From 3647b19fd7f96923549b61a85a1ab44c6f1242df Mon Sep 17 00:00:00 2001
From: Michael Tremer <michael.tremer@ipfire.org>
Date: Mon, 28 May 2012 13:24:42 +0000
Subject: [PATCH] Move config functions into seperate file.

---
 firewall            |  18 +++++++
 functions           |   4 +-
 functions.cli       |   3 +-
 functions.config    | 126 ++++++++++++++++++++++++++++++++++++++++++++
 functions.constants |   6 +++
 functions.firewall  |  39 ++++++++++++++
 functions.util      |  89 -------------------------------
 network             |   5 +-
 8 files changed, 195 insertions(+), 95 deletions(-)
 create mode 100644 functions.config

diff --git a/firewall b/firewall
index ca4d16cc..5b49ed14 100755
--- a/firewall
+++ b/firewall
@@ -29,6 +29,20 @@ function cli_stop() {
 	firewall_stop
 }
 
+function cli_config() {
+	if cli_help_requested $@; then
+		cli_usage root-config
+		exit ${EXIT_OK}
+	fi
+
+	if [ -n "${1}" ]; then
+		config_set $@
+		firewall_config_write
+	else
+		firewall_config_print
+	fi
+}
+
 # Parse the command line
 while [ $# -gt 0 ]; do
 	case "${1}" in
@@ -54,6 +68,10 @@ case "${action}" in
 		cli_stop $@
 		;;
 
+	config)
+		cli_config $@
+		;;
+
 	""|help|--help|-h)
 		cli_usage root
 		exit ${EXIT_OK}
diff --git a/functions b/functions
index 3c966b95..f948df22 100644
--- a/functions
+++ b/functions
@@ -23,8 +23,8 @@ for file in /usr/lib/network/functions.*; do
 	. ${file}
 done
 
-# Reading in network tool configuration
-network_config_read
+# Reading in global configuration files
+config_read_globals
 
 # Set colour mode
 case "${COLOURS}" in
diff --git a/functions.cli b/functions.cli
index 554a6501..0f6790a5 100644
--- a/functions.cli
+++ b/functions.cli
@@ -26,7 +26,8 @@ function cli_config() {
 	fi
 
 	if [ -n "${1}" ]; then
-		network_config_set $@
+		config_set $@
+		network_config_write
 	else
 		network_config_print
 	fi
diff --git a/functions.config b/functions.config
new file mode 100644
index 00000000..0d1bcf77
--- /dev/null
+++ b/functions.config
@@ -0,0 +1,126 @@
+#!/bin/bash
+###############################################################################
+#                                                                             #
+# IPFire.org - A linux based firewall                                         #
+# Copyright (C) 2012  IPFire Network Development Team                         #
+#                                                                             #
+# This program is free software: you can redistribute it and/or modify        #
+# it under the terms of the GNU General Public License as published by        #
+# the Free Software Foundation, either version 3 of the License, or           #
+# (at your option) any later version.                                         #
+#                                                                             #
+# This program is distributed in the hope that it will be useful,             #
+# but WITHOUT ANY WARRANTY; without even the implied warranty of              #
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the               #
+# GNU General Public License for more details.                                #
+#                                                                             #
+# You should have received a copy of the GNU General Public License           #
+# along with this program.  If not, see <http://www.gnu.org/licenses/>.       #
+#                                                                             #
+###############################################################################
+
+# Load all global configuration files.
+function config_read_globals() {
+	network_config_read
+	firewall_config_read
+}
+
+function config_read() {
+	local config_file=${1}
+
+	log DEBUG "Reading configuration: ${config_file}"
+
+	if [ -e "${config_file}" ]; then
+		. ${config_file}
+		config_check
+	fi
+}
+
+function config_write() {
+	local config_file=${1}
+	shift
+
+	# Check if all values to be written are sane
+	config_check
+
+	log DEBUG "Writing configuration file ${config_file}."
+
+	mkdir -p $(dirname ${config_file}) 2>/dev/null
+	> ${config_file}
+
+	local param
+	for param in $(listsort $@); do
+		echo "${param}=\"${!param}\"" >> ${config_file}
+	done
+}
+
+function config_print() {
+	local param
+
+	for param in $(listsort $@); do
+		printf "%-16s = %s\n" "${param}" "${!param}"
+	done
+}
+
+function config_check() {
+	# If there is a function defined that is called __check
+	# we call that function
+	[ -n "$(type -t _check)" ] && _check
+}
+
+function config_hostname() {
+	local hostname=${1}
+
+	if [ -n "${hostname}" ]; then
+		echo "${hostname}" > ${CONFIG_HOSTNAME}
+	else
+		echo "$(<${CONFIG_HOSTNAME})"
+	fi
+}
+
+function config_set() {
+	while [ $# -gt 0 ]; do
+		case "${1}" in
+			*=*)
+				log INFO "Setting configuration option '${1}'".			
+				eval ${1}
+				;;
+			*)
+				warning "Invalid parameter given: ${1}"
+				;;
+		esac
+		shift
+	done
+}
+
+function network_config_read() {
+	# Save state of DEBUG and restore it later.
+	local debug=${DEBUG}
+
+	config_read ${CONFIG_FILE}
+
+	if [ -n "${debug}" ]; then
+		DEBUG=${debug}
+	fi
+}
+
+function network_config_write() {
+	config_write ${CONFIG_FILE} ${CONFIG_FILE_PARAMS}
+}
+
+function network_config_print() {
+	config_print ${CONFIG_FILE_PARAMS}
+}
+
+function firewall_config_read() {
+	config_read ${FIREWALL_CONFIG_FILE}
+}
+
+function firewall_config_write() {
+	config_write ${FIREWALL_CONFIG_FILE} \
+		${FIREWALL_CONFIG_PARAMS}
+}
+
+function firewall_config_print() {
+	config_print ${FIREWALL_CONFIG_PARAMS}
+}
diff --git a/functions.constants b/functions.constants
index 2c550b9f..b2ff868d 100644
--- a/functions.constants
+++ b/functions.constants
@@ -90,4 +90,10 @@ PORT_PATTERN_WIRELESS="wN"
 # in which the iptables ruleset will be generated.
 IPTABLES_TMPDIR=
 
