Commit 858b186a authored by Kaarle Ritvanen's avatar Kaarle Ritvanen

iptables module: backup and revert functions

private class for reading current configuration
parent 4dab1c77
...@@ -22,9 +22,19 @@ local families = {inet={cmd='iptables', file='rules-save'}, ...@@ -22,9 +22,19 @@ local families = {inet={cmd='iptables', file='rules-save'},
local builtin = {'INPUT', 'FORWARD', 'OUTPUT', local builtin = {'INPUT', 'FORWARD', 'OUTPUT',
'PREROUTING', 'POSTROUTING'} 'PREROUTING', 'POSTROUTING'}
local backupdir = '/var/run/awall'
local BaseIPTables = class(awall.object.Object) local BaseIPTables = class(awall.object.Object)
function BaseIPTables:dump(dir)
for family, tbls in pairs(families) do
local file = io.output(dir..'/'..families[family].file)
self:dumpfile(family, file)
file:close()
end
end
function BaseIPTables:restore(...) function BaseIPTables:restore(...)
for family, params in pairs(families) do for family, params in pairs(families) do
local pid, stdin, stdout = lpc.run(params.cmd..'-restore', unpack(arg)) local pid, stdin, stdout = lpc.run(params.cmd..'-restore', unpack(arg))
...@@ -69,27 +79,31 @@ function IPTables:dumpfile(family, iptfile) ...@@ -69,27 +79,31 @@ function IPTables:dumpfile(family, iptfile)
end end
end end
function IPTables:dump(dir)
for family, tbls in pairs(self.config) do local Current = class(BaseIPTables)
self:dumpfile(family, io.output(dir..'/'..families[family].file))
end function Current:dumpfile(family, iptfile)
local pid, stdin, stdout = lpc.run(families[family].cmd..'-save')
stdin:close()
for line in stdout:lines() do iptfile:write(line..'\n') end
stdout:close()
assert(lpc.wait(pid) == 0)
end end
Backup = class(BaseIPTables) local Backup = class(BaseIPTables)
function Backup:init() function Backup:dumpfile(family, iptfile)
for family, params in pairs(families) do for line in io.lines(backupdir..'/'..families[family].file) do
self[family] = io.tmpfile() iptfile:write(line..'\n')
local pid, stdin, stdout = lpc.run(params.cmd..'-save')
stdin:close()
for line in stdout:lines() do self[family]:write(line..'\n') end
stdout:close()
assert(lpc.wait(pid) == 0)
end end
end end
function Backup:dumpfile(family, iptfile)
self[family]:seek('set') function backup()
for line in self[family]:lines() do iptfile:write(line..'\n') end Current.new():dump(backupdir)
end
function revert()
Backup.new():activate()
end end
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment