From f5ad4246deff0ddb1b703c74aa58e61e8d8a7866 Mon Sep 17 00:00:00 2001 From: Stefan Schantl Date: Sun, 8 Dec 2019 18:47:08 +0100 Subject: [PATCH] firewall/rules.pl: Make geoipsettings hash and locations array script-wide available. This allows to re-use them. Signed-off-by: Stefan Schantl --- config/firewall/rules.pl | 25 +++++++++++++------------ 1 file changed, 13 insertions(+), 12 deletions(-) diff --git a/config/firewall/rules.pl b/config/firewall/rules.pl index 86db47367a..33ccc9135a 100644 --- a/config/firewall/rules.pl +++ b/config/firewall/rules.pl @@ -55,6 +55,10 @@ my %customgrp=(); my %configinputfw=(); my %configoutgoingfw=(); my %confignatfw=(); +my %geoipsettings = ( + "GEOIPBLOCK_ENABLED" => "off" +); + my @p2ps=(); my $configfwdfw = "${General::swroot}/firewall/config"; @@ -73,6 +77,15 @@ my $netsettings = "${General::swroot}/ethernet/settings"; &General::readhasharray($configoutgoing, \%configoutgoingfw); &General::readhasharray($configgrp, \%customgrp); +# Check if the geoip settings file exists +if (-e "$geoipfile") { + # Read settings file + &General::readhash("$geoipfile", \%geoipsettings); +} + +# Get all GeoIP locations. +my @locations = &fwlib::get_geoip_locations(); + my @log_limit_options = &make_log_limit_options(); my $POLICY_INPUT_ALLOWED = 0; @@ -583,27 +596,15 @@ sub p2pblock { } sub geoipblock { - my %geoipsettings = (); - $geoipsettings{'GEOIPBLOCK_ENABLED'} = "off"; - # Flush iptables chain. run("$IPTABLES -F GEOIPBLOCK"); - # Check if the geoip settings file exists - if (-e "$geoipfile") { - # Read settings file - &General::readhash("$geoipfile", \%geoipsettings); - } - # If geoip blocking is not enabled, we are finished here. if ($geoipsettings{'GEOIPBLOCK_ENABLED'} ne "on") { # Exit submodule. Process remaining script. return; } - # Get supported locations. - my @locations = &fwlib::get_geoip_locations(); - # Loop through all supported geoip locations and # create iptables rules, if blocking this country # is enabled. -- 2.39.5