chains save_policies optimize_policy_chains get_target_param %policy_actions );
|
||||
our @EXPORT = qw( validate_policy apply_policy_rules complete_standard_chain setup_syn_flood_chains save_policies optimize_policy_chains get_target_param policy_actions );
|
||||
our @EXPORT_OK = qw( );
|
||||
our $VERSION = '4.4_16';
|
||||
|
||||
@ -67,6 +67,13 @@ sub get_target_param( $ ) {
|
||||
( $target, $param );
|
||||
}
|
||||
|
||||
#
|
||||
# Return a list of actions used by the policies
|
||||
#
|
||||
sub policy_actions() {
|
||||
keys %policy_actions;
|
||||
}
|
||||
|
||||
#
|
||||
# Convert a chain into a policy chain.
|
||||
#
|
||||
|
@ -602,6 +602,52 @@ my %builtinops = ( 'dropBcast' => \&dropBcast,
|
||||
'forwardUPnP' => \&forwardUPnP,
|
||||
'Limit' => \&Limit, );
|
||||
|
||||
#
|
||||
# This function is called prior to processing of the policy file. It:
|
||||
#
|
||||
# - Adds the builtin actions to the target table
|
||||
# - Reads actions.std and actions (in that order) and for each entry:
|
||||
# o Adds the action to the target table
|
||||
# o Verifies that the corresponding action file exists
|
||||
#
|
||||
|
||||
sub process_actions1() {
|
||||
|
||||
progress_message2 "Locating Action Files...";
|
||||
#
|
||||
# Add built-in actions to the target table and create those actions
|
||||
#
|
||||
$targets{$_} = new_action( $_ , ACTION + BUILTIN ) for @builtins;
|
||||
|
||||
for my $file ( qw/actions.std actions/ ) {
|
||||
open_file $file;
|
||||
|
||||
while ( read_a_line ) {
|
||||
my ( $action ) = split_line 1, 1, 'action file';
|
||||
|
||||
if ( $action =~ /:/ ) {
|
||||
warning_message 'Default Actions are now specified in /etc/shorewall/shorewall.conf';
|
||||
$action =~ s/:.*$//;
|
||||
}
|
||||
|
||||
next unless $action;
|
||||
|
||||
if ( $targets{$action} ) {
|
||||
warning_message "Duplicate Action Name ($action) Ignored" unless $targets{$action} & ACTION;
|
||||
next;
|
||||
}
|
||||
|
||||
fatal_error "Invalid Action Name ($action)" unless "\L$action" =~ /^[a-z]\w*$/;
|
||||
|
||||
new_action $action, ACTION;
|
||||
|
||||
my $actionfile = find_file "action.$action";
|
||||
|
||||
fatal_error "Missing Action File ($actionfile)" unless -f $actionfile;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
sub process_rule1 ( $$$$$$$$$$$$$$$$ );
|
||||
|
||||
#
|
||||
@ -677,59 +723,13 @@ sub process_action( $) {
|
||||
pop_params( $oldparms );
|
||||
}
|
||||
|
||||
#
|
||||
# This function is called prior to processing of the policy file. It:
|
||||
#
|
||||
# - Adds the builtin actions to the target table
|
||||
# - Reads actions.std and actions (in that order) and for each entry:
|
||||
# o Adds the action to the target table
|
||||
# o Verifies that the corresponding action file exists
|
||||
#
|
||||
|
||||
sub process_actions1() {
|
||||
|
||||
progress_message2 "Locating Action Files...";
|
||||
#
|
||||
# Add built-in actions to the target table and create those actions
|
||||
#
|
||||
$targets{$_} = new_action( $_ , ACTION + BUILTIN ) for @builtins;
|
||||
|
||||
for my $file ( qw/actions.std actions/ ) {
|
||||
open_file $file;
|
||||
|
||||
while ( read_a_line ) {
|
||||
my ( $action ) = split_line 1, 1, 'action file';
|
||||
|
||||
if ( $action =~ /:/ ) {
|
||||
warning_message 'Default Actions are now specified in /etc/shorewall/shorewall.conf';
|
||||
$action =~ s/:.*$//;
|
||||
}
|
||||
|
||||
next unless $action;
|
||||
|
||||
if ( $targets{$action} ) {
|
||||
warning_message "Duplicate Action Name ($action) Ignored" unless $targets{$action} & ACTION;
|
||||
next;
|
||||
}
|
||||
|
||||
fatal_error "Invalid Action Name ($action)" unless "\L$action" =~ /^[a-z]\w*$/;
|
||||
|
||||
new_action $action, ACTION;
|
||||
|
||||
my $actionfile = find_file "action.$action";
|
||||
|
||||
fatal_error "Missing Action File ($actionfile)" unless -f $actionfile;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
#
|
||||
# This function creates and populates the chains for the policy actions.
|
||||
#
|
||||
sub process_actions2 () {
|
||||
progress_message2 "$doing policy actions...";
|
||||
|
||||
for ( map normalize_action_name $_, ( grep ! ( $targets{$_} & BUILTIN ), keys %policy_actions ) ) {
|
||||
for ( map normalize_action_name $_, ( grep ! ( $targets{$_} & BUILTIN ), policy_actions ) ) {
|
||||
if ( my $ref = use_action( $_ ) ) {
|
||||
process_action( $ref );
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user