Merge branch 'master' of github.com:firehol/firehol

2024-06-28 18:02:33 +00:00 · 2015-11-13 00:29:05 +02:00 · 2015-11-13 00:29:05 +02:00 · 6c303b37de
commit 6c303b37de
parent a03049e7d4 e3cd023085
4 changed files with 310 additions and 58 deletions
--- a/configure.ac
+++ b/configure.ac
@ -120,7 +120,136 @@ AC_SUBST(FIREHOL_CONFIG_DIR)

 PATH=$PATH:/sbin:/usr/sbin

-AX_NEED_PROG([BRCTL], [brctl], [])
+dnl --- OUTPUT OF './packaging/gen-config-detect.pl sbin/*.in' BEGIN   ---
+AX_NEED_EGREP()
+AX_NEED_GREP()
+AX_NEED_SED()
+if test x"$enable_firehol" = xyes; then
+AC_MSG_NOTICE([Detecting commands for firehol])
+AX_NEED_PROG([CAT], [cat], [])
+AX_NEED_PROG([CHMOD], [chmod], [])
+AX_NEED_PROG([CHOWN], [chown], [])
+AX_NEED_PROG([CP], [cp], [])
+AX_NEED_PROG([CUT], [cut], [])
+AX_CHECK_PROG([DATE], [date], [])
+AX_NEED_PROG([EXPR], [expr], [])
+AX_NEED_PROG([FIND], [find], [])
+AX_NEED_PROG([FLOCK], [flock], [])
+AX_NEED_PROG([FOLD], [fold], [])
+AX_NEED_PROG([HEAD], [head], [])
+AX_CHECK_PROG([HOSTNAMECMD], [hostname], [])
+AX_CHECK_PROG([IP], [ip], [])
+if test x"$enable_ipv6" = xyes; then
+AX_CHECK_PROG([IP6TABLES], [ip6tables], [])
+fi
+if test x"$enable_ipv6" = xyes; then
+AX_CHECK_PROG([IP6TABLES_RESTORE], [ip6tables-restore], [])
+fi
+if test x"$enable_ipv6" = xyes; then
+AX_CHECK_PROG([IP6TABLES_SAVE], [ip6tables-save], [])
+fi
+AX_CHECK_PROG([IPSET], [ipset], [])
+if test x"$enable_ipv4" = xyes; then
+AX_CHECK_PROG([IPTABLES], [iptables], [])
+fi
+if test x"$enable_ipv4" = xyes; then
+AX_CHECK_PROG([IPTABLES_RESTORE], [iptables-restore], [])
+fi
+if test x"$enable_ipv4" = xyes; then
+AX_CHECK_PROG([IPTABLES_SAVE], [iptables-save], [])
+fi
+AX_NEED_PROG([LOGGER], [logger], [])
+AX_NEED_PROG([LS], [ls], [])
+AX_NEED_PROG([LSMOD], [lsmod], [])
+AX_NEED_PROG([MKDIR], [mkdir], [])
+AX_NEED_PROG([MKTEMP], [mktemp], [])
+AX_CHECK_PROG([MODPROBE], [modprobe], [-q])
+AX_CHECK_PROG([MODPROBE], [insmod], [])
+AX_NEED_PROG([MV], [mv], [])
+AX_CHECK_PROG([NFACCT], [nfacct], [])
+AX_CHECK_PROG([PAGER], [less], [])
+AX_CHECK_PROG([PAGER], [more], [])
+AX_CHECK_PROG([PAGER], [pager], [])
+AX_NEED_PROG([PAGER], [cat], [])
+AX_CHECK_PROG([RENICE], [renice], [])
+AX_NEED_PROG([RM], [rm], [])
+AX_NEED_PROG([SLEEP], [sleep], [])
+AX_NEED_PROG([SORT], [sort], [])
+AX_CHECK_PROG([SS], [ss], [])
+AX_CHECK_PROG([STTY], [stty], [])
+AX_NEED_PROG([SYSCTL], [sysctl], [])
+AX_NEED_PROG([TAIL], [tail], [])
+AX_NEED_PROG([TOUCH], [touch], [])
+AX_CHECK_PROG([TPUT], [tput], [])
