diff options
| author | Stig Thormodsrud <stig@io.vyatta.com> | 2009-02-16 11:48:31 -0800 |
|---|---|---|
| committer | Stig Thormodsrud <stig@io.vyatta.com> | 2009-02-16 11:48:31 -0800 |
| commit | ecb1cc830bef3fa9afcd589fb557159d0630349e (patch) | |
| tree | 1760c98b6e2567c6125139934b3a18d33aaa3520 /lib | |
| parent | a6948fb19340ed4728db70598f96bbafedf21192 (diff) | |
| download | vyatta-cfg-firewall-ecb1cc830bef3fa9afcd589fb557159d0630349e.tar.gz vyatta-cfg-firewall-ecb1cc830bef3fa9afcd589fb557159d0630349e.zip | |
- Add check for address range starting with higher address.
- Add natural-order sort for displaying address/network groups.
Diffstat (limited to 'lib')
| -rwxr-xr-x | lib/Vyatta/IpTables/IpSet.pm | 46 |
1 files changed, 41 insertions, 5 deletions
diff --git a/lib/Vyatta/IpTables/IpSet.pm b/lib/Vyatta/IpTables/IpSet.pm index 0e32b99..01486dd 100755 --- a/lib/Vyatta/IpTables/IpSet.pm +++ b/lib/Vyatta/IpTables/IpSet.pm @@ -87,8 +87,10 @@ sub exists { return 0 if ! defined $self->{_name}; my $cmd = "ipset -L $self->{_name} > /dev/null &>2"; my $rc = $self->run_cmd($cmd); - $self->{_exists} = 1 if $rc eq 0; - $self->get_type() if ! defined $self->{_type}; + if ($rc eq 0) { + $self->{_exists} = 1; + $self->get_type() if ! defined $self->{_type}; + } return $rc ? 0 : 1; } @@ -115,17 +117,46 @@ sub get_type { return $self->{_type}; } +sub alphanum_split { + my ($str) = @_; + my @list = split m/(?=(?<=\D)\d|(?<=\d)\D)/, $str; + return @list; +} + +sub natural_order { + my ($a, $b) = @_; + my @a = alphanum_split($a); + my @b = alphanum_split($b); + + while (@a && @b) { + my $a_seg = shift @a; + my $b_seg = shift @b; + my $val; + if (($a_seg =~ /\d/) && ($b_seg =~ /\d/)) { + $val = $a_seg <=> $b_seg; + } else { + $val = $a_seg cmp $b_seg; + } + if ($val != 0) { + return $val; + } + } + return @a <=> @b; +} + sub get_members { my ($self) = @_; my @members = (); - if (! defined $self->{_type}) { - return @members if ! $self->exists(); - } + return @members if ! $self->exists(); + my @lines = `ipset -L $self->{_name} -n -s`; foreach my $line (@lines) { push @members, $line if $line =~ /^\d/; } + if ($self->{_type} ne 'port') { + @members = sort { natural_order($a,$b) } @members; + } return @members; } @@ -206,6 +237,11 @@ sub check_member { my $rc = check_member_address($address); return $rc if defined $rc; } + my $start_ip = new NetAddr::IP($1); + my $stop_ip = new NetAddr::IP($2); + if ($stop_ip <= $start_ip) { + return "Error: $1 must be less than $2\n"; + } } else { my $rc = check_member_address($member); return $rc if defined $rc; |