From ecb1cc830bef3fa9afcd589fb557159d0630349e Mon Sep 17 00:00:00 2001
From: Stig Thormodsrud <stig@io.vyatta.com>
Date: Mon, 16 Feb 2009 11:48:31 -0800
Subject: - Add check for address range starting with higher address. - Add
 natural-order sort for displaying address/network groups.

---
 lib/Vyatta/IpTables/IpSet.pm | 46 +++++++++++++++++++++++++++++++++++++++-----
 1 file changed, 41 insertions(+), 5 deletions(-)

(limited to 'lib/Vyatta/IpTables/IpSet.pm')

diff --git a/lib/Vyatta/IpTables/IpSet.pm b/lib/Vyatta/IpTables/IpSet.pm
index 0e32b99..01486dd 100755
--- a/lib/Vyatta/IpTables/IpSet.pm
+++ b/lib/Vyatta/IpTables/IpSet.pm
@@ -87,8 +87,10 @@ sub exists {
     return 0 if ! defined $self->{_name};
     my $cmd = "ipset -L $self->{_name} > /dev/null &>2";
     my $rc = $self->run_cmd($cmd);
-    $self->{_exists} = 1 if $rc eq 0;
-    $self->get_type() if ! defined $self->{_type};
+    if ($rc eq 0) {
+	$self->{_exists} = 1;
+	$self->get_type() if ! defined $self->{_type};
+    }
     return $rc ? 0 : 1;
 }
 
@@ -115,17 +117,46 @@ sub get_type {
     return $self->{_type};
 }
 
+sub alphanum_split {
+    my ($str) = @_;
+    my @list = split m/(?=(?<=\D)\d|(?<=\d)\D)/, $str;
+    return @list;
+}
+
+sub natural_order {
+    my ($a, $b) = @_;
+    my @a = alphanum_split($a);
+    my @b = alphanum_split($b);
+  
+    while (@a && @b) {
+	my $a_seg = shift @a;
+	my $b_seg = shift @b;
+	my $val;
+	if (($a_seg =~ /\d/) && ($b_seg =~ /\d/)) {
+	    $val = $a_seg <=> $b_seg;
+	} else {
+	    $val = $a_seg cmp $b_seg;
+	}
+	if ($val != 0) {
+	    return $val;
+	}
+    }
+    return @a <=> @b;
+}
+
 sub get_members {
     my ($self) = @_;
     
     my @members = ();
-    if (! defined $self->{_type}) {
-	return @members if ! $self->exists();
-    }
+    return @members if ! $self->exists();
+
     my @lines = `ipset -L $self->{_name} -n -s`;
     foreach my $line (@lines) {
 	push @members, $line if $line =~ /^\d/;
     }
+    if ($self->{_type} ne 'port') {
+	@members = sort { natural_order($a,$b) } @members;
+    }
     return @members;
 }
 
@@ -206,6 +237,11 @@ sub check_member {
 		my $rc = check_member_address($address);
 		return $rc if defined $rc;
 	    }
+	    my $start_ip = new NetAddr::IP($1);
+	    my $stop_ip  = new NetAddr::IP($2);
+	    if ($stop_ip <= $start_ip) {
+		return "Error: $1 must be less than $2\n";
+	    }
 	} else {
 	    my $rc = check_member_address($member);
 	    return $rc if defined $rc;
-- 
cgit v1.2.3