firewall.py: clean up repeated calls to ssubprocess.call().

And make sshuttle exit with a well-defined exit code (111) if it needs to reboot.
2025-06-20 09:57:42 +02:00 · 2012-01-08 18:42:38 -05:00 · 2012-01-08 18:42:38 -05:00 · bd20841782
commit bd20841782
parent 4c1a505e37
4 changed files with 24 additions and 19 deletions
--- a/client.py
+++ b/client.py
@ -171,7 +171,9 @@ class FirewallClient:
    def done(self):
        self.pfile.close()
        rv = self.p.wait()
-        if rv:
+        if rv == EXITCODE_NEEDS_REBOOT:
+            raise FatalNeedsReboot()
+        elif rv:
            raise Fatal('cleanup: %r returned %d' % (self.argv, rv))


--- a/firewall.py
+++ b/firewall.py
@ -20,6 +20,14 @@ def nonfatal(func, *args):
        log('error: %s\n' % e)


+def _call(argv):
+    debug1('>> %s\n' % ' '.join(argv))
+    rv = ssubprocess.call(argv)
+    if rv:
+        raise Fatal('%r returned %d' % (argv, rv))
+    return rv
+
+
 def ipt_chain_exists(name):
    argv = ['iptables', '-t', 'nat', '-nL']
    p = ssubprocess.Popen(argv, stdout = ssubprocess.PIPE)
@ -33,10 +41,7 @@ def ipt_chain_exists(name):

 def ipt(*args):
    argv = ['iptables', '-t', 'nat'] + list(args)
-    debug1('>> %s\n' % ' '.join(argv))
-    rv = ssubprocess.call(argv)
-    if rv:
-        raise Fatal('%r returned %d' % (argv, rv))
+    _call(argv)


 _no_ttl_module = False
@ -159,15 +164,9 @@ def _defaults_write_kernel_flags(flags):
    flagstr = ' '.join(flags)
    argv = ['defaults', 'write', KERNEL_FLAGS_PATH, KERNEL_FLAGS_NAME,
            flagstr]
-    debug1('>> %s\n' % ' '.join(argv))
-    rv = ssubprocess.call(argv)
-    if rv:
-        raise Fatal('%r returned %d' (argv, rv))
+    _call(argv)
    argv = ['plutil', '-convert', 'xml1', KERNEL_FLAGS_PATH + '.plist']
-    debug1('>> %s\n' % ' '.join(argv))
-    rv = ssubprocess.call(argv)
-    if rv:
-        raise Fatal('%r returned %d' (argv, rv))
+    _call(argv)
    


@ -253,10 +252,7 @@ def _handle_diversion(divertsock, dnsport):

 def ipfw(*args):
    argv = ['ipfw', '-q'] + list(args)
-    debug1('>> %s\n' % ' '.join(argv))
-    rv = ssubprocess.call(argv)
-    if rv:
-        raise Fatal('%r returned %d' % (argv, rv))
+    _call(argv)


 def do_ipfw(port, dnsport, subnets):
@ -296,8 +292,7 @@ def do_ipfw(port, dnsport, subnets):
                "to work around a bug in MacOS 10.7 Lion.  You will need\n"
                "to reboot before it takes effect.  You only have to\n"
                "do this once.\n\n")
-            sys.exit(1)
-                
+            sys.exit(EXITCODE_NEEDS_REBOOT)

        ipfw('add', sport, 'check-state', 'ip',
             'from', 'any', 'to', 'any')
--- a/helpers.py
+++ b/helpers.py
@ -30,6 +30,11 @@ class Fatal(Exception):
    pass


+EXITCODE_NEEDS_REBOOT = 111
+class FatalNeedsReboot(Fatal):
+    pass
+
+
 def list_contains_any(l, sub):
    for i in sub:
        if i in l:
--- a/main.py
+++ b/main.py
@ -126,6 +126,9 @@ try:
                             parse_subnets(includes),
                             parse_subnets(excludes),
                             opt.syslog, opt.daemon, opt.pidfile))
+except FatalNeedsReboot, e:
+    log('You must reboot before using sshuttle.\n')
+    sys.exit(EXITCODE_NEEDS_REBOOT)
 except Fatal, e:
    log('fatal: %s\n' % e)
    sys.exit(99)