Commit c6a67bab authored by Kaarle Ritvanen's avatar Kaarle Ritvanen

changed protocol strings to inet and inet6

parent 0e5d732b
......@@ -7,8 +7,8 @@ Licensed under the terms of GPL2
module(..., package.seeall)
local familypatterns = {ip4='%d[%.%d/]+',
ip6='[:%x/]+',
local familypatterns = {inet='%d[%.%d/]+',
inet6='[:%x/]+',
domain='[%a-][%.%w-]*'}
local function getfamily(addr)
......@@ -32,8 +32,8 @@ function resolve(host)
string.match(rec, '^('..familypatterns.domain..')\t+%d+\t+IN\t+(A+)\t+(.+)')
if name and string.sub(name, 1, string.len(host) + 1) == host..'.' then
if rtype == 'A' then family = 'ip4'
elseif rtype == 'AAAA' then family = 'ip6'
if rtype == 'A' then family = 'inet'
elseif rtype == 'AAAA' then family = 'inet6'
else family = nil end
if family then
......
......@@ -12,8 +12,8 @@ require 'lpc'
require 'awall.util'
contains = awall.util.contains
local families = {ip4={cmd='iptables-restore', file='rules-save'},
ip6={cmd='ip6tables-restore', file='rules6-save'}}
local families = {inet={cmd='iptables-restore', file='rules-save'},
inet6={cmd='ip6tables-restore', file='rules6-save'}}
local builtin = {'INPUT', 'FORWARD', 'OUTPUT',
'PREROUTING', 'POSTROUTING'}
......
......@@ -188,10 +188,10 @@ function Rule:servoptfrags()
-- TODO multiple ICMP types per rule
local oname
if util.contains({1, 'icmp'}, sdef.proto) then
family = 'ip4'
family = 'inet'
oname = 'icmp-type'
elseif util.contains({58, 'ipv6-icmp', 'icmpv6'}, sdef.proto) then
family = 'ip6'
family = 'inet6'
oname = 'icmpv6-type'
else error('Type specification not valid with '..sdef.proto) end
opts = opts..' --'..oname..' '..sdef.type
......@@ -347,7 +347,7 @@ function Rule:trules()
tag(res, 'table', self:table(), false)
return combinations(res, ffilter({{family='ip4'}, {family='ip6'}}))
return combinations(res, ffilter({{family='inet'}, {family='inet6'}}))
end
function Rule:extraoptfrags() return {} end
......
......@@ -61,7 +61,7 @@ function Policy:servoptfrags() return nil end
classmap = {policy=Policy, filter=Filter}
defrules = {}
for i, family in ipairs({'ip4', 'ip6'}) do
for i, family in ipairs({'inet', 'inet6'}) do
for i, target in ipairs({'DROP', 'REJECT'}) do
for i, opts in ipairs({'-m limit --limit 1/second -j LOG', '-j '..target}) do
table.insert(defrules,
......
......@@ -34,7 +34,7 @@ end
function NATRule:trules()
local res = {}
for i, ofrags in ipairs(model.Rule.trules(self)) do
if ofrags.family == 'ip4' then table.insert(res, ofrags) end
if ofrags.family == 'inet' then table.insert(res, ofrags) end
end
return res
end
......@@ -77,7 +77,7 @@ end
classmap = {dnat=DNATRule, snat=SNATRule}
-- TODO configuration of the ipset via JSON config
defrules = {{family='ip4', table='nat', chain='POSTROUTING',
defrules = {{family='inet', table='nat', chain='POSTROUTING',
opts='-m set --match-set awall-masquerade src -j awall-masquerade'},
{family='ip4', table='nat', chain='awall-masquerade',
{family='inet', table='nat', chain='awall-masquerade',
opts='-m set ! --match-set awall-masquerade dst -j MASQUERADE'}}
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment