diff options
| author | Kaarle Ritvanen <kaarle.ritvanen@datakunkku.fi> | 2012-04-09 06:48:53 +0000 |
|---|---|---|
| committer | Kaarle Ritvanen <kaarle.ritvanen@datakunkku.fi> | 2012-04-09 06:48:53 +0000 |
| commit | bdc0328ab8f0335adf616dd65545263a39e16434 (patch) | |
| tree | 87beb8b666924dd274cd8301b487dad11bf2b219 | |
| parent | 2b3db7b4c3f0336126f0530b3fa9a184c8008306 (diff) | |
| download | awall-bdc0328ab8f0335adf616dd65545263a39e16434.tar.bz2 awall-bdc0328ab8f0335adf616dd65545263a39e16434.tar.xz | |
optional, importable configuration files
| -rwxr-xr-x | awall-cli | 7 | ||||
| -rw-r--r-- | awall/init.lua | 68 |
2 files changed, 55 insertions, 20 deletions
@@ -19,15 +19,18 @@ long_opts = {activate='a', if stringy.endswith(arg[0], '/awall-cli') then basedir = string.sub(arg[0], 1, -11) input = {basedir..'/json'} + import = {} - short_opts = short_opts..'i:' + short_opts = short_opts..'i:I:' long_opts['input-dir'] = 'i' + long_opts['import-path'] = 'I' end for switch, value in pairs(alt_getopt.get_opts(arg, short_opts, long_opts)) do if switch == 'a' then activate = true elseif switch == 'F' then fallback = true elseif switch == 'i' then table.insert(input, value) + elseif switch == 'I' then table.insert(import, value) elseif switch == 'o' then iptdir = value ipsfile = value..'/ipset' @@ -40,7 +43,7 @@ require 'awall' require 'awall.iptables' awall.loadmodules(basedir) -config = awall.Config.new(input) +config = awall.Config.new(input, import) if activate then diff --git a/awall/init.lua b/awall/init.lua index 4007a61..6e8697b 100644 --- a/awall/init.lua +++ b/awall/init.lua @@ -37,31 +37,63 @@ end Config = awall.object.class(awall.object.Object) -function Config:init(confdirs) +function Config:init(confdirs, importdirs) self.input = {} self.iptables = awall.iptables.IPTables.new() - for i, dir in ipairs(confdirs or {'/usr/share/awall', '/etc/awall'}) do - local fnames = {} - for fname in lfs.dir(dir) do table.insert(fnames, fname) end - table.sort(fnames) - - for i, fname in ipairs(fnames) do - if string.sub(fname, 1, 1) ~= '.' then - local data = '' - for line in io.lines(dir..'/'..fname) do data = data..line end - data = json.decode(data) - - for cls, objs in pairs(data) do - if not self.input[cls] then self.input[cls] = objs - elseif objs[1] then util.extend(self.input[cls], objs) - else - for k, v in pairs(objs) do self.input[cls][k] = v end - end + local required = {} + local imported = {} + + function import(name, fname) + local file + if fname then + file = io.open(fname) + else + for i, dir in ipairs(importdirs or {'/usr/share/awall/optional'}) do + file = io.open(dir..'/'..name..'.json') + if file then break end + end + end + if not file then error('Import failed: '..name) end + + local data = '' + for line in file:lines() do data = data..line end + file:close() + data = json.decode(data) + + table.insert(required, name) + for i, iname in util.listpairs(data.import) do + if not util.contains(imported, iname) then + if util.contains(required, iname) then + error('Circular import: ' + iname) end + import(iname) end end + table.insert(imported, name) + + for cls, objs in pairs(data) do + if cls ~= 'import' then + if not self.input[cls] then self.input[cls] = objs + elseif objs[1] then util.extend(self.input[cls], objs) + else + for k, v in pairs(objs) do self.input[cls][k] = v end + end + end + end + end + + for i, dir in ipairs(confdirs or + {'/usr/share/awall/mandatory', '/etc/awall'}) do + local names = {} + for fname in lfs.dir(dir) do + local si, ei, name = string.find(fname, '^([%w-]+)%.json$') + if name then table.insert(names, name) end + end + table.sort(names) + + for i, name in ipairs(names) do import(name, dir..'/'..name..'.json') end end |