diff options
| author | Stig Thormodsrud <stig@io.vyatta.com> | 2008-12-22 15:49:47 -0800 |
|---|---|---|
| committer | Stig Thormodsrud <stig@io.vyatta.com> | 2008-12-22 15:49:47 -0800 |
| commit | d7026c705b508244ffd2d520848f33c7659516ac (patch) | |
| tree | 11337e2866c01c19d6bc913b26f84a061c8a8bf8 /lib/Vyatta | |
| parent | ed7d1a98d980c571585fd67bed9b3d66ff84316b (diff) | |
| download | vyatta-cfg-firewall-d7026c705b508244ffd2d520848f33c7659516ac.tar.gz vyatta-cfg-firewall-d7026c705b508244ffd2d520848f33c7659516ac.zip | |
Fix 2563: Add firewall-rule specific disable configuration parameter.
Diffstat (limited to 'lib/Vyatta')
| -rw-r--r-- | lib/Vyatta/IpTables/Rule.pm | 15 |
1 files changed, 15 insertions, 0 deletions
diff --git a/lib/Vyatta/IpTables/Rule.pm b/lib/Vyatta/IpTables/Rule.pm index 9cbd303..ad9bfad 100644 --- a/lib/Vyatta/IpTables/Rule.pm +++ b/lib/Vyatta/IpTables/Rule.pm @@ -37,6 +37,7 @@ my %fields = ( _gnu => undef, _kazaa => undef, }, + _disable => undef, ); my %dummy_rule = ( @@ -69,6 +70,7 @@ my %dummy_rule = ( _gnu => undef, _kazaa => undef, }, + _disable => undef, ); sub new { @@ -126,6 +128,8 @@ sub setup { $self->{_p2p}->{_gnu} = $config->exists("p2p gnutella"); $self->{_p2p}->{_kazaa} = $config->exists("p2p kazaa"); + $self->{_disable} = $config->exists("disable"); + # TODO: need $config->exists("$level source") in Vyatta::Config.pm $src->setup("$level source"); $dst->setup("$level destination"); @@ -171,6 +175,8 @@ sub setupOrig { $self->{_p2p}->{_gnu} = $config->existsOrig("p2p gnutella"); $self->{_p2p}->{_kazaa} = $config->existsOrig("p2p kazaa"); + $self->{_disable} = $config->existsOrig("disable"); + # TODO: need $config->exists("$level source") in Vyatta::Config.pm $src->setupOrig("$level source"); $dst->setupOrig("$level destination"); @@ -199,6 +205,7 @@ sub print { sub is_stateful { my $self = shift; + return 0 if defined $self->{_disable}; my @states = qw(established new related invalid); foreach (@states) { if (defined($self->{_state}->{"_$_"}) @@ -209,6 +216,12 @@ sub is_stateful { return 0; } +sub is_disabled { + my $self = shift; + return 1 if defined $self->{_disable}; + return 0; +} + sub get_state_str { my $self = shift; my @states = qw(established new related invalid); @@ -230,6 +243,7 @@ sub get_state_str { sub get_num_ipt_rules { my $self = shift; my $ipt_rules = 1; + return 0 if defined $self->{_disable}; if (("$self->{_log}" eq "enable") && (("$self->{_action}" eq "drop") || ("$self->{_action}" eq "accept") || ("$self->{_action}" eq "reject") @@ -385,6 +399,7 @@ sub rule { $rule2 = $recent_rule; $recent_rule = undef; } + return (undef, undef) if defined $self->{_disable}; return (undef, $rule, $rule2, $recent_rule, ); } |