move common module to vyatta-cfg

author: An-Cheng Huang <ancheng@vyatta.com> 2008-02-11 15:41:03 -0800
committer: An-Cheng Huang <ancheng@vyatta.com> 2008-02-11 15:41:03 -0800
commit: 80d1ffc043e5726e08657b7e93c36a02a605c8ee (patch)
tree: 183fcf265671b0cb58af6b7366f4d94e4b413c3c
parent: e16e2304956630919cdcd7eaf23cfd1a4531169d (diff)
download: vyatta-cfg-firewall-80d1ffc043e5726e08657b7e93c36a02a605c8ee.tar.gz
vyatta-cfg-firewall-80d1ffc043e5726e08657b7e93c36a02a605c8ee.zip
2 files changed, 0 insertions, 187 deletions
diff --git a/Makefile.am b/Makefile.am
index 023c3c9..a068205 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -9,7 +9,6 @@ curver_DATA = cfg-version/firewall@2
 sbin_SCRIPTS += scripts/firewall/vyatta-firewall.pl
 sbin_SCRIPTS += scripts/firewall/firewall.init
 
-share_perl5_DATA += scripts/firewall/VyattaIpTablesAddressFilter.pm
 share_perl5_DATA += scripts/firewall/VyattaIpTablesRule.pm
 
