]>
Commit | Line | Data |
---|---|---|
06007854 SS |
1 | #!/usr/bin/perl |
2 | ############################################################################### | |
3 | # # | |
4 | # IPFire.org - A linux based firewall # | |
5 | # Copyright (C) 2015-2016 IPFire Development Team # | |
6 | # # | |
7 | # This program is free software: you can redistribute it and/or modify # | |
8 | # it under the terms of the GNU General Public License as published by # | |
9 | # the Free Software Foundation, either version 3 of the License, or # | |
10 | # (at your option) any later version. # | |
11 | # # | |
12 | # This program is distributed in the hope that it will be useful, # | |
13 | # but WITHOUT ANY WARRANTY; without even the implied warranty of # | |
14 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # | |
15 | # GNU General Public License for more details. # | |
16 | # # | |
17 | # You should have received a copy of the GNU General Public License # | |
18 | # along with this program. If not, see <http://www.gnu.org/licenses/>. # | |
19 | # # | |
20 | ############################################################################### | |
21 | ||
22 | use strict; | |
23 | use Switch; | |
24 | ||
25 | require Guardian::Base; | |
26 | require Guardian::Daemon; | |
27 | require Guardian::Socket; | |
28 | ||
29 | use warnings; | |
30 | ||
31 | # Define version. | |
32 | my $version ="@PACKAGE_VERSION@"; | |
33 | ||
34 | # Assign given command line arguments some pretty variable names. | |
35 | my ($command, $opt_argument) = @ARGV; | |
36 | ||
37 | # Process given command from command line. | |
38 | switch($command) { | |
39 | case "status" { &HandleStatus(); } | |
40 | ||
41 | case "block" { &HandleBlockUnblockCommand($command, $opt_argument); } | |
42 | case "unblock" { &HandleBlockUnblockCommand($command, $opt_argument); } | |
43 | ||
44 | case "flush" { &SendCommand("flush"); } | |
45 | case "reload" { &SendCommand("reload"); } | |
46 | case "reload-ignore-list" { &SendCommand("reload-ignore-list"); } | |
47 | case "logrotate" { &SendCommand("logrotate"); } | |
48 | ||
49 | # Print usage / help text. | |
50 | else { | |
51 | print "Guardian $version \n"; | |
52 | print "Usage: guardianctrl <command> <optional arguments>\n"; | |
53 | print " block <address>\tBlock the given IP-address.\n"; | |
54 | print " unblock <address>\tUnblock the given IP-address.\n\n"; | |
55 | ||
56 | print " flush\t\t\tUnblock/Flush all blocked IP-addresses.\n"; | |
57 | print " status\t\t\tDisplay weather guardian is running and some details.\n\n"; | |
58 | ||
59 | print " reload\t\t\tReload the configuration.\n"; | |
60 | print " reload-ignore-list\tForce guardian to reload/regenerate it's ignore list.\n"; | |
61 | print " logrotate\t\tTell guardian that the monitored files have been rotated by logrotate.\n"; | |
62 | } | |
63 | } | |
64 | ||
65 | # | |
66 | ## The SendCommand function. | |
67 | # | |
68 | ## This function is responsible for sending commands to guardian by using the provided | |
69 | ## client function from guardian's socket module. It also does a check if guardian has | |
70 | ## been launched, before trying to sent the desired command. | |
71 | # | |
72 | sub SendCommand ($) { | |
73 | my ($command) = @_; | |
74 | ||
75 | # Abort if no guardian instance is running. | |
76 | unless (&Guardian::Daemon::IsRunning()) { | |
77 | print STDERR "No running guardian instance found. Aborting!\n"; | |
78 | return; | |
79 | } | |
80 | ||
81 | # Use the Socket client to transmitt the requested command to the daemon. | |
82 | &Guardian::Socket::Client($command); | |
83 | } | |
84 | ||
85 | # | |
86 | ## HandleBlockUnblockCommand function. | |
87 | # | |
88 | ## This function mostly does the input validation for blocking and unblocking addresses | |
89 | ## before using the SendCommand() function to submit the desired command to the running | |
90 | ## guardian process. | |
91 | # | |
92 | sub HandleBlockUnblockCommand ($$) {; | |
93 | my ($command, $address) = @_; | |
94 | ||
95 | # Check if an address has been given. | |
96 | unless ($address) { | |
97 | print STDERR "No address has been given.\n"; | |
98 | return; | |
99 | } | |
100 | ||
101 | # Check if the provided address is valid. | |
102 | # The called function will return 4 or 6 for the used IP-protocol | |
103 | # version if the address is valid. | |
104 | unless (&Guardian::Base::DetectIPProtocolVersion($address)) { | |
105 | print STDERR "$address is not a valid IPv4 nor IPv6 address.\n"; | |
106 | return; | |
107 | } | |
108 | ||
109 | # Check if the given address is localhost. | |
110 | if (($address eq "127.0.0.1") || ($address eq "::1")) { | |
111 | print STDERR "$address is localhost and must not be blocked.\n"; | |
112 | return; | |
113 | } | |
114 | ||
115 | # Check if block/unblock has been called. | |
116 | if (($command eq "block") || ($command eq "unblock")) { | |
117 | # Call subfunction to send the command through the socket. | |
118 | &SendCommand("$command $address"); | |
119 | } | |
120 | } | |
121 | ||
122 | # | |
123 | ## HandleStatus function. | |
124 | # | |
125 | ## This function just checks if guardian is running and will print some additional details. | |
126 | # | |
127 | sub HandleStatus () { | |
128 | # Check if guardian is running. | |
129 | unless (&Guardian::Daemon::IsRunning()) { | |
130 | print STDERR "Guardian is not running yet.\n"; | |
131 | return; | |
132 | } | |
133 | ||
134 | # Grab process-id. | |
17818eee | 135 | my $pid = &Guardian::Daemon::GetPID(); |
06007854 SS |
136 | |
137 | # Print out grabbed details. | |
138 | print "Guardian is running with process-id ($pid).\n"; | |
139 | } |