[people/stevee/network.git] / src / functions / functions.firewall-zones

#!/bin/bash
###############################################################################
#                                                                             #
# IPFire.org - A linux based firewall                                         #
# Copyright (C) 2012  IPFire Network Development Team                         #
#                                                                             #
# This program is free software: you can redistribute it and/or modify        #
# it under the terms of the GNU General Public License as published by        #
# the Free Software Foundation, either version 3 of the License, or           #
# (at your option) any later version.                                         #
#                                                                             #
# This program is distributed in the hope that it will be useful,             #
# but WITHOUT ANY WARRANTY; without even the implied warranty of              #
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the               #
# GNU General Public License for more details.                                #
#                                                                             #
# You should have received a copy of the GNU General Public License           #
# along with this program.  If not, see <http://www.gnu.org/licenses/>.       #
#                                                                             #
###############################################################################

firewall_zone_create() {
	local zone=${1}
	assert isset zone

	# Do nothing if the zone configuration already exists.
	firewall_zone_exists ${zone} && return ${EXIT_OK}

	# Write defaults to the file.
	(
		firewall_zone_read ${zone}
		firewall_zone_write ${zone}
	)

	return ${EXIT_OK}
}

firewall_zone_config() {
	local zone=${1}
	assert isset zone

	print "$(zone_dir ${zone})/fwsettings"
	return ${EXIT_OK}
}

firewall_zone_exists() {
	local file=$(firewall_zone_config $@)

	[ -r "${file}" ] && return ${EXIT_TRUE} || return ${EXIT_FALSE}
}

firewall_zone_read() {
	local zone=${1}
	assert isset zone

	local file=$(firewall_zone_config ${zone})
	assert isset file

	settings_read ${file} ${FIREWALL_ZONE_SETTINGS}

	local arg default
	for arg in ${FIREWALL_ZONE_SETTINGS}; do
		isset ${arg} && continue

		default="FIREWALL_ZONE_SETTINGS_${arg}"
		assign "${arg}" "${!default}"
	done

	return ${EXIT_OK}
}

firewall_zone_write() {
	local zone=${1}
	assert isset zone

	local file=$(firewall_zone_config ${zone})
	assert isset file

	settings_write ${file} ${FIREWALL_ZONE_SETTINGS}
	return ${EXIT_OK}
}

firewall_zone_print() {
	local zone=${1}
	assert isset zone

	(
		firewall_zone_read ${zone}
		settings_print ${FIREWALL_ZONE_SETTINGS}
	)

	return ${EXIT_OK}
}

firewall_zone_edit() {
	local zone=${1}
	assert isset zone
	shift

	assert firewall_zone_exists ${zone}

	(
		# Read current settings.
		firewall_zone_read ${zone}

		while [ $# -gt 0 ]; do
			case "${1}" in
				--masquerade4=*)
					MASQUERADE4=$(cli_get_val ${1})
					;;
				--policy=*)
					POLICY=$(cli_get_val ${1})
					;;
				*)
					warning "Unknown option: ${1}"
					;;
			esac
			shift
		done

