rules.pl: Add load_customsrvgrp() function.

This is the set loader function to deal with custom service groups.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>

diff --git a/config/firewall/rules.pl b/config/firewall/rules.pl
index d417a5ab49d9c9ab5d8e3ac398d351e2add2fb9e..a528a78a2358780447c67d84698f7047ea1e40a4 100644 (file)
--- a/config/firewall/rules.pl
+++ b/config/firewall/rules.pl
@@ -1066,3 +1066,27 @@ sub load_customgrp ($) {
        # Return the error message if there was one.
        return $error if($error);
 }
+
+sub load_customsrvgrp ($) {
+       my ($group) = @_;
+
+       # Split the protocol from the given name.
+       my ($srvgrp, $proto) = split(/_/, $group);
+
+       # Abort if the protocol not set of not supported.
+       return "No proto" unless($proto);
+       return "Invalid proto $proto" unless(grep(lc($proto), @PROTOCOLS_WITH_PORTS));
+
+       # Get the assigned ports for the given service group name and the
+       # protocol.
+       my @data = &fwlib::get_custom_srvgrp_ports($srvgrp, $proto);
+
+       # Abort if there is no data.
+       return "No data" unless(@data);
+
+       # Call the ipset_load_set function to load the set.
+       my $error = &IPSet::Functions::ipset_load_set($group, @data);
+
+       # Return the error message if there was one.
+       return $error if($error);
+}