From 8a08387990b286a67125317e500bc81a3838b454 Mon Sep 17 00:00:00 2001
From: John Southworth <john.southworth@vyatta.com>
Date: Sat, 2 Jun 2012 21:05:15 -0700
Subject: Make firewall syntax checks use the vyatta-util library

---
 templates/firewall/group/address-group/node.tag/address/node.def | 6 +-----
 templates/firewall/group/network-group/node.tag/network/node.def | 6 +-----
 templates/firewall/group/port-group/node.tag/port/node.def       | 6 +-----
 3 files changed, 3 insertions(+), 15 deletions(-)

(limited to 'templates/firewall/group')

diff --git a/templates/firewall/group/address-group/node.tag/address/node.def b/templates/firewall/group/address-group/node.tag/address/node.def
index 2629b9d..b5060ea 100644
--- a/templates/firewall/group/address-group/node.tag/address/node.def
+++ b/templates/firewall/group/address-group/node.tag/address/node.def
@@ -4,9 +4,5 @@ help: Address-group member
 val_help: ipv4; IPv4 address to match
 val_help: ipv4range; IPv4 range to match (e.g. 10.0.0.1-10.0.0.200)
 
-syntax:expression: exec "sudo /opt/vyatta/sbin/vyatta-ipset.pl \
-                           --action=check-member          \
-                           --set-name=$VAR(../@)          \
-                           --set-type=address             \
-                           --member=\"$VAR(@)\"; "
+syntax:expression: exec "/opt/vyatta/sbin/ipset-check-member address $VAR(@)"
 
diff --git a/templates/firewall/group/network-group/node.tag/network/node.def b/templates/firewall/group/network-group/node.tag/network/node.def
index 7388561..b3e0c18 100644
--- a/templates/firewall/group/network-group/node.tag/network/node.def
+++ b/templates/firewall/group/network-group/node.tag/network/node.def
@@ -3,11 +3,7 @@ type: ipv4net
 help: Network-group member
 val_help: ipv4net; IPv4 Subnet to match
 
-syntax:expression: exec "sudo /opt/vyatta/sbin/vyatta-ipset.pl \
-                           --action=check-member          \
-                           --set-name=$VAR(../@)          \
-                           --set-type=network             \
-                           --member=\"$VAR(@)\"; "
+syntax:expression: exec "/opt/vyatta/sbin/ipset-check-member network $VAR(@)"
 
 syntax:expression: exec "                                 \
           /opt/vyatta/sbin/check_prefix_boundary $VAR(@)" \
diff --git a/templates/firewall/group/port-group/node.tag/port/node.def b/templates/firewall/group/port-group/node.tag/port/node.def
index 7a9b867..5f310c2 100644
--- a/templates/firewall/group/port-group/node.tag/port/node.def
+++ b/templates/firewall/group/port-group/node.tag/port/node.def
@@ -6,8 +6,4 @@ val_help: <name>; Named port (any name in /etc/services, e.g., http)
 val_help: u32:1-65535; Numbered port
 val_help: <start>-<end>; Numbered port range (e.g. 1001-1050)
 
-syntax:expression: exec "sudo /opt/vyatta/sbin/vyatta-ipset.pl \
-                           --action=check-member          \
-                           --set-name=$VAR(../@)          \
-                           --set-type=port                \
-                           --member=\"$VAR(@)\"; "
+syntax:expression: exec "sudo /opt/vyatta/sbin/ipset-check-member port $VAR(@)"
-- 
cgit v1.2.3