		# Sanetize saved value.
		if enabled MASQUERADE4; then
			MASQUERADE4="true"
		else
			MASQUERADE4="false"
		fi

		# Write updated settings.
		firewall_zone_write ${zone}
	)
}

firewall_zone_reset() {
	local zone=${1}
	assert isset zone

	local file=$(firewall_zone_config ${zone})
	assert isset file

	# Remove the configuration file.
	rm -f ${file}

	# Recreate it.
	firewall_zone_create ${zone}

	return ${EXIT_OK}
}
Commit	Line	Data
4fedddef MT	1	#!/bin/bash
	2	###############################################################################
	3	# #
	4	# IPFire.org - A linux based firewall #
	5	# Copyright (C) 2012 IPFire Network Development Team #
	6	# #
	7	# This program is free software: you can redistribute it and/or modify #
	8	# it under the terms of the GNU General Public License as published by #
	9	# the Free Software Foundation, either version 3 of the License, or #
	10	# (at your option) any later version. #
	11	# #
	12	# This program is distributed in the hope that it will be useful, #
	13	# but WITHOUT ANY WARRANTY; without even the implied warranty of #
	14	# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
	15	# GNU General Public License for more details. #
	16	# #
	17	# You should have received a copy of the GNU General Public License #
	18	# along with this program. If not, see <http://www.gnu.org/licenses/>. #
	19	# #
	20	###############################################################################
4fedddef	21
1c6a4e30	22	firewall_zone_create() {
4fedddef MT	23	local zone=${1}
	24	assert isset zone
	25
	26	# Do nothing if the zone configuration already exists.
	27	firewall_zone_exists ${zone} && return ${EXIT_OK}
	28
	29	# Write defaults to the file.
	30	(
	31	firewall_zone_read ${zone}
	32	firewall_zone_write ${zone}
	33	)
	34
	35	return ${EXIT_OK}
	36	}
	37
1c6a4e30	38	firewall_zone_config() {
4fedddef MT	39	local zone=${1}
	40	assert isset zone
	41
	42	print "$(zone_dir ${zone})/fwsettings"
	43	return ${EXIT_OK}
	44	}
	45
1c6a4e30	46	firewall_zone_exists() {
4fedddef MT	47	local file=$(firewall_zone_config $@)
	48
	49	[ -r "${file}" ] && return ${EXIT_TRUE} \|\| return ${EXIT_FALSE}
	50	}
	51
1c6a4e30	52	firewall_zone_read() {
4fedddef MT	53	local zone=${1}
	54	assert isset zone
	55
	56	local file=$(firewall_zone_config ${zone})
	57	assert isset file
	58
e9df08ad	59	settings_read ${file} ${FIREWALL_ZONE_SETTINGS}
a2c9dff5 MT	60
	61	local arg default
	62	for arg in ${FIREWALL_ZONE_SETTINGS}; do
	63	isset ${arg} && continue
	64
	65	default="FIREWALL_ZONE_SETTINGS_${arg}"
	66	assign "${arg}" "${!default}"
	67	done
	68
4fedddef MT	69	return ${EXIT_OK}
	70	}
	71
1c6a4e30	72	firewall_zone_write() {
4fedddef MT	73	local zone=${1}
	74	assert isset zone
	75
	76	local file=$(firewall_zone_config ${zone})
	77	assert isset file
	78
e9df08ad	79	settings_write ${file} ${FIREWALL_ZONE_SETTINGS}
4fedddef MT	80	return ${EXIT_OK}
	81	}
	82
1c6a4e30	83	firewall_zone_print() {
4fedddef MT	84	local zone=${1}
	85	assert isset zone
	86
	87	(
	88	firewall_zone_read ${zone}
e9df08ad	89	settings_print ${FIREWALL_ZONE_SETTINGS}
4fedddef MT	90	)
	91
	92	return ${EXIT_OK}
	93	}
	94
1c6a4e30	95	firewall_zone_edit() {
4fedddef	96	local zone=${1}
a2c9dff5	97	assert isset zone
4fedddef MT	98	shift
	99
	100	assert firewall_zone_exists ${zone}
	101
	102	(
	103	# Read current settings.
	104	firewall_zone_read ${zone}
	105
	106	while [ $# -gt 0 ]; do
	107	case "${1}" in
a2c9dff5 MT	108	--masquerade4=*)
a2c9dff5 MT	109	MASQUERADE4=$(cli_get_val ${1})
4fedddef MT	110	;;
	111	--policy=*)
	112	POLICY=$(cli_get_val ${1})
	113	;;
	114	*)
	115	warning "Unknown option: ${1}"
	116	;;
	117	esac
	118	shift
	119	done
	120
a2c9dff5 MT	121	# Sanetize saved value.
	122	if enabled MASQUERADE4; then
	123	MASQUERADE4="true"
	124	else
	125	MASQUERADE4="false"
	126	fi
	127
4fedddef MT	128	# Write updated settings.
	129	firewall_zone_write ${zone}
	130	)
	131	}
	132
1c6a4e30	133	firewall_zone_reset() {
4fedddef MT	134	local zone=${1}
	135	assert isset zone
	136
	137	local file=$(firewall_zone_config ${zone})
	138	assert isset file
	139
	140	# Remove the configuration file.
	141	rm -f ${file}
	142
	143	# Recreate it.
	144	firewall_zone_create ${zone}
	145
	146	return ${EXIT_OK}
	147	}