+AX_NEED_PROG([TR], [tr], [])
+AX_NEED_PROG([UNAME], [uname], [])
+AX_NEED_PROG([UNIQ], [uniq], [])
+AX_NEED_PROG([WC], [wc], [])
+AX_CHECK_PROG([ZCAT], [gzcat], [])
+AX_CHECK_PROG([ZCAT], [gzip], [-dc])
+fi
+if test x"$enable_fireqos" = xyes; then
+AC_MSG_NOTICE([Detecting commands for fireqos])
+AX_NEED_PROG([CAT], [cat], [])
+AX_NEED_PROG([CUT], [cut], [])
+AX_NEED_PROG([DATE], [date], [])
+AX_NEED_PROG([FLOCK], [flock], [])
+AX_CHECK_PROG([GAWK], [gawk], [])
+AX_CHECK_PROG([GAWK], [awk], [])
+AX_NEED_PROG([IP], [ip], [])
+AX_NEED_PROG([LOGGER], [logger], [])
+AX_NEED_PROG([LS], [ls], [])
+AX_NEED_PROG([MKDIR], [mkdir], [])
+AX_CHECK_PROG([MODPROBE], [modprobe], [-q])
+AX_NEED_PROG([MODPROBE], [insmod], [])
+AX_NEED_PROG([MV], [mv], [])
+AX_NEED_PROG([RM], [rm], [])
+AX_NEED_PROG([RMMOD], [rmmod], [])
+AX_NEED_PROG([SEQ], [seq], [])
+AX_NEED_PROG([SLEEP], [sleep], [])
+AX_NEED_PROG([TAIL], [tail], [])
+AX_NEED_PROG([TC], [tc], [])
+AX_CHECK_PROG([TCPDUMP], [tcpdump], [])
+AX_NEED_PROG([TOUCH], [touch], [])
+AX_CHECK_PROG([TPUT], [tput], [])
+AX_NEED_PROG([TR], [tr], [])
+fi
+if test x"$enable_link_balancer" = xyes; then
+AC_MSG_NOTICE([Detecting commands for link-balancer])
+AX_NEED_PROG([CAT], [cat], [])
+AX_NEED_PROG([CHMOD], [chmod], [])
+AX_NEED_PROG([CHOWN], [chown], [])
+AX_NEED_PROG([CUT], [cut], [])
+AX_NEED_PROG([DIFF], [diff], [])
+AX_NEED_PROG([ENV], [env], [])
+AX_NEED_PROG([FLOCK], [flock], [])
+AX_CHECK_PROG([HEAD], [head], [])
+AX_NEED_PROG([IP], [ip], [])
+AX_CHECK_PROG([JQ], [jq], [])
+AX_NEED_PROG([LN], [ln], [])
+AX_NEED_PROG([LOGGER], [logger], [])
+AX_NEED_PROG([LS], [ls], [])
+AX_NEED_PROG([MKDIR], [mkdir], [])
+AX_NEED_PROG([MKTEMP], [mktemp], [])
+if test x"$enable_ipv4" = xyes; then
+AX_NEED_PROG([PING], [ping], [])
+fi
+if test x"$enable_ipv6" = xyes; then
+AX_NEED_PROG([PING6], [ping6], [])
+fi
+AX_NEED_PROG([RM], [rm], [])
+AX_CHECK_PROG([SCREEN], [screen], [])
+AX_NEED_PROG([SLEEP], [sleep], [])
+AX_NEED_PROG([SORT], [sort], [])
+AX_NEED_PROG([TOUCH], [touch], [])
+AX_CHECK_PROG([TPUT], [tput], [])
+AX_NEED_PROG([TR], [tr], [])
+AX_NEED_PROG([TRACEROUTE], [traceroute], [])
+AX_CHECK_PROG([WGET], [wget], [])
+AX_CHECK_PROG([WHOIS], [whois], [])
+fi
+if test x"$enable_update_ipsets" = xyes; then
+AC_MSG_NOTICE([Detecting commands for update-ipsets])
 AX_NEED_PROG([CAT], [cat], [])
 AX_NEED_PROG([CHMOD], [chmod], [])
 AX_NEED_PROG([CHOWN], [chown], [])
@ -130,80 +259,51 @@ AX_NEED_PROG([CUT], [cut], [])
 AX_NEED_PROG([DATE], [date], [])
