Here's another RC1 patch. -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________
commit 89ea37e08862718e5a7b2d113ae491e1fabaaa7d Author: Tom Eastep <[email protected]> Date: Mon Dec 24 10:11:53 2012 -0800
Correct nested comments.
Signed-off-by: Tom Eastep <[email protected]>
diff --git a/Shorewall/Perl/Shorewall/Config.pm b/Shorewall/Perl/Shorewall/Config.pm
index 34f2586..6305555 100644
--- a/Shorewall/Perl/Shorewall/Config.pm
+++ b/Shorewall/Perl/Shorewall/Config.pm
@@ -497,6 +497,7 @@ our $max_format; # Max format value
our $comment; # Current COMMENT
our @comments;
our $comments_allowed;
+our $nocomment;
our $warningcount;
our $warningcount1;
our $warningcount2;
@@ -922,6 +923,7 @@ sub initialize( $;$$) {
$first_entry = 0; # Message to output or function to call on first non-blank file entry
$max_format = 1;
$comments_allowed = 0;
+ $nocomment = 0;
$shorewall_dir = ''; #Shorewall Directory
@@ -2004,7 +2006,7 @@ sub do_open_file( $ ) {
$currentfilename = $fname;
}
-sub open_file( $;$$ ) {
+sub open_file( $;$$$ ) {
my $fname = find_file $_[0];
assert( ! defined $currentfile );
@@ -2014,6 +2016,7 @@ sub open_file( $;$$ ) {
$file_format = 1;
$max_format = supplied $_[1] ? $_[1] : 1;
$comments_allowed = supplied $_[2] ? $_[2] : 0;
+ $nocomment = supplied $_[3] ? $_[3] && no_comment : 0;
do_open_file $fname;;
} else {
$ifstack = @ifstack;
@@ -2034,10 +2037,11 @@ sub pop_include() {
}
if ( $arrayref ) {
- ( $currentfile, $currentfilename, $currentlinenumber, $ifstack, $file_format, $max_format ) = @$arrayref;
+ ( $currentfile, $currentfilename, $currentlinenumber, $ifstack, $file_format, $max_format, $nocomment ) = @$arrayref;
} else {
$currentfile = undef;
$currentlinenumber = 'EOF';
+ $nocomment = $comment = 0;
}
}
@@ -2270,11 +2274,13 @@ sub process_compiler_directive( $$$$ ) {
COMMENT => sub() {
unless ( $omitting ) {
if ( $comments_allowed ) {
- if ( have_capability( 'COMMENTS' ) ) {
- ( $comment = $line ) =~ s/^\s*\?COMMENT\s*//;
- $comment =~ s/\s*$//;
- } else {
- directive_warning( "COMMENTs ignored -- require comment support in iptables/Netfilter" , $filename, $linenumber ) unless $warningcount++;
+ unless ( $nocomment ) {
+ if ( have_capability( 'COMMENTS' ) ) {
+ ( $comment = $line ) =~ s/^\s*\?COMMENT\s*//;
+ $comment =~ s/\s*$//;
+ } else {
+ directive_warning( "COMMENTs ignored -- require comment support in iptables/Netfilter" , $filename, $linenumber ) unless $warningcount++;
+ }
}
} else {
directive_error ( "?COMMENT is not allowed in this file", $filename, $linenumber );
@@ -2423,7 +2429,7 @@ sub copy1( $ ) {
fatal_error "Directory ($filename) not allowed in INCLUDE" if -d _;
if ( -s _ ) {
- push @includestack, [ $currentfile, $currentfilename, $currentlinenumber, $ifstack, $file_format, $max_format ];
+ push @includestack, [ $currentfile, $currentfilename, $currentlinenumber, $ifstack, $file_format, $max_format, $nocomment ];
$currentfile = undef;
do_open_file $filename;
