From 14ff3ce293cea9f4cba8eb20ee21d44c2f4dac25 Mon Sep 17 00:00:00 2001
From: Jamie Cameron <jcameron@webmin.com>
Date: Tue, 3 Jul 2012 16:25:08 -0700
Subject: [PATCH] new page for routing rules
 https://sourceforge.net/tracker/index.php?func=detail&aid=3539503&group_id=17457&atid=117457#

---
 shorewall/CHANGELOG              |   2 ++
 shorewall/images/route_rules.gif | Bin 0 -> 315 bytes
 shorewall/lang/en                |  27 ++++++++++++++++
 shorewall/shorewall-lib.pl       |  54 ++++++++++++++++++++++++++++++-
 4 files changed, 82 insertions(+), 1 deletion(-)
 create mode 100644 shorewall/images/route_rules.gif

diff --git a/shorewall/CHANGELOG b/shorewall/CHANGELOG
index 65f66b9c7..6058c6318 100644
--- a/shorewall/CHANGELOG
+++ b/shorewall/CHANGELOG
@@ -41,3 +41,5 @@ Blacklist rules can now match any host.
 Added a button to create a shorewall dump, thanks to a patch by Paul Gear.
 ---- Changes since 1.500 ----
 New rules are added after the SECTION NEW line, if there is one.
+---- Changes since 1.590 ----
+Added a new page for editing routing rules.
diff --git a/shorewall/images/route_rules.gif b/shorewall/images/route_rules.gif
new file mode 100644
index 0000000000000000000000000000000000000000..d9e6090f7f331a56f080c263ccbc5441208adaeb
GIT binary patch
literal 315
zcmV-B0mS}CNk%w1VK4wN0KxzO|NsBY%*+4)0GXMY`V&A=QTqS@00000A^8LW00000
zEC2ui05AYB000C22)f+<Fv>tHmCai0g7{#-EgtxZBWa!~P?~7_hVm-J>CEOfKI*sH
z%E!@EWJY3Z$(#%V&*-Hnl`0?5Y;_vZdY{(}bU-eHF%+|z+ibfX<agXn0L<HWCSjjv
z_EUR-19F3Oc7=F|O?7`Qjev)QZ;Xn5l@NiMdy#IBj+dV!YNMoP3Z<x*si&!}rEd?O
z5Pb!;wzs&sy1TcWunV#c1-`$;7{kF!$qUG!oz4%<#lX-G($mHg*VD@i+r`}g-`FYR
zZAoFw*-b#{-s?>59Ompj^YBaZ$M`}p_u*ZV{HsPT8owV~&OpFL5KY1?VQc~HFlH1R
NYX=L)s+0i$06VmQlaBxZ

literal 0
HcmV?d00001

diff --git a/shorewall/lang/en b/shorewall/lang/en
index cbafff3e3..19e8ef199 100644
--- a/shorewall/lang/en
+++ b/shorewall/lang/en
@@ -368,6 +368,33 @@ providers_enumber=Missing or invalid provider number
 providers_emark=Missing or invalid provider mark number
 providers_edup=Missing provider to duplicate
 providers_egateway=Missing or invalid gateway
+providers_return=list of routing providers
+
+route_rules_title=Routing Rules
+route_rules_desc=The page controls which traffic is routed to the providers defined on the Additional Routing Providers page.
+route_rules_ip=IP address, network or interface
+route_rules_add=Add a new routing rule.
+route_rules_none=No routing rules have been defined yet.
+route_rules_0=Traffic source
+route_rules_1=Traffic destination
+route_rules_2=Provider
+route_rules_3=Priority
+route_rules_4=Mark
+route_rules_header=Routing rule options
+route_rules_src=Traffic source
+route_rules_dst=Traffic destination
+route_rules_prov=Route via provider
+route_rules_main=Default routing table
+route_rules_pri=Rule priority
+route_rules_mark=Mark packet with
+route_rules_nomark=Nothing
+route_rules_esrc=Missing traffic source
+route_rules_edst=Missing traffic destination
+route_rules_epri=Rule priority must be a number
+route_rules_emark=Packet mark must be in number or number/mask format
+route_rules_return=list of routing rules
+route_rules_edit=Edit Routing Rule
+route_rules_create=Create Routing Rule
 