+FIREWALL_CONFIG_DIR="/etc/firewall"
+FIREWALL_CONFIG_FILE="${FIREWALL_CONFIG_DIR}/settings"
+FIREWALL_CONFIG_PORTFW="${FIREWALL_CONFIG_DIR}/portfw"
+
+FIREWALL_CONFIG_PARAMS=""
+
 FIREWALL_LOG_FACILITY="syslog"
diff --git a/functions.firewall b/functions.firewall
index 8032a338..f8fe70af 100644
--- a/functions.firewall
+++ b/functions.firewall
@@ -116,3 +116,42 @@ function firewall_connection_tracking() {
 	iptables -A OUTPUT  -j CONNTRACK
 	iptables -A FORWARD -j CONNTRACK
 }
+
+function firewall_import_portfw() {
+	local zone=${1}
+	shift
+
+	local protocol="ipv6"
+	local chain="filter"
+
+	while [ $# -gt 0 ]; do
+		case "${1}" in
+			--chain=*)
+				chain=$(cli_get_val ${1})
+				;;
+			--protocol=*)
+				protocol=$(cli_get_val ${1})
+				;;
+		esac
+	done
+
+	assert isoneof protocol ipv4 ipv6
+
+	local allowed_chains="filter"
+	if [ "${protocol}" = "ipv4" ]; then
+		allowed_chains="${allowed_chains} nat"
+	fi
+	assert isoneof chain ${allowed_chains}
+
+	# XXX TODO
+
+	local src dst proto
+	while read src dst proto; do
+		case "${chain}" in
+			filter)
+				;;
+			nat)
+				;;
+		esac
+	done < ${FIREWALL_CONFIG_PORTFW}
+}
diff --git a/functions.util b/functions.util
index 6aee47d1..694c7a40 100644
--- a/functions.util
+++ b/functions.util
@@ -70,95 +70,6 @@ function listlength() {
 	echo "${length}"
 }
 
-function config_read() {
-	local config_file=${1}
-
-	log DEBUG "Reading configuration: ${config_file}"
-
-	if [ -e "${config_file}" ]; then
-		. ${config_file}
-		config_check
-	fi
-}
-
-function config_write() {
-	local config_file=${1}
-	shift
-
-	# Check if all values to be written are sane
-	config_check
-
-	log DEBUG "Writing configuration file ${config_file}."
-
-	> ${config_file}
-
-	local param
-	for param in $(listsort $@); do
-		echo "${param}=\"${!param}\"" >> ${config_file}
-	done
-}
-
-function config_print() {
-	local param
-
-	for param in $(listsort $@); do
-		printf "%-16s = %s\n" "${param}" "${!param}"
-	done
-}
-
-function config_check() {
-	# If there is a function defined that is called __check
-	# we call that function
-	[ -n "$(type -t _check)" ] && _check
-}
-
-function config_hostname() {
-	local hostname=${1}
-
-	if [ -n "${hostname}" ]; then
-		echo "${hostname}" > ${CONFIG_HOSTNAME}
-	else
-		echo "$(<${CONFIG_HOSTNAME})"
-	fi
-}
-
-function network_config_set() {
-	while [ $# -gt 0 ]; do
-		case "${1}" in
-			*=*)
-				log INFO "Setting configuration option '${1}'".			
-				eval ${1}
-				;;
-			*)
-				warning "Invalid parameter given: ${1}"
-				;;
-		esac
-		shift
-	done
-
-	# Write configuration to disk
-	network_config_write
-}
-
-function network_config_read() {
-	# Save state of DEBUG and restore it later.
-	local debug=${DEBUG}
-
-	config_read ${CONFIG_FILE}
-
-	if [ -n "${debug}" ]; then
-		DEBUG=${debug}
-	fi
-}
-
-function network_config_write() {
-	config_write ${CONFIG_FILE} ${CONFIG_FILE_PARAMS}
-}
-
-function network_config_print() {
-	config_print ${CONFIG_FILE_PARAMS}
-}
-
 # Speedup function to avoid a call of the basename binary
 function basename() {
 	echo "${1##*/}"
diff --git a/network b/network
index 54ad8086..a3b08c6d 100755
--- a/network
+++ b/network
@@ -19,14 +19,11 @@
 #                                                                             #
 ###############################################################################
 
-. /lib/network/functions
-
 # Parse the command line
 while [ $# -gt 0 ]; do
 	case "${1}" in
 		-d|--debug)
 			DEBUG=1
-			log DEBUG "Enabled debugging mode"
 			;;
 		*)
 			action=${1}
@@ -36,6 +33,8 @@ while [ $# -gt 0 ]; do
 	[ -n "${action}" ] && break
 done
 
+. /usr/lib/network/functions
+
 # Process the given action
 case "${action}" in
 	init)
-- 
2.39.2