Implement 'show bl'

Signed-off-by: Tom Eastep <teastep@shorewall.net>
This commit is contained in:
Tom Eastep 2014-06-18 13:27:25 -07:00
parent ac4bf15606
commit 6ad9b95351
3 changed files with 77 additions and 3 deletions

View File

@ -271,6 +271,19 @@ show_classifiers() {
} }
#
# Display blacklist chains
#
show_bl() {
$g_tool -L $g_ipt_options | \
awk 'BEGIN {prnt=0; };
/^$/ {if (prnt == 1) print ""; prnt=0; };
/Chain .*~ / {prnt=1; };
/Chain dynamic / {prnt=1; };
{if (prnt == 1) print; };
END {if (prnt == 1 ) print "" };'
}
# #
# Watch the Firewall Log # Watch the Firewall Log
# #
@ -1189,7 +1202,13 @@ show_command() {
echo "$g_product $SHOREWALL_VERSION events at $g_hostname - $(date)" echo "$g_product $SHOREWALL_VERSION events at $g_hostname - $(date)"
echo echo
show_events show_events
;; ;;
bl|blacklists)
[ $# -gt 1 ] && usage 1
echo "$g_product $SHOREWALL_VERSION blacklist chains at $g_hostname - $(date)"
echo
show_bl;
;;
*) *)
case "$g_program" in case "$g_program" in
*-lite) *-lite)
@ -3531,6 +3550,7 @@ usage() # $1 = exit status
echo " [ show | list | ls ] [ -b ] [ -x ] [ -t {filter|mangle|nat} ] [ {chain [<chain> [ <chain> ... ]" echo " [ show | list | ls ] [ -b ] [ -x ] [ -t {filter|mangle|nat} ] [ {chain [<chain> [ <chain> ... ]"
echo " [ show | list | ls ] [ -f ] capabilities" echo " [ show | list | ls ] [ -f ] capabilities"
echo " [ show | list | ls ] arptables" echo " [ show | list | ls ] arptables"
echo " [ show | list | ls ] {bl|blacklists}"
echo " [ show | list | ls ] classifiers" echo " [ show | list | ls ] classifiers"
echo " [ show | list | ls ] config" echo " [ show | list | ls ] config"
echo " [ show | list | ls ] connections" echo " [ show | list | ls ] connections"

View File

@ -507,6 +507,20 @@
<arg choice="opt"><replaceable>filename</replaceable></arg> <arg choice="opt"><replaceable>filename</replaceable></arg>
</cmdsynopsis> </cmdsynopsis>
<cmdsynopsis>
<command>shorewall</command>
<arg choice="opt"><option>trace</option>|<option>debug</option></arg>
<arg>-<replaceable>options</replaceable></arg>
<arg choice="opt"><option>show | list | ls </option></arg>
<arg><option>-x</option></arg>
<arg choice="plain"><option>{bl|blacklists}</option></arg>
</cmdsynopsis>
<cmdsynopsis> <cmdsynopsis>
<command>shorewall</command> <command>shorewall</command>
@ -1474,6 +1488,19 @@
</listitem> </listitem>
</varlistentry> </varlistentry>
<varlistentry>
<term><emphasis role="bold">bl|blacklists</emphasis></term>
<listitem>
<para>Added in Shorewall 4.6.2. Displays the dynamic chain
along with any chains produced by entries in
shorewall-blrules(5).The <emphasis role="bold">-x</emphasis>
option is passed directly through to iptables and causes
actual packet and byte counts to be displayed. Without this
option, those counts are abbreviated.</para>
</listitem>
</varlistentry>
<varlistentry> <varlistentry>
<term><emphasis role="bold">capabilities</emphasis></term> <term><emphasis role="bold">capabilities</emphasis></term>

View File

@ -123,7 +123,7 @@
</cmdsynopsis> </cmdsynopsis>
<cmdsynopsis> <cmdsynopsis>
<command>shorewall</command> <command>shorewall6</command>
<arg <arg
choice="opt"><option>trace</option>|<option>debug</option><arg><option>nolock</option></arg></arg> choice="opt"><option>trace</option>|<option>debug</option><arg><option>nolock</option></arg></arg>
@ -166,7 +166,7 @@
</cmdsynopsis> </cmdsynopsis>
<cmdsynopsis> <cmdsynopsis>
<command>shorewall</command> <command>shorewall6</command>
<arg <arg
choice="opt"><option>trace</option>|<option>debug</option><arg><option>nolock</option></arg></arg> choice="opt"><option>trace</option>|<option>debug</option><arg><option>nolock</option></arg></arg>
@ -452,6 +452,20 @@
<arg choice="opt"><replaceable>filename</replaceable></arg> <arg choice="opt"><replaceable>filename</replaceable></arg>
</cmdsynopsis> </cmdsynopsis>
<cmdsynopsis>
<command>shorewall6</command>
<arg choice="opt"><option>trace</option>|<option>debug</option></arg>
<arg>-<replaceable>options</replaceable></arg>
<arg choice="opt"><option>show | list | ls </option></arg>
<arg><option>-x</option></arg>
<arg choice="plain"><option>{bl|blacklists}</option></arg>
</cmdsynopsis>
<cmdsynopsis> <cmdsynopsis>
<command>shorewall6</command> <command>shorewall6</command>
@ -1355,6 +1369,19 @@
</listitem> </listitem>
</varlistentry> </varlistentry>
<varlistentry>
<term><emphasis role="bold">bl|blacklists</emphasis></term>
<listitem>
<para>Added in Shorewall 4.6.2. Displays the dynamic chain
along with any chains produced by entries in
shorewall-blrules(5).The <emphasis role="bold">-x</emphasis>
option is passed directly through to ip6tables and causes
actual packet and byte counts to be displayed. Without this
option, those counts are abbreviated.</para>
</listitem>
</varlistentry>
<varlistentry> <varlistentry>
<term><emphasis role="bold">capabilities</emphasis></term> <term><emphasis role="bold">capabilities</emphasis></term>