init.lua 2.02 KB
Newer Older
Kaarle Ritvanen's avatar
Kaarle Ritvanen committed
1
2
3
4
5
6
7
8
9
--[[
Alpine Wall main module
Copyright (C) 2012 Kaarle Ritvanen
Licensed under the terms of GPL2
]]--

module(..., package.seeall)

require 'json'
10
require 'lfs'
11
require 'stringy'
Kaarle Ritvanen's avatar
Kaarle Ritvanen committed
12
13

require 'awall.iptables'
14
require 'awall.model'
Kaarle Ritvanen's avatar
Kaarle Ritvanen committed
15
16
17
require 'awall.util'


18
19
local testmode = arg[0] ~= '/usr/sbin/awall'

20
21
22

local modules = {package.loaded['awall.model']}

23
local modpath = testmode and '.' or '/usr/share/lua/5.1'
24
25
26
27
28
29
for modfile in lfs.dir(modpath..'/awall/modules') do
   if stringy.endswith(modfile, '.lua') then
      local name = 'awall.modules.'..string.sub(modfile, 1, -5)
      require(name)
      table.insert(modules, package.loaded[name])
   end
Kaarle Ritvanen's avatar
Kaarle Ritvanen committed
30
31
32
33
34
end


function translate()

35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
   config = {}

   local confdirs = testmode and {'config'} or {'/usr/share/awall',
						'/etc/awall'}

   for i, dir in ipairs(confdirs) do
      for fname in lfs.dir(dir) do
	 if string.sub(fname, 1, 1) ~= '.' then
	    local data = ''
	    for line in io.lines(dir..'/'..fname) do data = data..line end
	    data = json.decode(data)
	    
	    for cls, objs in pairs(data) do
	       if not config[cls] then config[cls] = objs
	       elseif objs[1] then util.extend(config[cls], objs)
	       else
		  for k, v in pairs(objs) do config[cls][k] = v end
	       end
	    end
	 end
      end
   end
Kaarle Ritvanen's avatar
Kaarle Ritvanen committed
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86

   function insertrule(trule)
      local t = awall.iptables.config[trule.family][trule.table][trule.chain]
      if trule.position == 'prepend' then
	 table.insert(t, 1, trule.opts)
      else
	 table.insert(t, trule.opts)
      end
   end

   local locations = {}

   for i, mod in ipairs(modules) do
      for path, cls in pairs(mod.classmap) do
	 if config[path] then	    
	    awall.util.map(config[path], cls.morph)
	    table.insert(locations, config[path])
	 end
      end

      for i, rule in ipairs(mod.defrules) do insertrule(rule) end
   end


   for i, location in ipairs(locations) do
      for i, rule in ipairs(location) do
	 for i, trule in ipairs(rule:trules()) do insertrule(trule) end
      end
   end

87
   awall.iptables.dump(testmode and 'output' or '/etc/iptables')
Kaarle Ritvanen's avatar
Kaarle Ritvanen committed
88
89

end