diff options
| -rw-r--r-- | awall/iptables.lua | 42 |
1 files changed, 25 insertions, 17 deletions
diff --git a/awall/iptables.lua b/awall/iptables.lua index 36376c5..ffe2977 100644 --- a/awall/iptables.lua +++ b/awall/iptables.lua @@ -1,6 +1,6 @@ --[[ Iptables file dumper for Alpine Wall -Copyright (C) 2012-2019 Kaarle Ritvanen +Copyright (C) 2012-2020 Kaarle Ritvanen See LICENSE file for license details ]]-- @@ -20,12 +20,16 @@ local posix = require('posix') local M = {} -local families = {inet={cmd='iptables', - file='rules-save', - procfile='/proc/net/ip_tables_names'}, - inet6={cmd='ip6tables', - file='rules6-save', - procfile='/proc/net/ip6_tables_names'}} +local families = { + inet={ + cmd='iptables', file='rules-save', procfile='/proc/net/ip_tables_names' + }, + inet6={ + cmd='ip6tables', + file='rules6-save', + procfile='/proc/net/ip6_tables_names' + } +} M.builtin = { filter={'FORWARD', 'INPUT', 'OUTPUT'}, @@ -94,29 +98,33 @@ M.IPTables = class(BaseIPTables) function M.IPTables:init() self.config = {} - setmetatable(self.config, - {__index=function(t, k) - t[k] = {} - setmetatable(t[k], getmetatable(t)) - return t[k] - end}) + setmetatable( + self.config, + { + __index=function(t, k) + t[k] = {} + setmetatable(t[k], getmetatable(t)) + return t[k] + end + } + ) end function M.IPTables:dumpfile(family, iptfile) iptfile:write('# '..families[family].file..' generated by awall\n') local tables = self.config[family] - for i, tbl in sortedkeys(tables) do + for _, tbl in sortedkeys(tables) do iptfile:write('*'..tbl..'\n') local chains = tables[tbl] - for i, chain in sortedkeys(chains) do + for _, chain in sortedkeys(chains) do local policy = '-' if util.contains(M.builtin[tbl], chain) then policy = tbl == 'filter' and 'DROP' or 'ACCEPT' end iptfile:write(':'..chain..' '..policy..' [0:0]\n') end - for i, chain in sortedkeys(chains) do - for i, rule in ipairs(chains[chain]) do + for _, chain in sortedkeys(chains) do + for _, rule in ipairs(chains[chain]) do iptfile:write('-A '..chain..' '..rule..'\n') end end |