diff options
| author | Gaurav <gaurav.sinha@vyatta.com> | 2012-02-21 11:38:46 -0800 |
|---|---|---|
| committer | Gaurav Sinha <gaurav.sinha@vyatta.com> | 2012-03-16 16:40:57 -0700 |
| commit | eda48ea36f8b5602dd68ee8ce99a95f9e00878d2 (patch) | |
| tree | 0539179de473dcc43601bc0a6440f18917db0981 | |
| parent | 4c2e2d79f28734c97a0e374ca217e24ff954fe96 (diff) | |
| download | vyatta-conntrack-eda48ea36f8b5602dd68ee8ce99a95f9e00878d2.tar.gz vyatta-conntrack-eda48ea36f8b5602dd68ee8ce99a95f9e00878d2.zip | |
Removing newly added file AddressFilterCT.pm.
(cherry picked from commit 0ccdf73e1f7211aed9df214a65f8e953dbfdef42)
| -rw-r--r-- | lib/Vyatta/Conntrack/RuleCT.pm | 35 | ||||
| -rw-r--r-- | scripts/vyatta-conntrack-timeouts.pl | 10 |
2 files changed, 27 insertions, 18 deletions
diff --git a/lib/Vyatta/Conntrack/RuleCT.pm b/lib/Vyatta/Conntrack/RuleCT.pm index 9329603..3a0377b 100644 --- a/lib/Vyatta/Conntrack/RuleCT.pm +++ b/lib/Vyatta/Conntrack/RuleCT.pm @@ -9,23 +9,29 @@ my $dst = new Vyatta::Conntrack::AddressFilterCT; my %fields = ( _rule_number => undef, - _protocol => undef, - _state => { - _established => undef, - _new => undef, - _related => undef, - _invalid => undef, + _protocol => { + _tcp => { + _close => undef, + _close_wait => undef, + _syn_sent => undef, + }, + _udp => undef, + _other => undef, + _icmp => undef , }, ); my %dummy_rule = ( _rule_number => 10000, - _protocol => "all", - _state => { - _established => undef, - _new => undef, - _related => undef, - _invalid => undef, + _protocol => { + _tcp => { + _close => undef, + _close_wait => undef, + _syn_sent => undef, + }, + _udp => undef, + _other => undef, + _icmp => undef , }, ); @@ -62,11 +68,6 @@ sub setup_base { $self->{_rule_number} = $config->returnParent(".."); $self->{_protocol} = $config->$val_func("protocol"); - $self->{_state}->{_established} = $config->$val_func("state established"); - $self->{_state}->{_new} = $config->$val_func("state new"); - $self->{_state}->{_related} = $config->$val_func("state related"); - $self->{_state}->{_invalid} = $config->$val_func("state invalid"); - $src->$addr_setup("$level source"); $dst->$addr_setup("$level destination"); diff --git a/scripts/vyatta-conntrack-timeouts.pl b/scripts/vyatta-conntrack-timeouts.pl index 7de1a02..8ab322d 100644 --- a/scripts/vyatta-conntrack-timeouts.pl +++ b/scripts/vyatta-conntrack-timeouts.pl @@ -39,7 +39,15 @@ sub update_config { $node->setup("system conntrack timeout custom rule $rule"); $node->print(); } elsif ("$rules{$rule}" eq 'changed') { - } elsif ("$rules{$rule}" eq 'deleted'){ + } elsif ("$rules{$rule}" eq 'deleted') { +# my $node = new Vyatta::Conntrack::RuleCT; +# $node->setupOrig("system conntrack timeout custom rule $rule"); +# my $ipt_rules = $node->get_num_ipt_rules(); +# for (1 .. $ipt_rules) { +# print "deleting 1\n"; +# run_cmd("$iptables_cmd -t $table --delete $name $iptablesrule"); +# die "$iptables_cmd error: $! - $rule" if ($? >> 8); +# } } } } |