} else {
@@ -2559,14 +2565,14 @@ EOF
# The following two functions allow module clients to nest opens. This happens frequently
# in the Rules module.
#
-sub push_open( $;$$ ) {
- my ( $file, $max , $ca) = @_;
- push @includestack, [ $currentfile, $currentfilename, $currentlinenumber, $ifstack, $file_format, $max_format ] if $currentfile;
+sub push_open( $;$$$ ) {
+ my ( $file, $max , $ca, $nc ) = @_;
+ push @includestack, [ $currentfile, $currentfilename, $currentlinenumber, $ifstack, $file_format, $max_format, $nocomment ] if $currentfile;
my @a = @includestack;
push @openstack, \@a;
@includestack = ();
$currentfile = undef;
- open_file( $file , $max, $comments_allowed || $ca );
+ open_file( $file , $max, $comments_allowed || $ca, $nc );
}
sub pop_open() {
@@ -2644,7 +2650,7 @@ sub embedded_shell( $ ) {
$command .= q(');
- push @includestack, [ $currentfile, $currentfilename, $currentlinenumber, $ifstack , $file_format, $max_format ];
+ push @includestack, [ $currentfile, $currentfilename, $currentlinenumber, $ifstack , $file_format, $max_format, $nocomment ];
$currentfile = undef;
open $currentfile , '-|', $command or fatal_error qq(Shell Command failed);
$currentfilename = "SHELL\@$currentfilename:$currentlinenumber";
@@ -2706,7 +2712,7 @@ sub embedded_perl( $ ) {
$perlscript = undef;
- push @includestack, [ $currentfile, $currentfilename, $currentlinenumber , $ifstack , $file_format, $max_format ];
+ push @includestack, [ $currentfile, $currentfilename, $currentlinenumber , $ifstack , $file_format, $max_format, $nocomment ];
$currentfile = undef;
open $currentfile, '<', $perlscriptname or fatal_error "Unable to open Perl Script $perlscriptname";
@@ -2974,7 +2980,7 @@ sub read_a_line($) {
fatal_error "Directory ($filename) not allowed in INCLUDE" if -d _;
if ( -s _ ) {
- push @includestack, [ $currentfile, $currentfilename, $currentlinenumber, $ifstack , $file_format, $max_format ];
+ push @includestack, [ $currentfile, $currentfilename, $currentlinenumber, $ifstack , $file_format, $max_format, $nocomment ];
$currentfile = undef;
do_open_file $filename;
} else {
diff --git a/Shorewall/Perl/Shorewall/Rules.pm b/Shorewall/Perl/Shorewall/Rules.pm
index 51d3f49..26fe6e1 100644
--- a/Shorewall/Perl/Shorewall/Rules.pm
+++ b/Shorewall/Perl/Shorewall/Rules.pm
@@ -1648,13 +1648,14 @@ sub process_macro ($$$$$$$$$$$$$$$$$$$) {
my $generated = 0;
- macro_comment $macro;
my $macrofile = $macros{$macro};
progress_message "..Expanding Macro $macrofile...";
- push_open $macrofile, 2;
+ push_open $macrofile, 2, 1, 1;
+
+ macro_comment $macro;
while ( read_a_line( NORMAL_READ ) ) {
@@ -1784,8 +1785,6 @@ sub process_inline ($$$$$$$$$$$$$$$$$$$$) {
my $generated = 0;
- macro_comment $inline;
-
my ( $level, $tag ) = split( ':', $loglevel, 2 );
my $oldparms = push_action_params( $chainref,
@@ -1798,7 +1797,9 @@ sub process_inline ($$$$$$$$$$$$$$$$$$$$) {
progress_message "..Expanding inline action $inlinefile...";
- push_open $inlinefile, 2;
+ push_open $inlinefile, 2, 1, 1;
+
+ macro_comment $inline;
while ( read_a_line( NORMAL_READ ) ) {
my ( $mtarget,
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ LogMeIn Rescue: Anywhere, Anytime Remote support for IT. Free Trial Remotely access PCs and mobile devices and provide instant support Improve your efficiency, and focus on delivering more value-add services Discover what IT Professionals Know. Rescue delivers http://p.sf.net/sfu/logmein_12329d2d
_______________________________________________ Shorewall-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-devel
