Move 'allow' processing to lib.cli

git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@5019 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb

Shorewall-lite/shorewall-lite

@@ -730,42 +730,7 @@ case "$COMMAND" in
 	fi
 	;;
     allow)
-	[ -n "$debugging" ] && set -x
+	allow_command $@
-	[ $# -eq 1 ] && usage 1
-	if shorewall_is_started ; then
-	    mutex_on
-	    while [ $# -gt 1 ]; do
-		shift
-		case $1 in
-		    *-*)
-			if  qt $IPTABLES -D dynamic -m iprange --src-range $1 -j reject    ||\
-			    qt $IPTABLES -D dynamic -m iprange --src-range $1 -j DROP      ||\
-			    qt $IPTABLES -D dynamic -m iprange --src-range $1 -j logdrop   ||\
-			    qt $IPTABLES -D dynamic -m iprange --src-range $1 -j logreject
-			then
-			    echo "$1 Allowed"
-			else
-			    echo "$1 Not Dropped or Rejected"
-			fi
-			;;
-		    *)
-			if  qt $IPTABLES -D dynamic -s $1 -j reject    ||\
-			    qt $IPTABLES -D dynamic -s $1 -j DROP      ||\
-			    qt $IPTABLES -D dynamic -s $1 -j logdrop   ||\
-			    qt $IPTABLES -D dynamic -s $1 -j logreject
-			then
-			    echo "$1 Allowed"
-			else
-			    echo "$1 Not Dropped or Rejected"
-			fi
-			;;
-		esac
-	    done
-	    mutex_off
-	else
-	    error_message "ERROR: Shorewall Lite is not started"
-	    exit 2
-	fi
 	;;
     save)
 	[ -n "$debugging" ] && set -x

Shorewall/lib.cli

@@ -888,3 +888,45 @@ hits_command() {
 	done
     fi
 }
+
+#
+# 'allow' command executor
+#
+allow_command() {
+    [ -n "$debugging" ] && set -x
+    [ $# -eq 1 ] && usage 1
+    if shorewall_is_started ; then
+	mutex_on
+	while [ $# -gt 1 ]; do
+	    shift
+	    case $1 in
+		*-*)
+		    if  qt $IPTABLES -D dynamic -m iprange --src-range $1 -j reject    ||\
+			qt $IPTABLES -D dynamic -m iprange --src-range $1 -j DROP      ||\
+			qt $IPTABLES -D dynamic -m iprange --src-range $1 -j logdrop   ||\
+			qt $IPTABLES -D dynamic -m iprange --src-range $1 -j logreject
+			then
+			echo "$1 Allowed"
+		    else
+			echo "$1 Not Dropped or Rejected"
+		    fi
+		    ;;
+		*)
+		    if  qt $IPTABLES -D dynamic -s $1 -j reject    ||\
+			qt $IPTABLES -D dynamic -s $1 -j DROP      ||\
+			qt $IPTABLES -D dynamic -s $1 -j logdrop   ||\
+			qt $IPTABLES -D dynamic -s $1 -j logreject
+			then
+			echo "$1 Allowed"
+		    else
+			echo "$1 Not Dropped or Rejected"
+		    fi
+		    ;;
+	    esac
+	done
+	mutex_off
+    else
+	error_message "ERROR: $PRODUCT is not started"
+	exit 2
+    fi
+}

Shorewall/shorewall

@@ -1305,42 +1305,7 @@ case "$COMMAND" in
 	fi
 	;;
     allow)
-	[ -n "$debugging" ] && set -x
+	allow_command $@
-	[ $# -eq 1 ] && usage 1
-	if shorewall_is_started ; then
-	    mutex_on
-	    while [ $# -gt 1 ]; do
-		shift
-		case $1 in
-		    *-*)
-			if  qt $IPTABLES -D dynamic -m iprange --src-range $1 -j reject    ||\
-			    qt $IPTABLES -D dynamic -m iprange --src-range $1 -j DROP      ||\
-			    qt $IPTABLES -D dynamic -m iprange --src-range $1 -j logdrop   ||\
-			    qt $IPTABLES -D dynamic -m iprange --src-range $1 -j logreject
-			then
-			    echo "$1 Allowed"
-			else
-			    echo "$1 Not Dropped or Rejected"
-			fi
-			;;
-		    *)
-			if  qt $IPTABLES -D dynamic -s $1 -j reject    ||\
-			    qt $IPTABLES -D dynamic -s $1 -j DROP      ||\
-			    qt $IPTABLES -D dynamic -s $1 -j logdrop   ||\
-			    qt $IPTABLES -D dynamic -s $1 -j logreject
-			then
-			    echo "$1 Allowed"
-			else
-			    echo "$1 Not Dropped or Rejected"
-			fi
-			;;
-		esac
-	    done
-	    mutex_off
-	else
-	    error_message "ERROR: Shorewall is not started"
-	    exit 2
-	fi
 	;;
     save)
 	[ -n "$debugging" ] && set -x