From c11bbbc043d7ecb7ee1b7e10672f7feb319a6b35 Mon Sep 17 00:00:00 2001 From: Stefan Schantl Date: Sat, 15 Apr 2023 15:13:57 +0200 Subject: [PATCH] rules.pl: Introduce set_loader mechanism This introduces a mechanism where each setname and the function which is used to proper load this set are stored in a hash. The load_set function will use this information to call the correct function. To register a set loader the register_set_loader function can be used by specifying the function name and an array of affected set names. Signed-off-by: Stefan Schantl --- config/firewall/rules.pl | 40 ++++++++++++++++++++++++++++++++++++++++ 1 file changed, 40 insertions(+) diff --git a/config/firewall/rules.pl b/config/firewall/rules.pl index ada179d000..3350e7eb0b 100644 --- a/config/firewall/rules.pl +++ b/config/firewall/rules.pl @@ -80,6 +80,7 @@ my %blocklistsettings= ( ); my %ipset_loaded_sets = (); +my %set_loader = (); my $configfwdfw = "${General::swroot}/firewall/config"; my $configinput = "${General::swroot}/firewall/input"; @@ -128,6 +129,10 @@ my $POLICY_INPUT_ACTION = $fwoptions{"FWPOLICY2"}; my $POLICY_FORWARD_ACTION = $fwoptions{"FWPOLICY"}; my $POLICY_OUTPUT_ACTION = $fwoptions{"FWPOLICY1"}; +# Register set loaders. +®ister_set_loader("Location::Functions::load_location", @locations); +®ister_set_loader("IPblocklist::Functions::load_blocklist", @blocklists); + #workaround to suppress a warning when a variable is used only once my @dummy = ( $Location::Functions::ipset_db_directory ); undef (@dummy); @@ -1042,3 +1047,38 @@ sub firewall_chain_exists ($) { return $ret; } + +sub load_set($) { + my ($setname) = @_; + + # Skip the set if the requested allready has been loaded during + # this script run. + return if($ipset_loaded_sets{$setname}); + + # Print a message if debug is enabled. + print "Loading set $setname\n" if ($DEBUG); + + # Obtain the correct loader for the requested set. + my $loader = &get_set_loader($setname); + + # Load the set. + &$loader($setname); + + # Mark the set as loaded. + $ipset_loaded_sets{$setname} = "1"; +} + +sub register_set_loader ($@) { + my ($function, @elements) = @_; + + # Loop through the given array. + foreach my $element (@elements) { + $set_loader{$element} = \&$function; + } +} + +sub get_set_loader ($) { + my ($element) = @_; + + return $set_loader{$element}; +} -- 2.39.5