extern/shorewall_code
1
0
Fork 1
mirror of https://gitlab.com/shorewall/code.git synced 2025-06-24 11:41:26 +02:00
Code Issues Packages Projects Releases Wiki Activity

Modify lib.cli to run the 'add' and 'delete' to allow the zone name to come first

Browse Source 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
This commit is contained in:
Tom Eastep 2012-10-06 09:22:14 -07:00
parent c228668500
commit 8091ad6c70
1 changed files with 133 additions and 76 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

79
Shorewall-core/lib.cli
View File

@ -1595,12 +1595,18 @@ add_command() {
[ -n "$(mywhich $IPSET)" ] || fatal_error "The $IPSET utility cannot be located" [ -n "$(mywhich $IPSET)" ] || fatal_error "The $IPSET utility cannot be located"
;; ;;
esac esac
#
# Normalize host list case $1 in
# *:*)
while [ $# -gt 1 ]; do while [ $# -gt 1 ]; do
if $g_family -eq 4; then
interface=${1%%:*} interface=${1%%:*}
host=${1#*:} host=${1#*:}
else
interface=${1%%|*}
host=${1#*|}
fi
[ "$host" = "$1" ] && host= [ "$host" = "$1" ] && host=
if [ -z "$host" ]; then if [ -z "$host" ]; then
@ -1617,9 +1623,22 @@ add_command() {
shift shift
done done
;;
*)
ipset=$1
shift
while [ $# -gt 0 ]; do
for h in $(separate_list $1); do
hostlist="$hostlist $h"
done
shift
done
;;
esac
zone=$1 zone=$1
if [ -n "$zone" ]; then
for host in $hostlist; do for host in $hostlist; do
if [ $g_family -eq 4 ]; then if [ $g_family -eq 4 ]; then
interface=${host%:*} interface=${host%:*}
@ -1641,7 +1660,17 @@ add_command() {
fatal_error "Unable to add $interface:$host to zone $zone" fatal_error "Unable to add $interface:$host to zone $zone"
fi fi
done done
else
qt $IPSET -L $ipset -n || fatal_error "Zone $ipset is not dynamic"
for host in $hostlist; do
if $IPSET -A $ipset $host; then
echo "Host $host added to zone $ipset"
else
fatal_error "Unable to add $host to zone $ipset"
fi
done
fi
} }
# #
@ -1662,12 +1691,17 @@ delete_command() {
;; ;;
esac esac
# case $1 in
# Normalize host list *:*)
#
while [ $# -gt 1 ]; do while [ $# -gt 1 ]; do
if $g_family -eq 4; then
interface=${1%%:*} interface=${1%%:*}
host=${1#*:} host=${1#*:}
else
interface=${1%%|*}
host=${1#*|}
fi
[ "$host" = "$1" ] && host= [ "$host" = "$1" ] && host=
if [ -z "$host" ]; then if [ -z "$host" ]; then
@ -1684,23 +1718,36 @@ delete_command() {
shift shift
done done
;;
*)
ipset=$1
shift
while [ $# -gt 0 ]; do
for h in $(separate_list $1); do
hostlist="$hostlist $h"
done
shift
done
;;
esac
zone=$1 zone=$1
for hostent in $hostlist; do if [ -n "$zone" ]; then
for host in $hostlist; do
if [ $g_family -eq 4 ]; then if [ $g_family -eq 4 ]; then
interface=${hostent%:*} interface=${host%:*}
ipset=${zone}_${interface}; ipset=${zone}_${interface};
else else
interface=${hostent%%:*} interface=${host%%:*}
ipset=6_${zone}_${interface}; ipset=6_${zone}_${interface};
fi fi
if ! qt $IPSET -L $ipset -n; then if ! qt $IPSET -L $ipset -n; then
fatal_error "Zone $zone, interface $interface is does not have a dynamic host list" fatal_error "Zone $zone, interface $interface does not have a dynamic host list"
fi fi
host=${hostent#*:} host=${host#*:}
if $IPSET -D $ipset $host; then if $IPSET -D $ipset $host; then
echo "Host $hostent deleted from zone $zone" echo "Host $hostent deleted from zone $zone"
@ -1708,7 +1755,17 @@ delete_command() {
echo " WARNING: Unable to delete host $hostent to zone $zone" >&2 echo " WARNING: Unable to delete host $hostent to zone $zone" >&2
fi fi
done done
else
qt $IPSET -L $ipset -n || fatal_error "Zone $ipset is not dynamic"
for host in $hostlist; do
if $IPSET -D $ipset $host; then
echo "Host $host deleted from to zone $ipset"
else
echo " WARNING: Unable to delete host $host from zone $zone" >&2
fi
done
fi
} }
# #