diff options
author | Alexander Poslavsky <alexander.poslavsky@gmail.com> | 2007-11-02 07:28:01 +0000 |
---|---|---|
committer | Alexander Poslavsky <alexander.poslavsky@gmail.com> | 2007-11-02 07:28:01 +0000 |
commit | b418c71c42d0fea752d3e686d269dec0f943d31b (patch) | |
tree | a9f037d417d05d242fba31f2d8e9a65f18da1a3f | |
parent | 20760e5bddd7c5d1c875769dee6b2e73cfcb6997 (diff) | |
download | acf-shorewall-b418c71c42d0fea752d3e686d269dec0f943d31b.tar.bz2 acf-shorewall-b418c71c42d0fea752d3e686d269dec0f943d31b.tar.xz |
shorewall directory files moved
git-svn-id: svn://svn.alpinelinux.org/acf/shorewall/trunk@248 ab2d0c66-481e-0410-8bed-d214d4d58bed
-rw-r--r-- | app/shorewall-controller.lua | 98 | ||||
-rw-r--r-- | app/shorewall-html.lsp | 41 | ||||
-rw-r--r-- | app/shorewall-read-html.lsp | 18 | ||||
-rw-r--r-- | app/shorewall.menu | 2 | ||||
-rw-r--r-- | cfgfile/firewall.cfg | 44 |
5 files changed, 203 insertions, 0 deletions
diff --git a/app/shorewall-controller.lua b/app/shorewall-controller.lua new file mode 100644 index 0000000..78219b7 --- /dev/null +++ b/app/shorewall-controller.lua @@ -0,0 +1,98 @@ +module(..., package.seeall) + +local list_redir = function(self) + self.conf.action = "read" + self.conf.type = "redir" + error(self.conf) +end + +mvc={} +mvc.on_load = function(self, parent) + --TODO: This needs to be looked at + self.cfgfile = self:soft_require("cfgfile-model") + setmetatable(self.cfgfile, self.cfgfile) + self.cfgfile.__index = self.worker + if (self.worker[self.conf.action] == nil) or (self.conf.action == "init") then + self.worker[self.conf.action] = list_redir(self) + end +end + +-- Public methods +-- <prefix>/hostname/get + +read = function(self) + return { + list=self.cfgfile:list("firewall"), + script=ENV["SCRIPT_NAME"], + prefix=self.conf.prefix, + controller=self.conf.controller, + action="update", + } +end + +update = function(self) + local id = tonumber(self.clientdata.id) or -1 + local result + local data + + result, data = self.cfgfile:get(id) + if not result then return list_redir(self) end + + if self.clientdata.cmd then + for k,v in pairs (data) do + if self.clientdata[k] then + data[k].value = self.clientdata[k] + end + end + result, data = self.cfgfile:set(id, data) + if result then return list_redir(self) end + end + + data.cmd = cfe { type="action", value="save", label="action" } + return cfe{ type="form", + option={ script=ENV["SCRIPT_NAME"], + prefix=self.conf.prefix, + controller = self.conf.controller, + action = "update", + extra = ""}, + value = data} +end + +--This is a work in progress, do not review +local function mkCtlRet(self) + return { + script=ENV["SCRIPT_NAME"], + prefix=self.conf.prefix, + controller = self.conf.controller, + action={ + { name="restart", label="Restart" }, + { name="start", label="Start" }, + { name="stop", label="Stop" }, + { name="reload", label="Reload", disabled=true }, + }, + title="Shorewall", + text={} + } +end + +restart = function(self) + ret = mkCtlRet(self) + if self.clientdata.restart then + ret.active = "restart" + local f = io.popen("/etc/init.d/shorewall restart", "r") + if f then + local out = f:read("*a") + f:close() + ret.text[#ret.text + 1] = { label="Restarting", content=out } + else + ret.text[#ret.text + 1] = { + label="Error", content="Cannot run /etc/init.d/shorewall" + } + end + end + return ret +end + +--create = update +--delete = update + diff --git a/app/shorewall-html.lsp b/app/shorewall-html.lsp new file mode 100644 index 0000000..efb1c38 --- /dev/null +++ b/app/shorewall-html.lsp @@ -0,0 +1,41 @@ +<? +local form = ... +?><h1>Edit <?= form.value.name.value +?></h1><?= html.form.start{ + method="POST", + action= form.option.script .. "/" .. form.option.prefix + .. form.option.controller .. "/" .. form.option.action .. + form.option.extra +} +?