diff options
author | Alexander Poslavsky <alexander.poslavsky@gmail.com> | 2007-11-02 07:48:38 +0000 |
---|---|---|
committer | Alexander Poslavsky <alexander.poslavsky@gmail.com> | 2007-11-02 07:48:38 +0000 |
commit | 2f6b7570cdf277f1c3889464fd7705b089e1eac4 (patch) | |
tree | 296e0a730ac80a32f1ff4cd0e710484d93c9cf9b | |
parent | b418c71c42d0fea752d3e686d269dec0f943d31b (diff) | |
download | acf-shorewall-2f6b7570cdf277f1c3889464fd7705b089e1eac4.tar.bz2 acf-shorewall-2f6b7570cdf277f1c3889464fd7705b089e1eac4.tar.xz |
shorewall directory files, show changes
git-svn-id: svn://svn.alpinelinux.org/acf/shorewall/trunk@250 ab2d0c66-481e-0410-8bed-d214d4d58bed
-rw-r--r-- | Makefile | 47 | ||||
-rw-r--r-- | app/cfgfile/firewall.cfg | 55 | ||||
-rw-r--r-- | app/shorewall-controller.lua | 58 | ||||
-rw-r--r-- | app/shorewall-read-html.lsp | 22 | ||||
-rw-r--r-- | app/shorewall-restart-html.lsp | 66 | ||||
-rw-r--r-- | app/shorewall-start-html.lsp | 66 | ||||
-rw-r--r-- | app/shorewall-stop-html.lsp | 66 |
7 files changed, 345 insertions, 35 deletions
diff --git a/Makefile b/Makefile new file mode 100644 index 0000000..01a86ba --- /dev/null +++ b/Makefile @@ -0,0 +1,47 @@ +APP_NAME=shorewall +PACKAGE=acf-$(APP_NAME) +VERSION=0.1 + +APP_DIST=\ + shorewall-controller.lua \ + shorewall-html.lsp \ + shorewall-read-html.lsp \ + shorewall.menu \ + cfgfile/firewall.cfg + +EXTRA_DIST=Makefile config.mk + +DISTFILES=$(APP_DIST) $(EXTRA_DIST) + +TAR=tar + +P=$(PACKAGE)-$(VERSION) +tarball=$(P).tar.bz2 +install_dir=$(DESTDIR)/$(appdir)/$(APP_NAME) + +all: +clean: + rm -rf $(tarball) $(P) + +dist: $(tarball) + +install: + mkdir -p "$(install_dir)" + cp -a $(APP_DIST) "$(install_dir)" + +$(tarball): $(DISTFILES) + rm -rf $(P) + mkdir -p $(P) + cp $(DISTFILES) $(P) + $(TAR) -jcf $@ $(P) + rm -rf $(P) + +# target that creates a tar package, unpacks is and install from package +dist-install: $(tarball) + $(TAR) -jxf $(tarball) + $(MAKE) -C $(P) install DESTDIR=$(DESTDIR) + rm -rf $(P) + +include config.mk + +.PHONY: all clean dist install dist-install diff --git a/app/cfgfile/firewall.cfg b/app/cfgfile/firewall.cfg new file mode 100644 index 0000000..60ba9d6 --- /dev/null +++ b/app/cfgfile/firewall.cfg @@ -0,0 +1,55 @@ +--[[ cfgfile-model loads all .cfg files in this directory and + evaluates them by putting return ({ ... }) around file contents. + This file contains body of lua table with one item per config file. + Each item is table with following keys currently having meaning: + app - string that is used to group items by controller + section - string that is used to group items visually on page + name - short name that is shown to user + filename - filesystem path of config file + descr - descr, one liner +--]] + +{ app="firewall", section="general", + name="params", filename="/etc/shorewall/params", + descr="Define variables used in the other configuration files." }, +{ app="firewall", section="general", + name="shorewall", filename="/etc/shorewall/shorewall.conf", + descr="Modify global configuration settings." }, +{ app="firewall", section="firewalling", + name="zones", filename="/etc/shorewall/zones", + descr="Name network partitions. Firewall rules are applied to defined zones." }, +{ app="firewall", section="firewalling", + name="interfaces", filename="/etc/shorewall/interfaces", + descr="Map physical interfaces to named zones." }, +{ app="firewall", section="firewalling", + name="hosts", filename="/etc/shorewall/hosts", + descr="Name specific hosts within zones." }, +{ app="firewall", section="firewalling", + name="policy", filename="/etc/shorewall/policy", + descr="Set default rules (policies) for zones." }, +{ app="firewall", section="firewalling", + name="rules", filename="/etc/shorewall/rules", + descr="Define exceptions to policies." }, +{ app="firewall", section="firewalling", + name="routestopped", filename="/etc/shorewall/routestopped", + descr="Define hosts that can access this host when the firewall is \"stopped\"" }, +{ app="firewall", section="firewalling", + name="tunnels", filename="/etc/shorewall/tunnels", + descr="Specify ipsec tunnel endpoints" }, +{ app="firewall", section="firewalling", + name="blacklist", filename="/etc/shorewall/blacklist", + descr="List ip addresses or names that should be denied all access to the