 cpiop = find  . ! -regex '\(.*~\|.*\.bak\|.*\.swp\|.*\#.*\#\)' -print0 | \
diff --git a/scripts/firewall/VyattaIpTablesAddressFilter.pm b/scripts/firewall/VyattaIpTablesAddressFilter.pm
deleted file mode 100644
index aa6f662..0000000
--- a/scripts/firewall/VyattaIpTablesAddressFilter.pm
+++ /dev/null
@@ -1,186 +0,0 @@
-package VyattaIpTablesAddressFilter;
-
-use VyattaConfig;
-use VyattaMisc;
-use VyattaTypeChecker;
-
-my %_protocolswithports = (
-  tcp => 1,
-  udp => 1,
-  6   => 1,
-  17  => 1,
-);
-
-my %fields = (
-  _srcdst	   => undef,
-  _range_start     => undef,
-  _range_stop      => undef,
-  _network         => undef,
-  _address         => undef,
-  _port            => undef,
-  _protocol        => undef,
-  _src_mac         => undef,
-);
-
-sub new {
-  my $that = shift;
-  my $class = ref ($that) || $that;
-  my $self = {
-    %fields,
-  };
-
-  bless $self, $class;
-  return $self;
-}
-
-sub setup {
-  my ($self, $level) = @_;
-  my $config = new VyattaConfig;
-
-  $config->setLevel("$level");
-
-  # setup needed parent nodes
-  $self->{_srcdst}          = $config->returnParent("..");
-  $self->{_protocol}        = $config->returnValue(".. protocol");
-
-  # setup address filter nodes
-  $self->{_address}         = $config->returnValue("address");
-  $self->{_network} = undef;
-  $self->{_range_start} = undef;
-  $self->{_range_stop} = undef;
-  if (defined($self->{_address})) {
-    if ($self->{_address} =~ /\//) {
-      $self->{_network} = $self->{_address};
-      $self->{_address} = undef;
-    } elsif ($self->{_address} =~ /^([^-]+)-([^-]+)$/) {
-      $self->{_range_start} = $1;
-      $self->{_range_stop} = $2;
-      $self->{_address} = undef;
-    }
-  }
-
-  $self->{_port}         = $config->returnValue("port");
-  $self->{_src_mac}  = $config->returnValue("mac-address");
-
-  return 0;
-}
-
-sub setupOrig {
-  my ($self, $level) = @_;
-  my $config = new VyattaConfig;
-
-  $config->setLevel("$level");
-
-  # setup needed parent nodes
-  $self->{_srcdst}          = $config->returnParent("..");
-  $self->{_protocol}        = $config->returnOrigValue(".. protocol");
-
-  # setup address filter nodes
-  $self->{_address}         = $config->returnOrigValue("address");
-  $self->{_network} = undef;
-  $self->{_range_start} = undef;
-  $self->{_range_stop} = undef;
-  if (defined($self->{_address})) {
-    if ($self->{_address} =~ /\//) {
-      $self->{_network} = $self->{_address};
-      $self->{_address} = undef;
-    } elsif ($self->{_address} =~ /^([^-]+)-([^-]+)$/) {
-      $self->{_range_start} = $1;
-      $self->{_range_stop} = $2;
-      $self->{_address} = undef;
-    }
-  }
-
-  $self->{_port}         = $config->returnOrigValue("port");
-  $self->{_src_mac}  = $config->returnValue("mac-address");
-
-  return 0;
-}
-
-sub print {
-  my ($self) = @_;
-
-  print "srcdst: $self->{_srcdst}\n"           	 	if defined $self->{_srcdst};
-  print "range start: $self->{_range_start}\n"          if defined $self->{_range_start};
-  print "range stop: $self->{_range_stop}\n"            if defined $self->{_range_stop};
-  print "network: $self->{_network}\n"                  if defined $self->{_network};
-  print "address: $self->{_address}\n"                  if defined $self->{_address};
-  print "port: $self->{_port}\n" if defined $self->{_port};
-  print "protocol: $self->{_protocol}\n"		if defined $self->{_protocol};
-  print "src-mac: $self->{_src_mac}\n"		if defined $self->{_src_mac};
-
-  return 0;
-}
-
-sub rule {
-  my ($self) = @_;
-  my $rule = "";
-  my $can_use_port = 1;
-  
-  if (!defined($self->{_protocol})
-      || !defined($_protocolswithports{$self->{_protocol}})) {
-    $can_use_port = 0;
-  }
-
-  if (($self->{_srcdst} eq "source") && (defined($self->{_src_mac}))) {
-    # handle src mac
-    my $str = $self->{_src_mac};
-    $str =~ s/^\!(.*)$/! $1/;
-    $rule .= "-m mac --mac-source $str ";
-  }
-
-  # set the address filter parameters
-  if (defined($self->{_network})) {
-    my $str = $self->{_network};
-    return (undef, "\"$str\" is not a valid IP subnet")
-      if (!VyattaTypeChecker::validateType('ipv4net_negate', $str, 1));
-    $str =~ s/^\!(.*)$/! $1/;
-    $rule .= "--$self->{_srcdst} $str ";
-  } elsif (defined($self->{_address})) {
-    my $str = $self->{_address};
-    return (undef, "\"$str\" is not a valid IP address")
-      if (!VyattaTypeChecker::validateType('ipv4_negate', $str, 1));
-    $str =~ s/^\!(.*)$/! $1/;
-    $rule .= "--$self->{_srcdst} $str ";
-  } elsif ((defined $self->{_range_start}) && (defined $self->{_range_stop})) {
-    my $start = $self->{_range_start};
-    my $stop = $self->{_range_stop};
-    return (undef, "\"$start-$stop\" is not a valid IP range")
-      if (!VyattaTypeChecker::validateType('ipv4_negate', $start, 1)
-          || !VyattaTypeChecker::validateType('ipv4', $stop, 1));
-    my $negate = '';
-    if ($self->{_range_start} =~ /^!(.*)$/) {
-      $start = $1;
-      $negate = '! '
-    }
-    if ("$self->{_srcdst}" eq "source") { 
-      $rule .= ("-m iprange $negate--src-range $start-$self->{_range_stop} ");
-    }
-    elsif ("$self->{_srcdst}" eq "destination") { 
-      $rule .= ("-m iprange $negate--dst-range $start-$self->{_range_stop} ");
-    }
-  }
-
-  my ($port_str, $port_err)
-    = VyattaMisc::getPortRuleString($self->{_port}, $can_use_port,
-                                    ($self->{_srcdst} eq "source") ? "s" : "d",
-                                    $self->{_protocol});
-  return (undef, $port_err) if (!defined($port_str));
-  $rule .= $port_str;
-  return ($rule, undef);
-}
-
-sub outputXmlElem {
-  my ($name, $value, $fh) = @_;
-  print $fh "    <$name>$value</$name>\n";
-}
-
-sub outputXml {
-  my ($self, $prefix, $fh) = @_;
-  outputXmlElem("${prefix}_addr", $self->{_address}, $fh);
-  outputXmlElem("${prefix}_net", $self->{_network}, $fh);
-  outputXmlElem("${prefix}_addr_start", $self->{_range_start}, $fh);
-  outputXmlElem("${prefix}_addr_stop", $self->{_range_stop}, $fh);
-  outputXmlElem("${prefix}_port", $self->{_port}, $fh);
-}
-
author	An-Cheng Huang <ancheng@vyatta.com>	2008-02-11 15:41:03 -0800
committer	An-Cheng Huang <ancheng@vyatta.com>	2008-02-11 15:41:03 -0800
commit	80d1ffc043e5726e08657b7e93c36a02a605c8ee (patch)
tree	183fcf265671b0cb58af6b7366f4d94e4b413c3c
parent	e16e2304956630919cdcd7eaf23cfd1a4531169d (diff)
download	vyatta-cfg-firewall-80d1ffc043e5726e08657b7e93c36a02a605c8ee.tar.gz vyatta-cfg-firewall-80d1ffc043e5726e08657b7e93c36a02a605c8ee.zip