diff options
| author | Daniil Baturin <daniil.baturin@vyatta.com> | 2011-10-11 14:29:10 +0700 |
|---|---|---|
| committer | Daniil Baturin <daniil.baturin@vyatta.com> | 2011-10-11 14:29:10 +0700 |
| commit | 63b584033ddd11c28da87edf9f8055a151a15397 (patch) | |
| tree | 7352a41635f9f817419440667c797687e4a5085d /lib | |
| parent | 6d93aa47b25ca83235ba59a532d2c461874e0fea (diff) | |
| download | vyatta-nat-63b584033ddd11c28da87edf9f8055a151a15397.tar.gz vyatta-nat-63b584033ddd11c28da87edf9f8055a151a15397.zip | |
Bug 5682: Add NatRuleCommon.pm module with subroutines common
for source and destination rules processing.
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/Vyatta/NatRuleCommon.pm | 77 |
1 files changed, 77 insertions, 0 deletions
diff --git a/lib/Vyatta/NatRuleCommon.pm b/lib/Vyatta/NatRuleCommon.pm new file mode 100644 index 0000000..a6311d3 --- /dev/null +++ b/lib/Vyatta/NatRuleCommon.pm @@ -0,0 +1,77 @@ +# +# Module: NatRuleCommon.pm +# +# **** License **** +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2 as +# published by the Free Software Foundation. +# +# This program is distributed in the hope that it will be useful, but +# WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# General Public License for more details. +# +# This code was originally developed by Vyatta, Inc. +# Portions created by Vyatta are Copyright (C) 2009 Vyatta, Inc. +# All Rights Reserved. +# +# Author: eng@vyatta.com +# Date: 2011 +# Description: Shared NAT rule handling procedures library +# +# **** End License **** +# + + +package Vyatta::NatRuleCommon; + +use strict; +use lib "/opt/vyatta/share/perl5"; +require Vyatta::Config; +require Vyatta::IpTables::AddressFilter; +use Vyatta::Misc; +use Vyatta::TypeChecker; + +require Exporter; +our @ISA = qw(Exporter); +our @EXPORT = qw(is_disabled get_num_ipt_rules get_log_prefix output_xml_elem); + +sub is_disabled { + my $self = shift; + return 1 if defined $self->{_disable}; + return 0; +} + +sub get_num_ipt_rules { + my $self = shift; + return 0 if defined $self->{_disable}; + my $ipt_rules = 1; + if ("$self->{_log}" eq 'enable') { + $ipt_rules++; + } + if (defined $self->{_proto} && $self->{_proto} eq 'tcp_udp') { + $ipt_rules++; + $ipt_rules++ if $self->{_log} eq 'enable'; + } + return $ipt_rules; +} + +sub get_log_prefix { + my ($rule_num, $jump_target, $type) = @_; + + # In iptables it allows a 29 character log_prefix, but we ideally + # want to include "[nat-$type-$num-$target] " + # 4 4 4 7 = 19 + # so no truncation is needed. + my $log_prefix = "[NAT-$type-$rule_num-$jump_target] "; + return $log_prefix; +} + +sub output_xml_elem { + my ($name, $value, $fh) = @_; + print $fh " <$name>$value</$name>\n"; +} + + +1; + |