[people/stevee/network.git] / functions.cli.firewall

#!/bin/bash
###############################################################################
#                                                                             #
# IPFire.org - A linux based firewall                                         #
# Copyright (C) 2012  IPFire Network Development Team                         #
#                                                                             #
# This program is free software: you can redistribute it and/or modify        #
# it under the terms of the GNU General Public License as published by        #
# the Free Software Foundation, either version 3 of the License, or           #
# (at your option) any later version.                                         #
#                                                                             #
# This program is distributed in the hope that it will be useful,             #
# but WITHOUT ANY WARRANTY; without even the implied warranty of              #
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the               #
# GNU General Public License for more details.                                #
#                                                                             #
# You should have received a copy of the GNU General Public License           #
# along with this program.  If not, see <http://www.gnu.org/licenses/>.       #
#                                                                             #
###############################################################################

function firewall_cli() {
	local protocol="${1}"
	assert isset protocol
	shift

	# Parse the command line
	while [ $# -gt 0 ]; do
		case "${1}" in
			-d|--debug)
				DEBUG=1
				log DEBUG "Enabled debugging mode"
				;;
			*)
				action=${1}
				;;
		esac
		shift
		[ -n "${action}" ] && break
	done

	# Process the given action
	case "${action}" in
		start|restart|reload)
			firewall_start "${protocol}" "$@"
			;;

		stop)
			firewall_stop "${protocol}" "$@"
			;;

		show)
			firewall_show "${protocol}" "$@"
			;;

		panic)
			firewall_cli_panic "${protocol}" "$@"
			;;

		config)
			firewall_cli_config "${protocol}" $@
			;;

		zone)
			firewall_cli_zone $@
			;;

		""|help|--help|-h)
			cli_usage root
			exit ${EXIT_OK}
			;;

		*)
			error "Invalid command given: ${action}"
			cli_usage usage
			exit ${EXIT_CONF_ERROR}
			;;
	esac

	exit ${EXIT_OK}
}

function firewall_cli_panic() {
	local protocol="${1}"
	assert isset protocol
	shift

	if cli_help_requested $@; then
		cli_show_man firewall-panic
		exit ${EXIT_OK}
	fi

	local admin_hosts
	while [ $# -gt 0 ]; do
		case "${1}" in
			*)
				if ip_is_valid ${1}; then
					admin_hosts="${admin_hosts} ${1}"
				else
					warning "Invalid IP address: ${1}"
				fi
				;;
		esac
		shift
	done

	firewall_panic ${admin_hosts}
}

function firewall_cli_config() {
	local protocol="${1}"
	assert isset protocol
	shift

	if cli_help_requested $@; then
		cli_usage root-config
		exit ${EXIT_OK}
	fi

	if [ -n "${1}" ]; then
		config_set "$@"
		firewall_config_write "${protocol}"
	else
		firewall_config_print "${protocol}"
	fi
}

function firewall_cli_zone() {
	local protocol="${1}"
	assert isset protocol
	shift 

	if cli_help_requested $@; then
		cli_show_man firewall-zone
		exit ${EXIT_OK}
	fi

	if zone_name_is_valid ${1}; then
		local zone=${1}
		local action=${2}
		shift 2

		# Check if the given zone exists.
		if ! zone_exists ${zone}; then
			error "Zone '${zone}' does not exist."
			cli_run_help firewall zone

			exit ${EXIT_ERROR}
		fi

		# Process the given action.
		case "${action}" in
			edit)
				firewall_cli_zone_edit ${zone} $@
				;;
			status|"")
				firewall_cli_zone_status ${zone} $@
				;;

			# Print the raw configuration settings.
			show)
				firewall_zone_print ${zone} $@

				exit ${EXIT_ERROR}
				;;
			*)
				error "Unrecognized action: ${action}"
				cli_run_help firewall zone

				exit ${EXIT_ERROR}
				;;
		esac
	else
		local action=${1}
		shift

		case "${action}" in
			reset)
				firewall_zone_reset $@
				exit $?
				;;

			*)
				error "Unrecognized action: ${action}"
				cli_run_help firewall zone

				exit ${EXIT_ERROR}
				;;
		esac
	fi
}

# Show firewall zone conifguration.
function firewall_cli_zone_status() {
	local zone=${1}
	assert isset zone

	(
		firewall_zone_read ${zone}

		cli_headline 1 "Zone ${zone} (policy ${POLICY})"
		cli_print_fmt1 1 "Masquerade" "$(cli_print_bool ${MASQUERADE})"

		cli_space
	)