firewall." }, +{ app="firewall", section="nat", + name="masq", filename="/etc/shorewall/masq", + descr="Define dynamic Masquerading or DNAT tables" }, +{ app="firewall", section="nat", + name="nat", filename="/etc/shorewall/nat", + descr="Define static Network Address Translation table" }, +{ app="firewall", section="qos", + name="tos", filename="/etc/shorewall/tos", + descr="Specify type of service markers for packets traversing the firewall." }, +{ app="firewall", section="qos", + name="tcrules", filename="/etc/shorewall/tcrules", + descr="Define traffic control rules." }, + +-- /* vim: set filetype=lua : */ diff --git a/app/shorewall-controller.lua b/app/shorewall-controller.lua index 78219b7..f1583cf 100644 --- a/app/shorewall-controller.lua +++ b/app/shorewall-controller.lua @@ -9,9 +9,13 @@ end mvc={} mvc.on_load = function(self, parent) --TODO: This needs to be looked at + --there has to be cute, standard way of loading models into controller self.cfgfile = self:soft_require("cfgfile-model") setmetatable(self.cfgfile, self.cfgfile) self.cfgfile.__index = self.worker + self.service = self:soft_require("service-model") + setmetatable(self.service, self.service) + self.service.__index = self.worker if (self.worker[self.conf.action] == nil) or (self.conf.action == "init") then self.worker[self.conf.action] = list_redir(self) end @@ -58,41 +62,41 @@ update = function(self) value = data} end ---This is a work in progress, do not review -local function mkCtlRet(self) - return { +local function service(self, action) + local id = tonumber(self.clientdata.id) or -1 + local svc = self.service:list("firewall") + local ret = { script=ENV["SCRIPT_NAME"], prefix=self.conf.prefix, controller = self.conf.controller, - action={ - { name="restart", label="Restart" }, - { name="start", label="Start" }, - { name="stop", label="Stop" }, - { name="reload", label="Reload", disabled=true }, - }, - title="Shorewall", - text={} + action={}, + title="Firewall", + text={}, + active={ id=id } } -end - -restart = function(self) - ret = mkCtlRet(self) - if self.clientdata.restart then - ret.active = "restart" - local f = io.popen("/etc/init.d/shorewall restart", "r") - if f then - local out = f:read("*a") - f:close() - ret.text[#ret.text + 1] = { label="Restarting", content=out } - else - ret.text[#ret.text + 1] = { - label="Error", content="Cannot run /etc/init.d/shorewall" + for i,s in pairs(svc) do + for i,a in ipairs(s.actions) do + ret.action[#ret.action + 1] = { + name = a, + section = s.name .. " (" .. tostring(s.status) .. ")", + id = s.id, + label = a, } end end + if self.clientdata[action] then + local result, report = self.service:update(id, action) + local label = "Error" + if result then + ret.active.action = action + label = "Report" + end + ret.text[#ret.text + 1] = { label=label, content=report } + end return ret end ---create = update ---delete = update +start = function(self) return service(self, "start") end +stop = function(self) return service(self, "stop") end +restart = function(self) return service(self, "restart") end diff --git a/app/shorewall-read-html.lsp b/app/shorewall-read-html.lsp index cf73662..c4732a0 100644 --- a/app/shorewall-read-html.lsp +++ b/app/shorewall-read-html.lsp @@ -1,18 +1,24 @@ -<? -local view = ... -?><h1>Edit</h1><table border=0><? -local sct="" +<? local view = ... ?> + +<? --Status Block + +?> + +<h1>Edit</h1> +<table border=0> +<? local sct="" for i,item in ipairs(view.list) do if item.section ~= sct then - ?><tr><td colspan='2'><h2><?= item.section ?></td></tr><? + ?><tr><td colspan='3'><h2><?= item.section ?></td></tr><? sct = item.section end - ?><tr><td><?= html.link{ + ?><tr><td><?= item.status or '' ?><? + ?><td><?= html.link{ value = view.script .. view.prefix .. view.controller .. "/" .. view.action .. "?id=" .. tostring(item.id), label=item.name } ?></td><td><?= item.descr ?></td></tr><? -end -?></table> +end ?> +</table> diff --git a/app/shorewall-restart-html.lsp b/app/shorewall-restart-html.lsp new file mode 100644 index 0000000..2daa4bc --- /dev/null +++ b/app/shorewall-restart-html.lsp @@ -0,0 +1,66 @@ +<? +local view = ... + +local function packURL(script, prefix, controller, action, extra) + ret = script .. "/" .. prefix .. controller .. "/" .. action + sep = '?' + for k,v in pairs(extra) do + ret = ret .. sep .. k .. '=' .. v + sep = '&' + end + return ret +end + +--[[ +view + script, prefix, controller + action[] + name, script, prefix, controller + section + id + label + disabled + active + id + action + title + text[] + label + content +--]] +?