summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorTed Trask <ttrask01@yahoo.com>2013-01-06 14:03:19 +0000
committerTed Trask <ttrask01@yahoo.com>2013-01-06 14:03:19 +0000
commita5e860eb3bdbc3d1ee1f009af93be6f8ffc3eb42 (patch)
tree799ddc10f66715aa87bbd4115ce236a5f0031283
parent38f5d1fb5817aaf7a609662907472a967f1253df (diff)
downloadacf-iptables-a5e860eb3bdbc3d1ee1f009af93be6f8ffc3eb42.tar.bz2
acf-iptables-a5e860eb3bdbc3d1ee1f009af93be6f8ffc3eb42.tar.xz
Fix rule specification now that we're using run_executable
-rw-r--r--iptables-model.lua28
1 files changed, 18 insertions, 10 deletions
diff --git a/iptables-model.lua b/iptables-model.lua
index 8b567c3..494dcb7 100644
--- a/iptables-model.lua
+++ b/iptables-model.lua
@@ -123,19 +123,24 @@ local function generate_rule_specification(rule)
if string.find(value, "^!") then
if notfirst then
spec[#spec + 1] = '!'
- value = string.sub(value, 2)
+ spec[#spec + 1] = option
+ spec[#spec + 1] = string.sub(value, 2)
else
- value = string.sub(value,1,1) .. " " .. string.sub(value,2)
+ spec[#spec + 1] = option
+ spec[#spec + 1] = '!'
+ spec[#spec + 1] = string.sub(value,2)
end
+ else
+ spec[#spec + 1] = option
+ spec[#spec + 1] = format.escapespecialcharacters(value)
end
- spec[#spec + 1] = option
- spec[#spec + 1] = format.escapespecialcharacters(value)
end
end
function addmodule(values, mod)
for i,value in ipairs(values) do
if value ~= "" then
- spec[#spec + 1] = "-m "..mod
+ spec[#spec + 1] = "-m"
+ spec[#spec + 1] = mod
break
end
end
@@ -149,7 +154,8 @@ local function generate_rule_specification(rule)
addparameter(rule.value.in_interface.value, "-i", true)
addparameter(rule.value.out_interface.value, "-o", true)
if rule.value.fragment.value == "!" then
- spec[#spec + 1] = "! -f"
+ spec[#spec + 1] = "!"
+ spec[#spec + 1] = "-f"
elseif rule.value.fragment.value ~= "" then
spec[#spec + 1] = "-f"
end
@@ -160,7 +166,7 @@ local function generate_rule_specification(rule)
addmodule({rule.value.comment.value}, "comment")
if rule.value.comment.value ~= "" then
spec[#spec + 1] = "--comment"
- spec[#spec + 1] = '"' .. rule.value.comment.value .. '"'
+ spec[#spec + 1] = rule.value.comment.value
end
addmodule({rule.value.icmp_type.value}, "icmp")
addparameter(rule.value.icmp_type.value, "--icmp-type", true)
@@ -182,7 +188,7 @@ local function generate_rule_specification(rule)
addparameter(rule.value.udp_sport.value, "--sport", true)
addparameter(rule.value.udp_dport.value, "--dport", true)
- return table.concat(spec, " ")
+ return spec
end
-- ################################################################################
@@ -478,7 +484,7 @@ function create_rule(self, rule)
cmd[#cmd+1] = "-A"
cmd[#cmd+1] = rule.value.chain.value
end
- cmd[#cmd+1] = spec
+ for i,s in ipairs(spec) do cmd[#cmd+1] = s end
rule.descr, rule.errtxt = modelfunctions.run_executable(cmd, true)
else
rule.errtxt = "Failed to create rule"
@@ -496,7 +502,9 @@ function update_rule(self, rule)
if success then
local spec = generate_rule_specification(rule)
- rule.descr, rule.errtxt = modelfunctions.run_executable({"iptables", "-t", rule.value.table.value, "-R", rule.value.chain.value, rule.value.position.value, spec}, true)
+ local cmd = {"iptables", "-t", rule.value.table.value, "-R", rule.value.chain.value, rule.value.position.value}
+ for i,s in ipairs(spec) do cmd[#cmd+1] = s end
+ rule.descr, rule.errtxt = modelfunctions.run_executable(cmd, true)
else
rule.errtxt = "Failed to update rule"
end