diff options
| author | Kaarle Ritvanen <kaarle.ritvanen@datakunkku.fi> | 2019-12-24 18:00:48 +0200 |
|---|---|---|
| committer | Kaarle Ritvanen <kaarle.ritvanen@datakunkku.fi> | 2020-01-17 18:26:05 +0200 |
| commit | ae381965ad00ca31190949a92285aa396ad847ba (patch) | |
| tree | 920162dbfdc8c839a0bccfeb52e1b8b671fb44f3 | |
| parent | b46f86642ef4f54f3d52a44e324f5f432521f11c (diff) | |
| download | awall-ae381965ad00ca31190949a92285aa396ad847ba.tar.bz2 awall-ae381965ad00ca31190949a92285aa396ad847ba.tar.xz | |
iptables: isbuiltin function
| -rw-r--r-- | awall/iptables.lua | 10 | ||||
| -rw-r--r-- | awall/model.lua | 7 |
2 files changed, 8 insertions, 9 deletions
diff --git a/awall/iptables.lua b/awall/iptables.lua index b893cf3..67ad84c 100644 --- a/awall/iptables.lua +++ b/awall/iptables.lua @@ -31,7 +31,7 @@ local families = { } } -M.builtin = { +local builtin = { filter={'FORWARD', 'INPUT', 'OUTPUT'}, mangle={'FORWARD', 'INPUT', 'OUTPUT', 'POSTROUTING', 'PREROUTING'}, nat={'INPUT', 'OUTPUT', 'POSTROUTING', 'PREROUTING'}, @@ -56,6 +56,8 @@ end function M.isenabled() return #actfamilies() > 0 end +function M.isbuiltin(tbl, chain) return util.contains(builtin[tbl], chain) end + local BaseIPTables = class() @@ -124,7 +126,7 @@ function M.IPTables:dumpfile(family, iptfile) local chains = tables[tbl] for _, chain in sortedkeys(chains) do local policy = '-' - if util.contains(M.builtin[tbl], chain) then + if M.isbuiltin(tbl, chain) then policy = tbl == 'filter' and 'DROP' or 'ACCEPT' end iptfile:write(':'..chain..' '..policy..' [0:0]\n') @@ -170,8 +172,8 @@ function M.flush() local empty = M.IPTables() for _, family in pairs(actfamilies()) do for tbl in io.lines(families[family].procfile) do - if M.builtin[tbl] then - for _, chain in ipairs(M.builtin[tbl]) do + if builtin[tbl] then + for _, chain in ipairs(builtin[tbl]) do empty.config[family][tbl][chain] = {} end else printmsg('Warning: not flushing unknown table: '..tbl) end diff --git a/awall/model.lua b/awall/model.lua index bc3deb2..eea654e 100644 --- a/awall/model.lua +++ b/awall/model.lua @@ -12,7 +12,7 @@ local loadclass = require('awall').loadclass M.class = require('awall.class') local FAMILIES = require('awall.family').ALL local resolvelist = require('awall.host').resolvelist -local builtin = require('awall.iptables').builtin +local isbuiltin = require('awall.iptables').isbuiltin local optfrag = require('awall.optfrag') local combinations = optfrag.combinations @@ -619,10 +619,7 @@ function M.Rule:convertchains(ofrags) local res = {} for _, ofrag in ipairs(ofrags) do - - if contains(builtin[self:table()], ofrag.chain) then - table.insert(res, ofrag) - + if isbuiltin(self:table(), ofrag.chain) then table.insert(res, ofrag) else local ofs, recursive if ofrag.chain == 'PREROUTING' then |