 AX_NEED_PROG([DIFF], [diff], [])
 AX_NEED_PROG([DIRNAME], [dirname], [])
-AX_NEED_PROG([ENV], [env], [])
-AX_NEED_PROG([EXPR], [expr], [])
 AX_NEED_PROG([FIND], [find], [])
 AX_NEED_PROG([FLOCK], [flock], [])
 AX_NEED_PROG([FOLD], [fold], [])
-AX_NEED_PROG([FUNZIP], [funzip], [])
+AX_CHECK_PROG([FUNZIP], [funzip], [])
 AX_CHECK_PROG([GAWK], [gawk], [])
-AX_CHECK_PROG([GAWK], [mawk], [])
-AX_CHECK_PROG([GAWK], [nawk], [])
 AX_NEED_PROG([GAWK], [awk], [])
-AX_NEED_GREP()
 AX_CHECK_PROG([GIT], [git], [])
-AX_NEED_EGREP()
-AX_NEED_PROG([HEAD], [head], [])
-AX_NEED_PROG([HOST], [host], [])
-AX_NEED_PROG([HOSTNAME_CMD], [hostname], [])
-AX_CHECK_PROG([MODPROBE], [modprobe], [-q])
-AX_NEED_PROG([MODPROBE], [insmod], [])
-AX_NEED_PROG([RMMOD], [rmmod], [])
-AX_NEED_PROG([IP6TABLES], [ip6tables], [])
-AX_NEED_PROG([IP], [ip], [])
-AX_NEED_PROG([IP6TABLES_RESTORE], [ip6tables-restore], [])
-AX_NEED_PROG([IP6TABLES_SAVE], [ip6tables-save], [])
-AX_NEED_PROG([IPTABLES], [iptables], [])
-AX_NEED_PROG([IPTABLES_RESTORE], [iptables-restore], [])
-AX_NEED_PROG([IPTABLES_SAVE], [iptables-save], [])
-AX_CHECK_PROG([JQ], [jq], [])
+AX_NEED_PROG([IPSET], [ipset], [])
 AX_NEED_PROG([LN], [ln], [])
 AX_NEED_PROG([LOGGER], [logger], [])
 AX_NEED_PROG([LS], [ls], [])
-AX_NEED_PROG([LSMOD], [lsmod], [])
 AX_NEED_PROG([MKDIR], [mkdir], [])
 AX_NEED_PROG([MKTEMP], [mktemp], [])
 AX_NEED_PROG([MV], [mv], [])
-AX_CHECK_PROG([NEATO], [neato], [])
-AX_CHECK_PROG([PAGER], [pager], [])
-AX_CHECK_PROG([PAGER], [less], [])
-AX_CHECK_PROG([PAGER], [more], [])
-AX_NEED_PROG([PAGER], [cat], [])
 AX_CHECK_PROG([RENICE], [renice], [])
 AX_NEED_PROG([RM], [rm], [])
-AX_NEED_SED()
-AX_NEED_PROG([SEQ], [seq], [])
-AX_CHECK_PROG([SH], [sh], [])
-AX_CHECK_PROG([SH], [bash], [])
-AX_NEED_PROG([SH], [ksh], [])
 AX_NEED_PROG([SORT], [sort], [])
-AX_NEED_PROG([SLEEP], [sleep], [])
-AX_NEED_PROG([SS], [ss], [])
-AX_NEED_PROG([SYSCTL], [sysctl], [])
 AX_NEED_PROG([TAIL], [tail], [])
 AX_NEED_PROG([TAR], [tar], [])
 AX_NEED_PROG([TOUCH], [touch], [])
-AX_NEED_PROG([TR], [tr], [])
-AX_NEED_PROG([UNAME], [uname], [])
-AX_NEED_PROG([UNIQ], [uniq], [])
-AX_NEED_PROG([UNZIP], [unzip], [])
-AX_CHECK_PROG([ZCAT], [gzcat], [])
-AX_CHECK_PROG([ZCAT], [gunzip], [-c])
-AX_NEED_PROG([ZCAT], [gzip], [-d -c])
-AX_CHECK_PROG([NFACCT], [nfacct], [])
-AX_CHECK_PROG([IPSET], [ipset], [])
-AX_NEED_PROG([STTY], [stty], [])
 AX_CHECK_PROG([TPUT], [tput], [])
+AX_NEED_PROG([TR], [tr], [])
+AX_CHECK_PROG([UNZIP], [unzip], [])
 AX_NEED_PROG([WC], [wc], [])