 manual_desc=This form can be used to manually edit the Shorewall file $1. Be careful, as no syntax checking will be done on the changes.
 manual_reset=Undo
diff --git a/shorewall/shorewall-lib.pl b/shorewall/shorewall-lib.pl
index a1098de34..83eb08d42 100755
--- a/shorewall/shorewall-lib.pl
+++ b/shorewall/shorewall-lib.pl
@@ -19,7 +19,8 @@ $shorewall_version = &get_shorewall_version(0);
 @shorewall_files = ( 'zones', 'interfaces', 'policy', 'rules', 'tos',
 	   	     'masq', 'nat', 'proxyarp', 'routestopped',
 	   	     'tunnels', 'hosts', 'blacklist',
-		     ( &version_atleast(2, 3) ? ( 'providers' ) : ( ) ),
+		     ( &version_atleast(2, 3) ? ( 'providers', 'route_rules' )
+					      : ( ) ),
 	   	     'params', 'shorewall.conf',
 );
 @comment_tables = ( 'masq', 'nat', 'rules', 'tcrules' );
@@ -1684,6 +1685,57 @@ return ( $in{'name'}, $in{'number'}, $in{'mark'},
 	 $in{'copy'} || "-" );
 }
 
+############################## route_rules ################################
+
+sub route_rules_row
+{
+return ( $_[0] eq "-" ? $text{'list_any'} : $_[0],
+	 $_[1] eq "-" ? $text{'list_any'} : $_[1],
+	 $_[2], $_[3], $_[4] );
+}
+
+sub route_rules_form
+{
+print "<tr> <td><b>$text{'route_rules_src'}</b></td>\n";
+print "<td>",&ui_opt_textbox("src", $_[0] eq "-" ? "" : $_[0],
+			     20, $text{'list_any'}, $text{'route_rules_ip'}),
+      "</td> </tr>\n";
+
+print "<tr> <td><b>$text{'route_rules_dst'}</b></td>\n";
+print "<td>",&ui_opt_textbox("dst", $_[1] eq "-" ? "" : $_[1],
+			     20, $text{'list_any'}, $text{'route_rules_ip'}),
+      "</td> </tr>\n";
+
+local @ptable = &read_table_file("providers", \&standard_parser);
+print "<tr> <td><b>$text{'route_rules_prov'}</b></td>\n";
+print "<td>",&ui_select("prov", $_[2] eq "254" ? "main" : $_[2],
+		[ [ "main", $text{'route_rules_main'} ],
+		  map { $_->[0] } @ptable ]),"</td> </tr>\n";
+
+print "<tr> <td><b>$text{'route_rules_pri'}</b></td>\n";
+print "<td>",&ui_textbox("pri", $_[3], 10),"</td> </tr>\n";
+
+print "<tr> <td><b>$text{'route_rules_mark'}</b></td>\n";
+print "<td>",&ui_opt_textbox("mark", $_[4] eq "-" ? $_[4] : "", 10,
+			     $text{'route_rules_nomark'}),"</td> </tr>\n";
+}
+
+sub route_rules_validate
+{
+$in{'src_def'} || $in{'src'} =~ /^\S+$/ || &error($text{'route_rules_esrc'});
+$in{'dst_def'} || $in{'dst'} =~ /^\S+$/ || &error($text{'route_rules_edst'});
+$in{'pri'} =~ /^\d+$/ || &error($text{'route_rules_epri'});
+$in{'mark_def'} || $in{'mark'} =~ /^\d+(\/\d+)?$/ ||
+	&error($text{'route_rules_emark'});
+return ( $in{'src_def'} ? "-" : $in{'src'},
+	 $in{'dst_def'} ? "-" : $in{'dst'},
+	 $in{'prov'},
+	 $in{'pri'},
+         $in{'mark_def'} ? ( ) : ( $in{'mark'} ) );
+}
+
+
+
 ################################ shorewall.conf ##################################
 
 sub conf_form