Introduce guardianctrl.
[people/stevee/guardian.git] / guardianctrl.in
CommitLineData
06007854
SS
1#!/usr/bin/perl
2###############################################################################
3# #
4# IPFire.org - A linux based firewall #
5# Copyright (C) 2015-2016 IPFire Development Team #
6# #
7# This program is free software: you can redistribute it and/or modify #
8# it under the terms of the GNU General Public License as published by #
9# the Free Software Foundation, either version 3 of the License, or #
10# (at your option) any later version. #
11# #
12# This program is distributed in the hope that it will be useful, #
13# but WITHOUT ANY WARRANTY; without even the implied warranty of #
14# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
15# GNU General Public License for more details. #
16# #
17# You should have received a copy of the GNU General Public License #
18# along with this program. If not, see <http://www.gnu.org/licenses/>. #
19# #
20###############################################################################
21
22use strict;
23use Switch;
24
25require Guardian::Base;
26require Guardian::Daemon;
27require Guardian::Socket;
28
29use warnings;
30
31# Define version.
32my $version ="@PACKAGE_VERSION@";
33
34# Assign given command line arguments some pretty variable names.
35my ($command, $opt_argument) = @ARGV;
36
37# Process given command from command line.
38switch($command) {
39 case "status" { &HandleStatus(); }
40
41 case "block" { &HandleBlockUnblockCommand($command, $opt_argument); }
42 case "unblock" { &HandleBlockUnblockCommand($command, $opt_argument); }
43
44 case "flush" { &SendCommand("flush"); }
45 case "reload" { &SendCommand("reload"); }
46 case "reload-ignore-list" { &SendCommand("reload-ignore-list"); }
47 case "logrotate" { &SendCommand("logrotate"); }
48
49 # Print usage / help text.
50 else {
51 print "Guardian $version \n";
52 print "Usage: guardianctrl <command> <optional arguments>\n";
53 print " block <address>\tBlock the given IP-address.\n";
54 print " unblock <address>\tUnblock the given IP-address.\n\n";
55
56 print " flush\t\t\tUnblock/Flush all blocked IP-addresses.\n";
57 print " status\t\t\tDisplay weather guardian is running and some details.\n\n";
58
59 print " reload\t\t\tReload the configuration.\n";
60 print " reload-ignore-list\tForce guardian to reload/regenerate it's ignore list.\n";
61 print " logrotate\t\tTell guardian that the monitored files have been rotated by logrotate.\n";
62 }
63}
64
65#
66## The SendCommand function.
67#
68## This function is responsible for sending commands to guardian by using the provided
69## client function from guardian's socket module. It also does a check if guardian has
70## been launched, before trying to sent the desired command.
71#
72sub SendCommand ($) {
73 my ($command) = @_;
74
75 # Abort if no guardian instance is running.
76 unless (&Guardian::Daemon::IsRunning()) {
77 print STDERR "No running guardian instance found. Aborting!\n";
78 return;
79 }
80
81 # Use the Socket client to transmitt the requested command to the daemon.
82 &Guardian::Socket::Client($command);
83}
84
85#
86## HandleBlockUnblockCommand function.
87#
88## This function mostly does the input validation for blocking and unblocking addresses
89## before using the SendCommand() function to submit the desired command to the running
90## guardian process.
91#
92sub HandleBlockUnblockCommand ($$) {;
93 my ($command, $address) = @_;
94
95 # Check if an address has been given.
96 unless ($address) {
97 print STDERR "No address has been given.\n";
98 return;
99 }
100
101 # Check if the provided address is valid.
102 # The called function will return 4 or 6 for the used IP-protocol
103 # version if the address is valid.
104 unless (&Guardian::Base::DetectIPProtocolVersion($address)) {
105 print STDERR "$address is not a valid IPv4 nor IPv6 address.\n";
106 return;
107 }
108
109 # Check if the given address is localhost.
110 if (($address eq "127.0.0.1") || ($address eq "::1")) {
111 print STDERR "$address is localhost and must not be blocked.\n";
112 return;
113 }
114
115 # Check if block/unblock has been called.
116 if (($command eq "block") || ($command eq "unblock")) {
117 # Call subfunction to send the command through the socket.
118 &SendCommand("$command $address");
119 }
120}
121
122#
123## HandleStatus function.
124#
125## This function just checks if guardian is running and will print some additional details.
126#
127sub HandleStatus () {
128 # Check if guardian is running.
129 unless (&Guardian::Daemon::IsRunning()) {
130 print STDERR "Guardian is not running yet.\n";
131 return;
132 }
133
134 # Grab process-id.
135 my $pid = &Guardian::Daemon::GetPid();
136
137 # Print out grabbed details.
138 print "Guardian is running with process-id ($pid).\n";
139}