summaryrefslogtreecommitdiff
path: root/scripts
diff options
context:
space:
mode:
authorMohit Mehta <mohit.mehta@vyatta.com>2009-05-06 16:47:28 -0700
committerMohit Mehta <mohit.mehta@vyatta.com>2009-05-06 16:47:28 -0700
commit58a5f4da6bf1772a2d20a6ae202fc6611eb4bbfc (patch)
tree960701619046af60f52581eaf26f372535a4151f /scripts
parent286c4cad8406c3b1e4686f980309034b6b5d2dc7 (diff)
downloadvyatta-cfg-system-58a5f4da6bf1772a2d20a6ae202fc6611eb4bbfc.tar.gz
vyatta-cfg-system-58a5f4da6bf1772a2d20a6ae202fc6611eb4bbfc.zip
* do silent validity check when creating zone chains and adding from zone rules
Diffstat (limited to 'scripts')
-rwxr-xr-xscripts/zone-mgmt/vyatta-zone.pl25
1 files changed, 23 insertions, 2 deletions
diff --git a/scripts/zone-mgmt/vyatta-zone.pl b/scripts/zone-mgmt/vyatta-zone.pl
index b4fc7ad3..37bab3cd 100755
--- a/scripts/zone-mgmt/vyatta-zone.pl
+++ b/scripts/zone-mgmt/vyatta-zone.pl
@@ -635,12 +635,32 @@ sub set_default_policy {
return;
}
+sub check_zones_validity {
+ my $silent = shift;
+ my $error;
+ $error = Vyatta::Zone::validity_checks();
+ if ($error) {
+ if ($silent eq 'true') {
+ # called from from/node.def which is a different transaction
+ # than everything else under zone-policy. We do not want to
+ # make chains or insert from rules into chains if we have a
+ # malfunctioning configuration. We fail in a silent way here
+ # so that when this function is called from zone-policy/node.def
+ # we will print the error and not repeat the same error twice
+ exit 1;
+ } else {
+ return ($error , );
+ }
+ }
+ return;
+}
+
#
# main
#
my ($action, $zone_name, $interface, $from_zone, $ruleset_type, $ruleset_name,
- $default_policy);
+ $default_policy, $silent_validate);
GetOptions("action=s" => \$action,
"zone-name=s" => \$zone_name,
@@ -649,6 +669,7 @@ GetOptions("action=s" => \$action,
"ruleset-type=s" => \$ruleset_type,
"ruleset-name=s" => \$ruleset_name,
"default-policy=s" => \$default_policy,
+ "silent-validate=s" => \$silent_validate,
);
die "undefined action" if ! defined $action;
@@ -672,7 +693,7 @@ my ($error, $warning);
($error, $warning) = delete_fromzone_fw($zone_name, $from_zone, $ruleset_type,
$ruleset_name) if $action eq 'delete-fromzone-fw';
-($error, $warning) = Vyatta::Zone::validity_checks()
+($error, $warning) = check_zones_validity($silent_validate)
if $action eq 'validity-checks';
($error, $warning) = add_localzone($zone_name)