+my $macros;
+sub get_shorewall_macros {
+
+ return $macros if $macros;
+
+ foreach my $path (</usr/share/shorewall/macro.*>) {
+ if ($path =~ m|/macro\.(\S+)$|) {
+ $macros->{$1} = 1;
+ }
+ }
+ return $macros;
+}
+
+
+my $rule_format = "%-15s %-15s %-15s %-15s %-15s %-15s\n";
+
+my $generate_input_rule = sub {
+ my ($zoneinfo, $rule, $net, $netid) = @_;
+
+ die "not implemented" if $rule->{source} ne 'any';
+ die "not implemented" if $rule->{dest} ne 'any';
+
+ my $zone = $net->{zone} || die "internal error";
+ my $zid = $zoneinfo->{$zone}->{id} || die "internal error";
+ my $tap = $net->{tap} || die "internal error";
+
+ my $action = $rule->{service} ?
+ "$rule->{service}($rule->{action})" : $rule->{action};
+
+ return sprintf($rule_format, $action, $rule->{source}, "$zid:$tap",
+ $rule->{proto} || '-', $rule->{dport} || '-', $rule->{sport} || '-');
+};
+
+my $generate_output_rule = sub {
+ my ($zoneinfo, $rule, $net, $netid) = @_;
+
+ die "not implemented" if $rule->{source} ne 'any';
+ die "not implemented" if $rule->{dest} ne 'any';
+
+ my $zone = $net->{zone} || die "internal error";
+ my $zid = $zoneinfo->{$zone}->{id} || die "internal error";
+ my $tap = $net->{tap} || die "internal error";
+
+ my $action = $rule->{service} ?
+ "$rule->{service}($rule->{action})" : $rule->{action};
+
+ return sprintf($rule_format, $action, "$zid:$tap", $rule->{dest},
+ $rule->{proto} || '-', $rule->{dport} || '-', $rule->{sport} || '-');
+};
+