Add ability to reload the ignore list.

From now the ignore list easily can be reloaded by sending a
"SIGUSR1" signal to the guardian main process or by using the
UNIX socket and sending a "reload-ignore-list".

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>

diff --git a/guardian b/guardian
index 3e6128f955d75c9bb81a3236801b22775e5e1bbc..d01612525dfe2ec2332b3aefc6afd3b74dd8f111 100644 (file)
--- a/guardian
+++ b/guardian
@@ -2,7 +2,7 @@
 ###############################################################################
 #                                                                             #
 # IPFire.org - A linux based firewall                                         #
-# Copyright (C) 2015  IPFire Development Team                                 #
+# Copyright (C) 2015-2016  IPFire Development Team                            #
 #                                                                             #
 # This program is free software: you can redistribute it and/or modify        #
 # it under the terms of the GNU General Public License as published by        #
@@ -333,6 +333,7 @@ sub SignalHandler {
        $SIG{TERM} = \&Shutdown;
        $SIG{QUIT} = \&Shutdown;
        $SIG{HUP} = \&Reload;
+       $SIG{USR1} = \&ReloadIgnoreList;
 }
 
 #
@@ -394,10 +395,8 @@ sub Reload () {
        # Update logger object in mainsettings hash.
        $mainsettings{Logger} = $logger;
 
-       # Update ignore list, if one has been specified.
-       if (exists($mainsettings{IgnoreFile})) {
-               &Guardian::Events::GenerateIgnoreList($mainsettings{IgnoreFile});
-       }
+       # Update ignore list.
+       &ReloadIgnoreList();
 
        # Re-generate hash of monitored files.
        %monitored_files = &Guardian::Base::GenerateMonitoredFiles(\%mainsettings, \%monitored_files);
@@ -406,6 +405,25 @@ sub Reload () {
        &StartWorkers();
 }
 
+#
+## ReloadIgnoreList function.
+#
+## This function will be called if the signal handler recieves a "SIGUSR1" signal,
+## or the reload-ignore-list command will be sent via the socket connection. It just
+## performs a simple check if an ignore file has been configured and calls the responsible
+## function on the events module.
+#
+sub ReloadIgnoreList () {
+       # Update ignore list, if an ignorefile has been specified.
+       if (exists($mainsettings{IgnoreFile})) {
+               # Log reload of the ignore list.
+               $logger->Log("info", "Reloading ignore list...");
+
+               # Call responsible function from the events module.
+               &Guardian::Events::GenerateIgnoreList($mainsettings{IgnoreFile});
+       }
+}
+
 #
 ## Shutdown function.
 #

diff --git a/modules/Events.pm b/modules/Events.pm
index e7699678cd0719c05c9b20ba1d4aa462095361e6..376438fb25681119ac6df1537e046d8994f01a1d 100644 (file)
--- a/modules/Events.pm
+++ b/modules/Events.pm
@@ -13,6 +13,7 @@ my %commands = (
        'unblock' => \&CallUnblock,
        'flush' => \&CallFlush,
        'reload' => \&main::Reload,
+       'reload-ignore-list' => \&main::ReloadIgnoreList,
 );
 
 # Hash to store addresses and their current count.

diff --git a/modules/Socket.pm b/modules/Socket.pm
index 637a17e1280840008b7a69687c8e4377e84bfff6..d4c9a3051ab9b16ec6d72de39ce81268868b7247 100644 (file)
--- a/modules/Socket.pm
+++ b/modules/Socket.pm
@@ -19,6 +19,7 @@ my %supported_commands = (
        'unblock' => 'unblock',
        'flush' => 'flush',
        'reload' => 'reload',
+       'reload-ignore-list' => 'reload-ignore-list',
        'logrotate' => 'logrotate',
 );