diff -r d3b0cd061f26 -r 5b59ba9c9113 insertRules
--- a/insertRules	Fri Jan 16 21:10:58 2009 +0100
+++ b/insertRules	Mon Aug 26 16:03:33 2013 +0200
@@ -19,13 +19,19 @@
 #use constant O  => { chain => "ipac~o", parent => "INPUT", iface => "--out" };
 
 my %TARGETS = (
-    "ipac~fi" => { chain => "ipac~fi", parent => "FORWARD", iface => "--in-interface" },
-    "ipac~fo" => { chain => "ipac~fo", parent => "FORWARD", iface => "--out-interface" },
-    "ipac~i" => { chain => "ipac~i", parent => "OUTPUT", iface => "--out-interface" },
-    "ipac~o" => { chain => "ipac~o", parent => "INPUT", iface => "--in-interface" },
+    "ipac~fi" =>
+      { chain => "ipac~fi", parent => "FORWARD", iface => "--in-interface" },
+    "ipac~fo" =>
+      { chain => "ipac~fo", parent => "FORWARD", iface => "--out-interface" },
+    "ipac~i" =>
+      { chain => "ipac~i", parent => "OUTPUT", iface => "--out-interface" },
+    "ipac~o" =>
+      { chain => "ipac~o", parent => "INPUT", iface => "--in-interface" },
 );
 
-use constant FILE => $ENV{IPAC_RULES} ? $ENV{IPAC_RULES} : "/etc/ipac-ng/rules.conf";
+use constant FILE => $ENV{IPAC_RULES}
+  ? $ENV{IPAC_RULES}
+  : "/etc/ipac-ng/rules.conf";
 
 use constant CONFIG => (
     { CASE => 1 },
@@ -34,7 +40,7 @@
 );
 
 my $Cf = new AppConfig CONFIG or die;
-   $Cf->getopt or die;
+$Cf->getopt or die;
 
 sub checkTarget($);
 sub insertTarget($);
@@ -43,108 +49,108 @@
 sub expand($);
 
 MAIN: {
-    my @cmds; 
+    my @cmds;
 
     # Check, if our rules exist
     foreach (keys %TARGETS) {
-	checkTarget($TARGETS{$_})
-	    or push @cmds, insertTarget($TARGETS{$_});
+        checkTarget($TARGETS{$_})
+          or push @cmds, insertTarget($TARGETS{$_});
 
-	push @cmds, cleanTarget($TARGETS{$_});
+        push @cmds, cleanTarget($TARGETS{$_});
     }
-    
-    
+
     my ($iptables, $rules) = parseConfig(FILE);
     push @cmds, @$iptables;
 
-
     foreach (@cmds) {
-	print "@$_\n" if $Cf->verbose or $Cf->nothing;
-	next if $Cf->nothing;
-	system @$_ and do {
-	    warn "FAILED: @$_\n" if not $Cf->verbose;
-	};
+        print "@$_\n" if $Cf->verbose or $Cf->nothing;
+        next if $Cf->nothing;
+        system @$_ and do {
+            warn "FAILED: @$_\n" if not $Cf->verbose;
+        };
     }
 
     if (!$Cf->nothing) {
-	open(RUNFILE, $_ = ">/var/run/ipac.rules") or die "Can't open $_: $!\n";
-	print RUNFILE join "\n", @$rules;
-	close(RUNFILE);
+        open(RUNFILE, $_ = ">/var/run/ipac.rules") or die "Can't open $_: $!\n";
+        print RUNFILE join "\n", @$rules;
+        close(RUNFILE);
     }
 }
 
 {
     my $dump;
-sub checkTarget($) {
-    my $target = shift;
+
+    sub checkTarget($) {
+        my $target = shift;
 
-    if (!$dump) {
-	open(X, "iptables-save|") or die "Can't open iptables-save: $!\n";
-	$dump = join "", grep /^:/, <X>;
-	close(X);
+        if (!$dump) {
+            open(X, "iptables-save|") or die "Can't open iptables-save: $!\n";
+            $dump = join "", grep /^:/, <X>;
+            close(X);
+        }
+
+        return $dump =~ /^:$target->{chain}/m
+
     }
-
-    return $dump =~ /^:$target->{chain}/m
-
-} }
+}
 
 sub insertTarget($) {
     my $target = shift;
 
     return (
-	["iptables", "--new-chain" => $target->{chain}],
-	["iptables", 
-	    "--insert" => $target->{parent}, 
-	    "--jump" => $target->{chain}]
-	);
+        ["iptables", "--new-chain" => $target->{chain}],
+        [
+            "iptables",
+            "--insert" => $target->{parent},
+            "--jump"   => $target->{chain}
+        ]
+    );
 }
 
 sub cleanTarget($) {
     my $target = shift;
-    return ["iptables",
-	"--flush" => $target->{chain}];
+    return ["iptables", "--flush" => $target->{chain}];
 }
 
 sub parseConfig($) {
     my (@iptables, @rules);
     my $file = shift;
-    local(@ARGV) = ($file);
+    local (@ARGV) = ($file);
 
-    die ME.": Can't open $file: $!\n" if not -r $file;
+    die ME . ": Can't open $file: $!\n" if not -r $file;
 
     @ARGV = ($file);
 
     # Read the config file and create the iptables statements
     while (<>) {
-	s/#.*//;
-	s/^\s*$//;
-	next unless $_;
+        s/#.*//;
+        s/^\s*$//;
+        next unless $_;
 
-	chomp;
-
+        chomp;
 
-	my (%src, %dst);
-	(my ($name, $target, $iface, $proto), $src{ip}, $dst{ip}) 
-		= split /\s*\|\s*/, $_;
+        my (%src, %dst);
+        (my ($name, $target, $iface, $proto), $src{ip}, $dst{ip}) =
+          split /\s*\|\s*/, $_;
 
-	# $src / $dst
-	foreach (\%src, \%dst) {
-	    @{$_}{qw/ip port/} = split /[:\s]/, $_->{ip};
-	}
-
+        # $src / $dst
+        foreach (\%src, \%dst) {
+            @{$_}{qw/ip port/} = split /[:\s]/, $_->{ip};
+        }
 
-	my @cmd = ("iptables", 
-	    "--append" => $target, 
-	    $TARGETS{$target}->{iface} => $iface,
-	    "--src" => expand($src{ip}),
-	    "--dst" => expand($dst{ip}),
-	    "--proto" => expand($proto),
-	    $src{port} ? ("--sport" => $src{port}) : (),
-	    $dst{port} ? ("--dport" => $dst{port}) : (),
-	);
+        my @cmd = (
+            "iptables",
+            "--append"                 => $target,
+            $TARGETS{$target}->{iface} => $iface,
+            "--src"                    => expand($src{ip}),
+            "--dst"                    => expand($dst{ip}),
+            "--proto"                  => expand($proto),
+            $src{port} ? ("--sport" => $src{port}) : (),
+            $dst{port} ? ("--dport" => $dst{port}) : (),
+        );
 
-	push @iptables, \@cmd;
-	push @rules, "$target|$name";
+        push @iptables, \@cmd;
+        push @rules,    "$target|$name";
     }
 
     return \@iptables, \@rules;