]>
Commit | Line | Data |
---|---|---|
98146c00 MT |
1 | #!/bin/bash |
2 | ############################################################################### | |
3 | # # | |
4 | # IPFire.org - A linux based firewall # | |
5 | # Copyright (C) 2012 IPFire Network Development Team # | |
6 | # # | |
7 | # This program is free software: you can redistribute it and/or modify # | |
8 | # it under the terms of the GNU General Public License as published by # | |
9 | # the Free Software Foundation, either version 3 of the License, or # | |
10 | # (at your option) any later version. # | |
11 | # # | |
12 | # This program is distributed in the hope that it will be useful, # | |
13 | # but WITHOUT ANY WARRANTY; without even the implied warranty of # | |
14 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # | |
15 | # GNU General Public License for more details. # | |
16 | # # | |
17 | # You should have received a copy of the GNU General Public License # | |
18 | # along with this program. If not, see <http://www.gnu.org/licenses/>. # | |
19 | # # | |
20 | ############################################################################### | |
21 | ||
1c6a4e30 | 22 | firewall_cli() { |
fe52c5e0 MT |
23 | local protocol="${1}" |
24 | assert isset protocol | |
25 | shift | |
98146c00 | 26 | |
fe52c5e0 MT |
27 | # Parse the command line |
28 | while [ $# -gt 0 ]; do | |
29 | case "${1}" in | |
30 | -d|--debug) | |
31 | DEBUG=1 | |
32 | log DEBUG "Enabled debugging mode" | |
33 | ;; | |
34 | *) | |
35 | action=${1} | |
36 | ;; | |
37 | esac | |
38 | shift | |
39 | [ -n "${action}" ] && break | |
40 | done | |
98146c00 | 41 | |
fe52c5e0 MT |
42 | # Process the given action |
43 | case "${action}" in | |
44 | start|restart|reload) | |
45 | firewall_start "${protocol}" "$@" | |
46 | ;; | |
47 | ||
48 | stop) | |
49 | firewall_stop "${protocol}" "$@" | |
50 | ;; | |
51 | ||
52 | show) | |
53 | firewall_show "${protocol}" "$@" | |
54 | ;; | |
55 | ||
56 | panic) | |
57 | firewall_cli_panic "${protocol}" "$@" | |
58 | ;; | |
59 | ||
fe52c5e0 MT |
60 | zone) |
61 | firewall_cli_zone $@ | |
62 | ;; | |
63 | ||
64 | ""|help|--help|-h) | |
65 | cli_usage root | |
66 | exit ${EXIT_OK} | |
67 | ;; | |
68 | ||
69 | *) | |
70 | error "Invalid command given: ${action}" | |
71 | cli_usage usage | |
72 | exit ${EXIT_CONF_ERROR} | |
73 | ;; | |
74 | esac | |
98146c00 | 75 | |
fe52c5e0 | 76 | exit ${EXIT_OK} |
afb7d704 MT |
77 | } |
78 | ||
1c6a4e30 | 79 | firewall_cli_panic() { |
fe52c5e0 MT |
80 | local protocol="${1}" |
81 | assert isset protocol | |
82 | shift | |
83 | ||
afb7d704 MT |
84 | if cli_help_requested $@; then |
85 | cli_show_man firewall-panic | |
86 | exit ${EXIT_OK} | |
87 | fi | |
88 | ||
89 | local admin_hosts | |
90 | while [ $# -gt 0 ]; do | |
91 | case "${1}" in | |
92 | *) | |
93 | if ip_is_valid ${1}; then | |
94 | admin_hosts="${admin_hosts} ${1}" | |
95 | else | |
96 | warning "Invalid IP address: ${1}" | |
97 | fi | |
98 | ;; | |
99 | esac | |
100 | shift | |
101 | done | |
102 | ||
103 | firewall_panic ${admin_hosts} | |
104 | } | |
105 | ||
1c6a4e30 | 106 | firewall_cli_settings() { |
3647b19f | 107 | if cli_help_requested $@; then |
e9df08ad | 108 | cli_show_man firewall-settings |
3647b19f MT |
109 | exit ${EXIT_OK} |
110 | fi | |
111 | ||
112 | if [ -n "${1}" ]; then | |
e9df08ad MT |
113 | settings_set "$@" |
114 | firewall_settings_write | |
3647b19f | 115 | else |
e9df08ad | 116 | firewall_settings_print |
3647b19f MT |
117 | fi |
118 | } | |
119 | ||
1c6a4e30 | 120 | firewall_cli_zone() { |
fe52c5e0 MT |
121 | local protocol="${1}" |
122 | assert isset protocol | |
123 | shift | |
124 | ||
4fedddef MT |
125 | if cli_help_requested $@; then |
126 | cli_show_man firewall-zone | |
127 | exit ${EXIT_OK} | |
128 | fi | |
129 | ||
130 | if zone_name_is_valid ${1}; then | |
131 | local zone=${1} | |
132 | local action=${2} | |
133 | shift 2 | |
134 | ||
135 | # Check if the given zone exists. | |
136 | if ! zone_exists ${zone}; then | |
137 | error "Zone '${zone}' does not exist." | |
138 | cli_run_help firewall zone | |
139 | ||
140 | exit ${EXIT_ERROR} | |
141 | fi | |
142 | ||
143 | # Process the given action. | |
144 | case "${action}" in | |
145 | edit) | |
fe52c5e0 | 146 | firewall_cli_zone_edit ${zone} $@ |
4fedddef MT |
147 | ;; |
148 | status|"") | |
fe52c5e0 | 149 | firewall_cli_zone_status ${zone} $@ |
4fedddef MT |
150 | ;; |
151 | ||
152 | # Print the raw configuration settings. | |
153 | show) | |
154 | firewall_zone_print ${zone} $@ | |
155 | ||
156 | exit ${EXIT_ERROR} | |
157 | ;; | |
158 | *) | |
159 | error "Unrecognized action: ${action}" | |
160 | cli_run_help firewall zone | |
161 | ||
162 | exit ${EXIT_ERROR} | |
163 | ;; | |
164 | esac | |
165 | else | |
166 | local action=${1} | |
167 | shift | |
168 | ||
169 | case "${action}" in | |
170 | reset) | |
171 | firewall_zone_reset $@ | |
172 | exit $? | |
173 | ;; | |
174 | ||
175 | *) | |
176 | error "Unrecognized action: ${action}" | |
177 | cli_run_help firewall zone | |
178 | ||
179 | exit ${EXIT_ERROR} | |
180 | ;; | |
181 | esac | |
182 | fi | |
183 | } | |
184 | ||
185 | # Show firewall zone conifguration. | |
1c6a4e30 | 186 | firewall_cli_zone_status() { |
4fedddef MT |
187 | local zone=${1} |
188 | assert isset zone | |
189 | ||
190 | ( | |
191 | firewall_zone_read ${zone} | |
192 | ||
193 | cli_headline 1 "Zone ${zone} (policy ${POLICY})" | |
194 | cli_print_fmt1 1 "Masquerade" "$(cli_print_bool ${MASQUERADE})" | |
195 | ||
196 | cli_space | |
197 | ) | |
198 | ||
199 | exit ${EXIT_OK} | |
200 | } | |
201 | ||
202 | # Edit firewall zone configuration. | |
1c6a4e30 | 203 | firewall_cli_zone_edit() { |
fe52c5e0 | 204 | firewall_zone_edit "$@" |
4fedddef MT |
205 | |
206 | exit ${EXIT_OK} | |
207 | } |