iptables module: backup and revert functions

private class for reading current configuration

iptables module: backup and revert functions
private class for reading current configuration
858b186a · Kaarle Ritvanen · 4dab1c77 · 858b186a
Commit 858b186a authored Mar 26, 2012 by Kaarle Ritvanen
Hide whitespace changes
Inline Side-by-side

Showing with 30 additions and 16 deletions

awall/iptables.lua awall/iptables.lua +30 -16

No files found.
--- a/awall/iptables.lua
+++ b/awall/iptables.lua
@@ -22,9 +22,19 @@ local families = {inet={cmd='iptables', file='rules-save'},
 local builtin = {'INPUT', 'FORWARD', 'OUTPUT',
 		 'PREROUTING', 'POSTROUTING'}

+local backupdir = '/var/run/awall'
+

 local BaseIPTables = class(awall.object.Object)

+function BaseIPTables:dump(dir)
+   for family, tbls in pairs(families) do
+      local file = io.output(dir..'/'..families[family].file)
+      self:dumpfile(family, file)
+      file:close()
+   end
+end
+
 function BaseIPTables:restore(...)
   for family, params in pairs(families) do
      local pid, stdin, stdout = lpc.run(params.cmd..'-restore', unpack(arg))
@@ -69,27 +79,31 @@ function IPTables:dumpfile(family, iptfile)
   end
 end

-function IPTables:dump(dir)
-   for family, tbls in pairs(self.config) do
-      self:dumpfile(family, io.output(dir..'/'..families[family].file))
-   end
+
+local Current = class(BaseIPTables)
+
+function Current:dumpfile(family, iptfile)
+   local pid, stdin, stdout = lpc.run(families[family].cmd..'-save')
+   stdin:close()
+   for line in stdout:lines() do iptfile:write(line..'\n') end
+   stdout:close()
+   assert(lpc.wait(pid) == 0)
 end


-Backup = class(BaseIPTables)
+local Backup = class(BaseIPTables)

-function Backup:init()
-   for family, params in pairs(families) do
-      self[family] = io.tmpfile()
-      local pid, stdin, stdout = lpc.run(params.cmd..'-save')
-      stdin:close()
-      for line in stdout:lines() do self[family]:write(line..'\n') end
-      stdout:close()
-      assert(lpc.wait(pid) == 0)
+function Backup:dumpfile(family, iptfile)
+   for line in io.lines(backupdir..'/'..families[family].file) do
+      iptfile:write(line..'\n')
   end
 end

-function Backup:dumpfile(family, iptfile)
-   self[family]:seek('set')
-   for line in self[family]:lines() do iptfile:write(line..'\n') end
+
+function backup()
+   Current.new():dump(backupdir)
+end
+
+function revert()
+   Backup.new():activate()
 end