-AX_NEED_PROG([HOSTNAMECMD], [hostname], [])
-AX_NEED_PROG([TC], [tc], [])
-AX_CHECK_PROG([TCPDUMP], [tcpdump], [])
-AX_NEED_PROG([PING], [ping], [])
-AX_NEED_PROG([PING6], [ping6], [])
-AX_NEED_PROG([TRACEROUTE], [traceroute], [])
-AX_CHECK_PROG([SCREEN], [screen], [])
-AX_CHECK_PROG([WGET], [wget], [])
-AX_CHECK_PROG([WHOIS], [whois], [])
+AX_CHECK_PROG([ZCAT], [gzcat], [])
+AX_NEED_PROG([ZCAT], [gzip], [-dc])
+fi
+if test x"$enable_vnetbuild" = xyes; then
+AC_MSG_NOTICE([Detecting commands for vnetbuild])
+AX_NEED_PROG([BRCTL], [brctl], [])
+AX_NEED_PROG([CAT], [cat], [])
+AX_NEED_PROG([CUT], [cut], [])
+AX_NEED_PROG([FIND], [find], [])
+AX_NEED_PROG([IP], [ip], [])
+AX_NEED_PROG([MKDIR], [mkdir], [])
+AX_NEED_PROG([MKTEMP], [mktemp], [])
+AX_CHECK_PROG([NEATO], [neato], [])
+AX_NEED_PROG([RM], [rm], [])
+AX_CHECK_PROG([SH], [sh], [])
+AX_CHECK_PROG([SH], [bash], [])
+AX_NEED_PROG([SH], [ksh], [])
+AX_NEED_PROG([SLEEP], [sleep], [])
+AX_NEED_PROG([TR], [tr], [])
+fi
+dnl --- OUTPUT OF './packaging/gen-config-detect.pl sbin/*.in' END   ---

 AUTOCONF_RUN=Y
 AC_SUBST(AUTOCONF_RUN)
@ -228,7 +328,7 @@ AC_CHECK_HEADERS(sys/time.h,,AC_MSG_ERROR(sys/time.h missing))
 AC_CHECK_FUNC(htonl,,AC_MSG_ERROR(htonl() not found))
 else
 dnl Try and detect it on the system anyway
-AX_CHECK_PROG([IPRANGE], [iprange], [])
+AX_NEED_PROG([IPRANGE], [iprange], [])

 dnl Horrible but how else to make the compiler completely optional?
 AM_CONDITIONAL([AMDEP], false)
--- a/packaging/gen-config-detect.pl
+++ b/packaging/gen-config-detect.pl
@ -0,0 +1,152 @@
+#!/usr/bin/perl -w
+
+use strict;
+use Data::Dumper;
+use File::Basename;
+
+if (@ARGV == 0) {
+  print "Usage: ./packaging/gen-config-detect.pl sbin/file.in ...\n";
+  print "\n";
+  print "Generates the configure.ac content for detecting commands\n";
+  exit 0;
+}
+
+my %options_for_command;
+my %scripts_for_command;
+my %scripts = ();
+
+while (<>) {
+  next unless $ARGV =~ /\.in$/;
+  next if $ARGV eq "Makefile.in";
+
+  my $required;
+  my $conf_cmd;
+  my $options;
+  if (/^([YN])[|][^|]+[|]@([^|]+)@[|](.*)/) {
+    $required = $1;
+    $conf_cmd = $2;
+    $options = $3;
+  } else {
+    next;
+  }
+
+  my $script = $ARGV;
+  $script =~ s/\.in$//;
+  $script =~ s/-/_/g;
+  $script =~ s/.*\///g;
+  $scripts{$script} = 1;
+
+# print STDERR "$conf_cmd-$options\n";
+
+
+  if ($options_for_command{$conf_cmd}
+      and $options_for_command{$conf_cmd} ne $options) {
+    die "$ARGV: $conf_cmd defined differently to " .
