rules.pl: Add load_customsrvgrp() function.

This is the set loader function to deal with custom service groups.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>

diff --git a/config/firewall/rules.pl b/config/firewall/rules.pl
index ce58e28bcfacee7332d4a89916fc2301843c1eb7..efe28cffc53ea60fd6d4b0c7782b5c7bdc74e955 100644 (file)
--- a/config/firewall/rules.pl
+++ b/config/firewall/rules.pl
@@ -1065,3 +1065,27 @@ sub load_customgrp ($) {
        # Return the error message if there was one.
        return $error if($error);
 }
+
+sub load_customsrvgrp ($) {
+       my ($group) = @_;
+
+       # Split the protocol from the given name.
+       my ($srvgrp, $proto) = split(/_/, $group);
+
+       # Abort if the protocol not set of not supported.
+       return "No proto" unless($proto);
+       return "Invalid proto $proto" unless(grep(lc($proto), @PROTOCOLS_WITH_PORTS));
+
+       # Get the assigned ports for the given service group name and the
+       # protocol.
+       my @data = &fwlib::get_custom_srvgrp_ports($srvgrp, $proto);
+
+       # Abort if there is no data.
+       return "No data" unless(@data);
+
+       # Call the ipset_load_set function to load the set.
+       my $error = &IPSet::Functions::ipset_load_set($group, @data);
+
+       # Return the error message if there was one.
+       return $error if($error);
+}