diff options
| author | Kaarle Ritvanen <kaarle.ritvanen@datakunkku.fi> | 2018-10-31 23:05:27 +0200 |
|---|---|---|
| committer | Kaarle Ritvanen <kaarle.ritvanen@datakunkku.fi> | 2019-02-02 20:48:48 +0200 |
| commit | 046029d01e342960f072263ac78017afaff62e30 (patch) | |
| tree | 25a7cf1b71e38b1f2630aae9c54a49eabe36fa8d | |
| parent | cd4b3a8cfbff3efcc14b2d21018eab666f7e0ef5 (diff) | |
| download | awall-046029d01e342960f072263ac78017afaff62e30.tar.bz2 awall-046029d01e342960f072263ac78017afaff62e30.tar.xz | |
activate: initial setupv1.6.10
| -rwxr-xr-x | awall-cli | 56 |
1 files changed, 43 insertions, 13 deletions
@@ -11,6 +11,7 @@ lpc = require('lpc') posix = require('posix') signal = posix.signal +stat = posix.stat stringy = require('stringy') @@ -291,7 +292,7 @@ if not call( if mode == 'dump' then dump(level) elseif mode == 'diff' then - if not posix.stat(dumpfile) then + if not stat(dumpfile) then printmsg('Please translate or activate first') os.exit(2) end @@ -321,13 +322,52 @@ if not call( elseif mode == 'activate' then + local function translate() + config:dump() + filedump(sysdumpfile) + end + + local interrupted + + if not force then + for _, sig in ipairs{'INT', 'TERM'} do + signal( + posix['SIG'..sig], + function() + interrupted = true + io.stdin:close() + end + ) + end + end + if not iptables.isenabled() then + local INIT = '/usr/libexec/awall-init' + if not force and stat(INIT) then + printmsg('Firewall is not active') + io.stderr:write( + 'Press RETURN to perform initial configuration and activation: ' + ) + if io.read() then + translate() + for _, family in ipairs(require('awall.family').ACTIVE) do + os.execute( + INIT..' '.. + ({inet='iptables', inet6='ip6tables'})[family] + ) + end + os.exit(0) + end + printmsg('\nCanceled') + os.exit(2) + end + raise('Firewall not enabled in kernel') end iptables.backup() - local pid, interrupted + local pid if not force then signal( @@ -336,15 +376,6 @@ if not call( if pid and lpc.wait(pid, 1) then os.exit(1) end end ) - for i, sig in ipairs({'INT', 'TERM'}) do - signal( - posix['SIG'..sig], - function() - interrupted = true - io.stdin:close() - end - ) - end pid = util.run(arg[0], 'fallback') end @@ -376,8 +407,7 @@ if not call( end end - config:dump() - filedump(sysdumpfile) + translate() else if not force then kill() end |