><table><? +local myform = form.value +local tags = { + { "content", "longtext" }, + { "cmd", "action" }, + { "id", "hidden" }, +} + +for i,v in pairs(tags) do + local name = v[1] + local val = myform[name] + val.type = v[2] + ?><tr><td><? +--[[ + if val.label then + io.write(val.label) + elseif val.type ~= "hidden" then + io.write(name) + end +--]] + ?></td><td><? + if val.name == "" then val.name = name end + if val.type == "longtext" then + val.cols = 80 + val.rows = 24 + end + ?><?= html.form[val.type](val) + ?></td></tr><? +end +?></table><?= html.form.stop() +?> + diff --git a/app/shorewall-read-html.lsp b/app/shorewall-read-html.lsp new file mode 100644 index 0000000..cf73662 --- /dev/null +++ b/app/shorewall-read-html.lsp @@ -0,0 +1,18 @@ +<? +local view = ... +?><h1>Edit</h1><table border=0><? +local sct="" +for i,item in ipairs(view.list) do + if item.section ~= sct then + ?><tr><td colspan='2'><h2><?= item.section ?></td></tr><? + sct = item.section + end + ?><tr><td><?= html.link{ + value = view.script .. view.prefix .. view.controller .. "/" + .. view.action .. "?id=" .. tostring(item.id), + label=item.name + } + ?></td><td><?= item.descr + ?></td></tr><? +end +?></table> diff --git a/app/shorewall.menu b/app/shorewall.menu new file mode 100644 index 0000000..21066d5 --- /dev/null +++ b/app/shorewall.menu @@ -0,0 +1,2 @@ +Networking Shorewall Define read + diff --git a/cfgfile/firewall.cfg b/cfgfile/firewall.cfg new file mode 100644 index 0000000..0a143d4 --- /dev/null +++ b/cfgfile/firewall.cfg @@ -0,0 +1,44 @@ +-- /* vim: set filetype=lua : */ +{ app="firewall", section="general", + name="params", filename="/etc/shorewall/params", + descr="Define variables used in the other configuration files." }, +{ app="firewall", section="general", + name="shorewall", filename="/etc/shorewall/shorewall.conf", + descr="Modify global configuration settings." }, +{ app="firewall", section="firewalling", + name="zones", filename="/etc/shorewall/zones", + descr="Name network partitions. Firewall rules are applied to defined zones." }, +{ app="firewall", section="firewalling", + name="interfaces", filename="/etc/shorewall/interfaces", + descr="Map physical interfaces to named zones." }, +{ app="firewall", section="firewalling", + name="hosts", filename="/etc/shorewall/hosts", + descr="Name specific hosts within zones." }, +{ app="firewall", section="firewalling", + name="policy", filename="/etc/shorewall/policy", + descr="Set default rules (policies) for zones." }, +{ app="firewall", section="firewalling", + name="rules", filename="/etc/shorewall/rules", + descr="Define exceptions to policies." }, +{ app="firewall", section="firewalling", + name="routestopped", filename="/etc/shorewall/routestopped", + descr="Define hosts that can access this host when the firewall is \"stopped\"" }, +{ app="firewall", section="firewalling", + name="tunnels", filename="/etc/shorewall/tunnels", + descr="Specify ipsec tunnel endpoints" }, +{ app="firewall", section="firewalling", + name="blacklist", filename="/etc/shorewall/blacklist", + descr="List ip addresses or names that should be denied all access to the firewall." }, +{ app="firewall", section="nat", + name="masq", filename="/etc/shorewall/masq", + descr="Define dynamic Masquerading or DNAT tables" }, +{ app="firewall", section="nat", + name="nat", filename="/etc/shorewall/nat", + descr="Define static Network Address Translation table" }, +{ app="firewall", section="qos", + name="tos", filename="/etc/shorewall/tos", + descr="Specify type of service markers for packets traversing the firewall." }, +{ app="firewall", section="qos", + name="tcrules", filename="/etc/shorewall/tcrules", + descr="Define traffic control rules." }, + |