On 04/09/2012 01:56 PM, Tom Eastep wrote: > > The fix may have a defect -- I'm seeing differences in the generated > ruleset while running regression tests. >
Steven, The problem turned out to be 'first-entry' processing. That was happening before the first non-omitted non-commentary entry in a file was found. Corrected by the attached patch. Thanks, -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________
diff --git a/Shorewall/Perl/Shorewall/Config.pm b/Shorewall/Perl/Shorewall/Config.pm
index 51ce01c..e6f5318 100644
--- a/Shorewall/Perl/Shorewall/Config.pm
+++ b/Shorewall/Perl/Shorewall/Config.pm
@@ -2138,6 +2138,18 @@ sub expand_variables( \$ ) {
}
#
+# Handle first-entry processing
+#
+sub handle_first_entry() {
+ #
+ # $first_entry can contain either a function reference or a message. If it
+ # contains a reference, call the function -- otherwise issue the message
+ #
+ reftype( $first_entry ) ? $first_entry->() : progress_message2( $first_entry );
+ $first_entry = 0;
+}
+
+#
# Read a line from the current include stack.
#
# - Ignore blank or comment-only lines.
@@ -2183,17 +2195,6 @@ sub read_a_line(;$$$$) {
#
$currentline = '', $currentlinenumber = 0, next if $currentline =~ /^\s*$/ && $suppress_whitespace;
#
- # Line not blank -- Handle any first-entry message/capabilities check
- #
- if ( $first_entry ) {
- #
- # $first_entry can contain either a function reference or a message. If it
- # contains a reference, call the function -- otherwise issue the message
- #
- reftype( $first_entry ) ? $first_entry->() : progress_message2( $first_entry );
- $first_entry = 0;
- }
- #
# Handle conditionals
#
if ( $currentline =~ /^\s*\?(?:IF|ELSE|ENDIF)/ ) {
@@ -2205,6 +2206,7 @@ sub read_a_line(;$$$$) {
if ( $omitting ) {
print "OMIT=> $currentline\n" if $debug;
$currentline='';
+ $currentlinenumber = 0;
next;
}
#
@@ -2212,11 +2214,13 @@ sub read_a_line(;$$$$) {
#
if ( $embedded_enabled ) {
if ( $currentline =~ s/^\s*(BEGIN\s+)?SHELL\s*;?// ) {
+ handle_first_entry if $first_entry;
embedded_shell( $1 );
next;
}
if ( $currentline =~ s/^\s*(BEGIN\s+)?PERL\s*\;?// ) {
+ handle_first_entry if $first_entry;
embedded_perl( $1 );
next;
}
@@ -2224,11 +2228,15 @@ sub read_a_line(;$$$$) {
#
# Now remove concatinated comments
#
- $currentline =~ s/#.*$// if $strip_comments;
+ $currentline =~ s/\s*#.*$// if $strip_comments;
#
# Ignore ( concatenated ) Blank Lines after comments are removed.
#
$currentline = '', $currentlinenumber = 0, next if $currentline =~ /^\s*$/ && $suppress_whitespace;
+ #
+ # Line not blank -- Handle any first-entry message/capabilities check
+ #
+ handle_first_entry if $first_entry;
my $count = 0;
#
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ For Developers, A Lot Can Happen In A Second. Boundary is the first to Know...and Tell You. Monitor Your Applications in Ultra-Fine Resolution. Try it FREE! http://p.sf.net/sfu/Boundary-d2dvs2
_______________________________________________ Shorewall-devel mailing list Shorewall-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-devel
