diff options
| -rwxr-xr-x | lib/Vyatta/IpTables/IpSet.pm | 9 | ||||
| -rwxr-xr-x | scripts/firewall/vyatta-ipset.pl | 14 |
2 files changed, 22 insertions, 1 deletions
diff --git a/lib/Vyatta/IpTables/IpSet.pm b/lib/Vyatta/IpTables/IpSet.pm index 94fb78d..1005c32 100755 --- a/lib/Vyatta/IpTables/IpSet.pm +++ b/lib/Vyatta/IpTables/IpSet.pm @@ -55,6 +55,15 @@ my $logger = 'logger -t IpSet.pm -p local0.warn --'; my $addr_range_mask = 24; my $lockfile = "/opt/vyatta/config/.lock"; +# remove lock file to avoid commit blockade on interrupt +# like CTRL+C. +sub INT_handler { + my $rc = system("sudo rm -f $lockfile >>/dev/null"); + exit(0); +} + +$SIG{'INT'} = 'INT_handler'; + sub new { my ($that, $name, $type) = @_; diff --git a/scripts/firewall/vyatta-ipset.pl b/scripts/firewall/vyatta-ipset.pl index eaa55a3..c928164 100755 --- a/scripts/firewall/vyatta-ipset.pl +++ b/scripts/firewall/vyatta-ipset.pl @@ -32,13 +32,25 @@ use Vyatta::TypeChecker; use Vyatta::Misc; use Vyatta::IpTables::IpSet; use Sort::Versions; +use IO::Prompt; use warnings; use strict; + +sub warn_before_reset { + if (prompt("This can be temporarily disruptive: Proceed with reset? (Yes/No) [No] ", -ynd=>"n")) { + return 1; + } else { + return 0; + } +} + sub ipset_reset { my ($set_name, $set_type) = @_; - + if (!warn_before_reset()) { + die "Cancelling reset\n"; + } my $group = new Vyatta::IpTables::IpSet($set_name, $set_type); return $group->reset_ipset(); |