	exit ${EXIT_OK}
}

# Edit firewall zone configuration.
function firewall_cli_zone_edit() {
	firewall_zone_edit "$@"

	exit ${EXIT_OK}
}
Commit	Line	Data
98146c00 MT	1	#!/bin/bash
	2	###############################################################################
	3	# #
	4	# IPFire.org - A linux based firewall #
	5	# Copyright (C) 2012 IPFire Network Development Team #
	6	# #
	7	# This program is free software: you can redistribute it and/or modify #
	8	# it under the terms of the GNU General Public License as published by #
	9	# the Free Software Foundation, either version 3 of the License, or #
	10	# (at your option) any later version. #
	11	# #
	12	# This program is distributed in the hope that it will be useful, #
	13	# but WITHOUT ANY WARRANTY; without even the implied warranty of #
	14	# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
	15	# GNU General Public License for more details. #
	16	# #
	17	# You should have received a copy of the GNU General Public License #
	18	# along with this program. If not, see <http://www.gnu.org/licenses/>. #
	19	# #
	20	###############################################################################
	21
fe52c5e0 MT	22	function firewall_cli() {
	23	local protocol="${1}"
	24	assert isset protocol
	25	shift
98146c00	26
fe52c5e0 MT	27	# Parse the command line
	28	while [ $# -gt 0 ]; do
	29	case "${1}" in
	30	-d\|--debug)
	31	DEBUG=1
	32	log DEBUG "Enabled debugging mode"
	33	;;
	34	*)
	35	action=${1}
	36	;;
	37	esac
	38	shift
	39	[ -n "${action}" ] && break
	40	done
98146c00	41
fe52c5e0 MT	42	# Process the given action
	43	case "${action}" in
	44	start\|restart\|reload)
	45	firewall_start "${protocol}" "$@"
	46	;;
	47
	48	stop)
	49	firewall_stop "${protocol}" "$@"
	50	;;
	51
	52	show)
	53	firewall_show "${protocol}" "$@"
	54	;;
	55
	56	panic)
	57	firewall_cli_panic "${protocol}" "$@"
	58	;;
	59
	60	config)
	61	firewall_cli_config "${protocol}" $@
	62	;;
	63
	64	zone)
	65	firewall_cli_zone $@
	66	;;
	67
	68	""\|help\|--help\|-h)
	69	cli_usage root
	70	exit ${EXIT_OK}
	71	;;
	72
	73	*)
	74	error "Invalid command given: ${action}"
	75	cli_usage usage
	76	exit ${EXIT_CONF_ERROR}
	77	;;
	78	esac
98146c00	79
fe52c5e0	80	exit ${EXIT_OK}
afb7d704 MT	81	}
afb7d704 MT	82
fe52c5e0 MT	83	function firewall_cli_panic() {
	84	local protocol="${1}"
	85	assert isset protocol
	86	shift
	87
afb7d704 MT	88	if cli_help_requested $@; then
	89	cli_show_man firewall-panic
	90	exit ${EXIT_OK}
	91	fi
	92
	93	local admin_hosts
	94	while [ $# -gt 0 ]; do
	95	case "${1}" in
	96	*)
	97	if ip_is_valid ${1}; then
	98	admin_hosts="${admin_hosts} ${1}"
	99	else
	100	warning "Invalid IP address: ${1}"
	101	fi
	102	;;
	103	esac
	104	shift
	105	done
	106
	107	firewall_panic ${admin_hosts}
	108	}
	109
fe52c5e0 MT	110	function firewall_cli_config() {
	111	local protocol="${1}"
	112	assert isset protocol
	113	shift
	114
3647b19f MT	115	if cli_help_requested $@; then
	116	cli_usage root-config
	117	exit ${EXIT_OK}
	118	fi
	119
	120	if [ -n "${1}" ]; then
fe52c5e0 MT	121	config_set "$@"
fe52c5e0 MT	122	firewall_config_write "${protocol}"
3647b19f	123	else
fe52c5e0	124	firewall_config_print "${protocol}"
3647b19f MT	125	fi
	126	}
	127
fe52c5e0 MT	128	function firewall_cli_zone() {
	129	local protocol="${1}"
	130	assert isset protocol
	131	shift
	132
4fedddef MT	133	if cli_help_requested $@; then
	134	cli_show_man firewall-zone
	135	exit ${EXIT_OK}
	136	fi
	137
	138	if zone_name_is_valid ${1}; then
	139	local zone=${1}
	140	local action=${2}
	141	shift 2
	142
	143	# Check if the given zone exists.
	144	if ! zone_exists ${zone}; then
	145	error "Zone '${zone}' does not exist."
	146	cli_run_help firewall zone
	147
	148	exit ${EXIT_ERROR}
	149	fi
	150
	151	# Process the given action.
	152	case "${action}" in
	153	edit)
fe52c5e0	154	firewall_cli_zone_edit ${zone} $@
4fedddef MT	155	;;
4fedddef MT	156	status\|"")
fe52c5e0	157	firewall_cli_zone_status ${zone} $@
4fedddef MT	158	;;
	159
	160	# Print the raw configuration settings.
	161	show)
	162	firewall_zone_print ${zone} $@
	163
	164	exit ${EXIT_ERROR}
	165	;;
	166	*)
	167	error "Unrecognized action: ${action}"
	168	cli_run_help firewall zone
	169
	170	exit ${EXIT_ERROR}
	171	;;
	172	esac
	173	else
	174	local action=${1}
	175	shift
	176
	177	case "${action}" in
	178	reset)
	179	firewall_zone_reset $@
	180	exit $?
	181	;;
	182
	183	*)
	184	error "Unrecognized action: ${action}"
	185	cli_run_help firewall zone
	186
	187	exit ${EXIT_ERROR}
	188	;;
	189	esac
	190	fi
	191	}
	192
	193	# Show firewall zone conifguration.
fe52c5e0	194	function firewall_cli_zone_status() {
4fedddef MT	195	local zone=${1}
	196	assert isset zone
	197
	198	(
	199	firewall_zone_read ${zone}
	200
	201	cli_headline 1 "Zone ${zone} (policy ${POLICY})"
	202	cli_print_fmt1 1 "Masquerade" "$(cli_print_bool ${MASQUERADE})"
	203
	204	cli_space
	205	)
	206
	207	exit ${EXIT_OK}
	208	}
	209
	210	# Edit firewall zone configuration.
fe52c5e0 MT	211	function firewall_cli_zone_edit() {
fe52c5e0 MT	212	firewall_zone_edit "$@"
4fedddef MT	213
	214	exit ${EXIT_OK}
	215	}