><h1><?= view.title +?></h1><? + +local section = "" +for i,item in ipairs(view.action) do + if section ~= item.section then + section = item.section + ?><h2><?= section ?></h2><? + end + if item.disabled then + ?><i><?= item.label or item.name ?></i><? + else + ?><?= html.form.start { + method="POST", + action = packURL(item.script or view.script, + item.prefix or view.prefix, + item.controller or view.controller, + item.name, {}) + } ?><?= html.form.hidden { name="id", value=item.id } ?><? + local label = (item.label or item.name) + if item.id == view.active.id and item.name == view.active.action then + label = '['..label..']' + end + ?><?= html.form.submit { + name = item.name, value = label + } ?><?= html.form.stop() ?><? + end +end +for i,item in ipairs(view.text) do + if item.label then + ?><h2><?= item.label ?></h2><? + end + ?><pre><?= item.content ?></pre><? +end +-- vim: set filetype=lua : +?> diff --git a/app/shorewall-start-html.lsp b/app/shorewall-start-html.lsp new file mode 100644 index 0000000..2daa4bc --- /dev/null +++ b/app/shorewall-start-html.lsp @@ -0,0 +1,66 @@ +<? +local view = ... + +local function packURL(script, prefix, controller, action, extra) + ret = script .. "/" .. prefix .. controller .. "/" .. action + sep = '?' + for k,v in pairs(extra) do + ret = ret .. sep .. k .. '=' .. v + sep = '&' + end + return ret +end + +--[[ +view + script, prefix, controller + action[] + name, script, prefix, controller + section + id + label + disabled + active + id + action + title + text[] + label + content +--]] +?><h1><?= view.title +?></h1><? + +local section = "" +for i,item in ipairs(view.action) do + if section ~= item.section then + section = item.section + ?><h2><?= section ?></h2><? + end + if item.disabled then + ?><i><?= item.label or item.name ?></i><? + else + ?><?= html.form.start { + method="POST", + action = packURL(item.script or view.script, + item.prefix or view.prefix, + item.controller or view.controller, + item.name, {}) + } ?><?= html.form.hidden { name="id", value=item.id } ?><? + local label = (item.label or item.name) + if item.id == view.active.id and item.name == view.active.action then + label = '['..label..']' + end + ?><?= html.form.submit { + name = item.name, value = label + } ?><?= html.form.stop() ?><? + end +end +for i,item in ipairs(view.text) do + if item.label then + ?><h2><?= item.label ?></h2><? + end + ?><pre><?= item.content ?></pre><? +end +-- vim: set filetype=lua : +?> diff --git a/app/shorewall-stop-html.lsp b/app/shorewall-stop-html.lsp new file mode 100644 index 0000000..2daa4bc --- /dev/null +++ b/app/shorewall-stop-html.lsp @@ -0,0 +1,66 @@ +<? +local view = ... + +local function packURL(script, prefix, controller, action, extra) + ret = script .. "/" .. prefix .. controller .. "/" .. action + sep = '?' + for k,v in pairs(extra) do + ret = ret .. sep .. k .. '=' .. v + sep = '&' + end + return ret +end + +--[[ +view + script, prefix, controller + action[] + name, script, prefix, controller + section + id + label + disabled + active + id + action + title + text[] + label + content +--]] +?><h1><?= view.title +?></h1><? + +local section = "" +for i,item in ipairs(view.action) do + if section ~= item.section then + section = item.section + ?><h2><?= section ?></h2><? + end + if item.disabled then + ?><i><?= item.label or item.name ?></i><? + else + ?><?= html.form.start { + method="POST", + action = packURL(item.script or view.script, + item.prefix or view.prefix, + item.controller or view.controller, + item.name, {}) + } ?><?= html.form.hidden { name="id", value=item.id } ?><? + local label = (item.label or item.name) + if item.id == view.active.id and item.name == view.active.action then + label = '['..label..']' + end + ?><?= html.form.submit { + name = item.name, value = label + } ?><?= html.form.stop() ?><? + end +end +for i,item in ipairs(view.text) do + if item.label then + ?><h2><?= item.label ?></h2><? + end + ?><pre><?= item.content ?></pre><? +end +-- vim: set filetype=lua : +?> |