+          join("/", sort(keys(%{$scripts_for_command{$conf_cmd}}))) . "\n";
+  }
+
+  $options_for_command{$conf_cmd} = $options;
+  if ($scripts_for_command{$conf_cmd}{$script}) {
+    die "$ARGV: duplicate definition of $conf_cmd\n";
+  }
+  $scripts_for_command{$conf_cmd}{$script} = $required;
+}
+
+my %special = (
+              SED => "AX_NEED_SED()",
+              GREP => "AX_NEED_GREP()",
+              EGREP => "AX_NEED_EGREP()",
+              IPRANGE => "",
+              );
+
+my %ipv = (
+           IPTABLES => 4,
+           IPTABLES_RESTORE => 4,
+           IPTABLES_SAVE => 4,
+           PING => 4,
+           IP6TABLES => 6,
+           IP6TABLES_RESTORE => 6,
+           IP6TABLES_SAVE => 6,
+           PING6 => 6,
+          );
+
+print "dnl --- OUTPUT OF './packaging/gen-config-detect.pl sbin/*.in' BEGIN   ---\n";
+foreach my $special (sort(values(%special))) {
+  print $special . "\n" if ($special);
+}
+
+foreach my $s (sort(keys(%scripts))) {
+  print "if test x\"\$enable_$s\" = xyes; then\n";
+  my $n = $s; $n =~ s/_/-/g;
+  print "AC_MSG_NOTICE([Detecting commands for $n])\n";
+
+
+  foreach my $c (sort(keys(%options_for_command))) {
+    my @options = split_options($options_for_command{$c});
+    my $required = $scripts_for_command{$c}{$s};
+    if ($required and $options[$#options] eq ":") {
+      $required = "M";
+      pop @options;
+    }
+
+    if ($required) {
+      if (defined($special{$c})) {
+        # Already handled
+      } else {
+        my $i = 0;
+        #print "-- $options_for_command{$c} " . join('/', @options) . "\n";
+        if ($ipv{$c}) {
+          print "if test x\"\$enable_ipv$ipv{$c}\" = xyes; then\n";
+        }
+        while ($i < @options) {
+          if ($required eq "Y" and $i == $#options) {
+            print "AX_NEED_PROG";
+          } else {
+            print "AX_CHECK_PROG";
+          }
+          my ($cmd, $args) = split / /, $options[$i];
+          $args = "" unless defined($args);
+          print "([$c], [$cmd], [$args])\n";
+          $i++;
+        }
+        if ($ipv{$c}) {
+          print "fi\n";
+        }
+      }
+    } else {
+      # Command not used by this script
+    }
+  }
+
+  print "fi\n";
+}
+print "dnl --- OUTPUT OF './packaging/gen-config-detect.pl sbin/*.in' END   ---\n";
+
+sub split_options {
+  my $line = shift;
+
+  my @fields = split / /, $line;
+
+  my @output = ();
+
+  while (@fields) {
+    my $f = shift @fields;
+    if ($f =~ /^'/) {
+      while ($f !~ /'$/ and @fields) {
+        $f .= " ";
+        $f .= shift @fields;
+      }
+      $f =~ s/^'//;
+      $f =~ s/'$//;
+    } elsif ($f =~ /^"/) {
+      while ($f !~ /"$/ and @fields) {
+        $f .= " ";
+        $f .= shift @fields;
+      }
+      $f =~ s/^"//;
+      $f =~ s/"$//;
+    }
+    push @output, $f;
+  }
+  return @output;
+}
--- a/sbin/firehol.in
+++ b/sbin/firehol.in
@ -999,7 +999,7 @@ Y|CAT_CMD|@CAT@|cat
 Y|CUT_CMD|@CUT@|cut
 Y|CHOWN_CMD|@CHOWN@|chown
 Y|CHMOD_CMD|@CHMOD@|chmod
-Y|EGREP_CMD|@EGREP@|egrep
+Y|EGREP_CMD|@EGREP@|egrep 'grep -E'
 Y|EXPR_CMD|@EXPR@|expr
 Y|FIND_CMD|@FIND@|find
 Y|FOLD_CMD|@FOLD@|fold
--- a/sbin/update-ipsets.in
+++ b/sbin/update-ipsets.in
@ -279,7 +279,7 @@ done <<-!
 Y|IPRANGE_CMD|@IPRANGE@|iprange
 Y|DIRNAME_CMD|@DIRNAME@|dirname
 Y|TAIL_CMD|@TAIL@|tail
-Y|RENICE_CMD|@RENICE@|dirname
+Y|RENICE_CMD|@RENICE@|renice :
 Y|ZCAT_CMD|@ZCAT@|gzcat "gzip -dc"
 Y|DATE_CMD|@DATE@|date
 Y|DIFF_CMD|@DIFF@|diff