2 ###############################################################################
4 # IPFire.org - A linux based firewall #
5 # Copyright (C) 2015-2016 IPFire Development Team #
7 # This program is free software: you can redistribute it and/or modify #
8 # it under the terms of the GNU General Public License as published by #
9 # the Free Software Foundation, either version 3 of the License, or #
10 # (at your option) any later version. #
12 # This program is distributed in the hope that it will be useful, #
13 # but WITHOUT ANY WARRANTY; without even the implied warranty of #
14 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
15 # GNU General Public License for more details. #
17 # You should have received a copy of the GNU General Public License #
18 # along with this program. If not, see <http://www.gnu.org/licenses/>. #
20 ###############################################################################
25 require Guardian
::Base
;
26 require Guardian
::Daemon
;
27 require Guardian
::Socket
;
32 my $version ="@PACKAGE_VERSION@";
34 # Assign given command line arguments some pretty variable names.
35 my ($command, $opt_argument) = @ARGV;
37 # Process given command from command line.
39 case
"status" { &HandleStatus
(); }
41 case
"block" { &HandleBlockUnblockCommand
($command, $opt_argument); }
42 case
"unblock" { &HandleBlockUnblockCommand
($command, $opt_argument); }
44 case
"flush" { &SendCommand
("flush"); }
45 case
"reload" { &SendCommand
("reload"); }
46 case
"reload-ignore-list" { &SendCommand
("reload-ignore-list"); }
47 case
"logrotate" { &SendCommand
("logrotate"); }
49 # Print usage / help text.
51 print "Guardian $version \n";
52 print "Usage: guardianctrl <command> <optional arguments>\n";
53 print " block <address>\tBlock the given IP-address.\n";
54 print " unblock <address>\tUnblock the given IP-address.\n\n";
56 print " flush\t\t\tUnblock/Flush all blocked IP-addresses.\n";
57 print " status\t\t\tDisplay weather guardian is running and some details.\n\n";
59 print " reload\t\t\tReload the configuration.\n";
60 print " reload-ignore-list\tForce guardian to reload/regenerate it's ignore list.\n";
61 print " logrotate\t\tTell guardian that the monitored files have been rotated by logrotate.\n";
66 ## The SendCommand function.
68 ## This function is responsible for sending commands to guardian by using the provided
69 ## client function from guardian's socket module. It also does a check if guardian has
70 ## been launched, before trying to sent the desired command.
75 # Abort if no guardian instance is running.
76 unless (&Guardian
::Daemon
::IsRunning
()) {
77 print STDERR
"No running guardian instance found. Aborting!\n";
81 # Use the Socket client to transmitt the requested command to the daemon.
82 &Guardian
::Socket
::Client
($command);
86 ## HandleBlockUnblockCommand function.
88 ## This function mostly does the input validation for blocking and unblocking addresses
89 ## before using the SendCommand() function to submit the desired command to the running
92 sub HandleBlockUnblockCommand
($$) {;
93 my ($command, $address) = @_;
95 # Check if an address has been given.
97 print STDERR
"No address has been given.\n";
101 # Check if the provided address is valid.
102 # The called function will return 4 or 6 for the used IP-protocol
103 # version if the address is valid.
104 unless (&Guardian
::Base
::DetectIPProtocolVersion
($address)) {
105 print STDERR
"$address is not a valid IPv4 nor IPv6 address.\n";
109 # Check if the given address is localhost.
110 if (($address eq "127.0.0.1") || ($address eq "::1")) {
111 print STDERR
"$address is localhost and must not be blocked.\n";
115 # Check if block/unblock has been called.
116 if (($command eq "block") || ($command eq "unblock")) {
117 # Call subfunction to send the command through the socket.
118 &SendCommand
("$command $address");
123 ## HandleStatus function.
125 ## This function just checks if guardian is running and will print some additional details.
127 sub HandleStatus
() {
128 # Check if guardian is running.
129 unless (&Guardian
::Daemon
::IsRunning
()) {
130 print STDERR
"Guardian is not running yet.\n";
135 my $pid = &Guardian
::Daemon
::GetPID
();
137 # Print out grabbed details.
138 print "Guardian is running with process-id ($pid).\n";