diff options
| author | Bob Gilligan <gilligan@vyatta.com> | 2010-05-31 00:34:25 -0700 |
|---|---|---|
| committer | Bob Gilligan <gilligan@vyatta.com> | 2010-05-31 00:34:25 -0700 |
| commit | 147567c8857aa73d0bd0cb4b1d6572cc4eef8cc5 (patch) | |
| tree | 476b47392fbafd518f0f22f61430b204b3841a91 /templates/firewall | |
| parent | a3e741752397563582750b833aff351ebd49740f (diff) | |
| download | vyatta-cfg-firewall-147567c8857aa73d0bd0cb4b1d6572cc4eef8cc5.tar.gz vyatta-cfg-firewall-147567c8857aa73d0bd0cb4b1d6572cc4eef8cc5.zip | |
Bugfix 5632: Add ability to configure SIP UDP port numbers.
Diffstat (limited to 'templates/firewall')
| -rw-r--r-- | templates/firewall/conntrack-options/sip/node.def | 30 | ||||
| -rw-r--r-- | templates/firewall/conntrack-options/sip/port/node.def | 10 |
2 files changed, 36 insertions, 4 deletions
diff --git a/templates/firewall/conntrack-options/sip/node.def b/templates/firewall/conntrack-options/sip/node.def index 494d75c..38add57 100644 --- a/templates/firewall/conntrack-options/sip/node.def +++ b/templates/firewall/conntrack-options/sip/node.def @@ -1,4 +1,5 @@ help: Set SIP conntrack options + end: reload=0 sdm=2 if [ -f /sys/module/nf_conntrack_sip/parameters/sip_direct_media ]; then @@ -22,13 +23,34 @@ end: reload=0 if [ $sds -eq 0 ]; then reload=1; fi fi - options=$(grep -s "options nf_conntrack_sip $indirect-media $indirect-signalling" /etc/modprobe.d/options) - if [ -z "$options" ] && [ -f /etc/modprobe.d/options ]; then + if [ -n "$VAR(./port/@@)" ]; then + numports=0 + for port in $VAR(./port/@@); do + if [ -z "$portval" ]; then + portval=$port + else + portval="${portval},$port" + fi + (( numports++ )) + done + portopt="ports=$portval" + if [ $numports -gt 8 ]; then + echo "Error: Can not specify more than 8 ports." + exit 1 + fi + reload=1 + fi + + if [ -f /etc/modprobe.d/options ]; then sudo sed -i '/nf_conntrack_sip/d' /etc/modprobe.d/options fi - if [ -n "$indirectmedia" ] || [ -n "$indirectsignalling" ]; then - sudo sh -c "echo options nf_conntrack_sip $indirectmedia $indirectsignalling >> /etc/modprobe.d/options " + if [ -n "$indirectmedia" ] || [ -n "$indirectsignalling" ] || \ + [ -n "$portopt" ]; then + sudo sh -c "echo \# Auto-generated by `whoami` at `date` > /etc/modprobe.d/vyatta_sip_options" + sudo sh -c "echo options nf_conntrack_sip $indirectmedia $indirectsignalling $portopt >> /etc/modprobe.d/vyatta_sip_options " + else + sudo rm -f /etc/modprobe.d/vyatta_sip_options fi if [ $reload -eq 1 ]; then diff --git a/templates/firewall/conntrack-options/sip/port/node.def b/templates/firewall/conntrack-options/sip/port/node.def new file mode 100644 index 0000000..ef09321 --- /dev/null +++ b/templates/firewall/conntrack-options/sip/port/node.def @@ -0,0 +1,10 @@ +multi: + +help: Set port number that SIP traffic is carried on + +comp_help: Possible completions: + 1 - 65535\tSIP port number + +type: u32 + +syntax:expression: ($VAR(@) >= 1 && $VAR(@) <=65535) ; "Port number must be in range 1 to 65535" |