shorewall_code/Shorewall/action.SetTrigger

#
# Shorewall version 4 - Set a Trigger
#
# /etc/shorewall/action.SetTrigger
#
# Parameters:
#    Trigger:     Must start with a letter and be composed of letters, digits, '-', and '_'.
#    Action:      Action to perform after setting the trigger. Default is ACCEPT
#    Src or Dest:  'src' (default) or 'dst'. Determines if the trigger is associated with the source
#                  address (src) or destination address (dst)
#    Disposition:  Disposition for any event generated.
#
#######################################################################################################
#                                         DO NOT REMOVE THE FOLLOWING LINE
?format 2
#################################################################################################################################################################################################
#ACTION		SOURCE		DEST		PROTO	DEST	SOURCE		ORIGINAL	RATE		USER/	MARK	CONNLIMIT	TIME         HEADERS         SWITCH        HELPER
#							PORT	PORT(S)		DEST		LIMIT		GROUP

DEFAULTS -,ACCEPT,src

?begin perl

use Shorewall::Config;
use Shorewall::Chains;
use Shorewall::Rules;
use strict;

my ( $trigger, $action, $destination, $disposition ) = get_action_params( 4 );

require_capability 'RECENT_MATCH', 'Use of triggers', 's';
require_capability 'MARK_ANYWHERE', 'Use of triggers', 's';

fatal_error "A trigger name is required"         unless supplied $trigger;
fatal_error "Invalid trigger name ($trigger)"    unless $trigger =~ /^[a-zA-z][-\w]*$/;
fatal_error "Invalid Src or Dest ($destination)" unless $destination =~ /^(?:src|dst)$/;

set_action_disposition( $disposition) if supplied $disposition;
set_action_name_to_caller;

if ( $destination eq 'dst' ) {
    perl_action_helper( $action, "-m recent --name $trigger --set --rdest" );
} else {
    perl_action_helper( $action, "-m recent --name $trigger --set --rsource" );
}

1;

?end perl