re-factored deletion code, disabling module scripts fixed

author: Gaurav Sinha <gaurav.sinha@vyatta.com> 2012-06-07 23:19:36 -0700
committer: Gaurav Sinha <gaurav.sinha@vyatta.com> 2012-06-07 23:19:36 -0700
commit: 2d083c4aba26b08c68f812119d49e70328d9ef8b (patch)
tree: d79bd4962972bc1f41f85e294858e2e2ec434274 /scripts
parent: ca94628e7c1f78486a8f3ea89cba3b2c2f1f1320 (diff)
download: vyatta-conntrack-2d083c4aba26b08c68f812119d49e70328d9ef8b.tar.gz
vyatta-conntrack-2d083c4aba26b08c68f812119d49e70328d9ef8b.zip
2 files changed, 9 insertions, 47 deletions
diff --git a/scripts/vyatta-conntrack-timeouts.pl b/scripts/vyatta-conntrack-timeouts.pl
index 3ab96c2..557f4eb 100644
--- a/scripts/vyatta-conntrack-timeouts.pl
+++ b/scripts/vyatta-conntrack-timeouts.pl
@@ -7,6 +7,7 @@ use strict;
 use Vyatta::Config;
 use Vyatta::Conntrack::RuleCT;
 use Vyatta::IpTables::AddressFilter;
+use Vyatta::Conntrack::ConntrackUtil;
 use Getopt::Long;
 use Vyatta::Zone;
 use Sys::Syslog qw(:standard :macros);
@@ -31,38 +32,6 @@ update_config();
 
 openlog("vyatta-conntrack", "pid", "local0");
 
-sub log_msg {
-  my $message = shift;
-
-  print "DEBUG: $message\n" if $debug_flag;
-  syslog(LOG_DEBUG, "%s", $message) if $syslog_flag;
-}
-# Run command and capture output
-# run_cmd("$iptables_cmd -t $table -F $name", 1);
-# if command fails, then send output to syslog
-sub run_cmd {
-  my ($cmd_to_run, $redirect) = @_;
-
-  log_msg("Running: $cmd_to_run");
-#  print "$cmd_to_run\n";
-
-  if ($redirect) {
-    open (my $out, '-|',  $cmd_to_run . ' 2>&1')
-        or die "Can't run command \"$cmd_to_run\": $!";
-    my @cmd_out = <$out>;
-  
-    # if command suceeds to do nothing.
-    return if (close ($out));
-  
-    foreach my $line (@cmd_out) {
-      chomp $line;
-      syslog(LOG_INFO, "%s", $line);
-    }
-  } else {
-    system($cmd_to_run);
-  }
-}
-
 sub remove_timeout_policy {
     my ($rule_string, $timeout_policy) = @_;
     my @tokens = split (' ', $timeout_policy);
diff --git a/scripts/vyatta-cthelper.pl b/scripts/vyatta-cthelper.pl
index f038037..d19a1f4 100644
--- a/scripts/vyatta-cthelper.pl
+++ b/scripts/vyatta-cthelper.pl
@@ -31,13 +31,11 @@ add_helper_to_chain {
   my ($module) = @_;
   my $iptables_cmd = $cmd_hash {'ipv4'}; 
   if ($module eq 'sqlnet') {
-#    run_cmd (" $iptables_cmd -I VYATTA_CT_HELPER -t raw -p tcp --dport 1521 -j CT --helper oracletns ");
-    print " $iptables_cmd -I VYATTA_CT_HELPER -t raw -p tcp --dport 1521 -j CT --helper oracletns \n";
-#    run_cmd (" $iptables_cmd -I VYATTA_CT_HELPER -t raw -p tcp --dport 1525 -j CT --helper oracletns ");
-    print " $iptables_cmd -I VYATTA_CT_HELPER -t raw -p tcp --dport 1525 -j CT --helper oracletns \n";
+    run_cmd("$iptables_cmd -I VYATTA_CT_HELPER -t raw -p tcp --dport 1521 -j CT --helper tns");
+    run_cmd("$iptables_cmd -I VYATTA_CT_HELPER -t raw -p tcp --dport 1525 -j CT --helper tns");
   } elsif ($module eq 'nfs') {
-    print " $iptables_cmd -I VYATTA_CT_HELPER -t raw -p tcp --dport 111 -j CT --helper nfs \n";
-#   run_cmd (" $iptables_cmd -I VYATTA_CT_HELPER -t raw -p tcp --dport 111 -j CT --helper nfs ");
+    run_cmd(" $iptables_cmd -I VYATTA_CT_HELPER -t raw -p tcp --dport 111 -j CT --helper rpc");
+    run_cmd(" $iptables_cmd -I VYATTA_CT_HELPER -t raw -p udp --dport 111 -j CT --helper rpc");
   }
 }
 
@@ -47,13 +45,11 @@ delete_helper_from_chain {
   my ($module) = @_;
   my $iptables_cmd = $cmd_hash {'ipv4'}; 
   if ($module eq 'sqlnet') {
-#    run_cmd (" $iptables_cmd -D VYATTA_CT_HELPER -t raw -p tcp --dport 1521 -j CT --helper oracletns ");
-    print " $iptables_cmd -D VYATTA_CT_HELPER -t raw -p tcp --dport 1521 -j CT --helper oracletns \n";
-#    run_cmd (" $iptables_cmd -D VYATTA_CT_HELPER -t raw -p tcp --dport 1525 -j CT --helper oracletns ");
-    print " $iptables_cmd -D VYATTA_CT_HELPER -t raw -p tcp --dport 1525 -j CT --helper oracletns \n";
+    run_cmd ("$iptables_cmd -D VYATTA_CT_HELPER -t raw -p tcp --dport 1521 -j CT --helper tns");
+    run_cmd ("$iptables_cmd -D VYATTA_CT_HELPER -t raw -p tcp --dport 1525 -j CT --helper tns");
   } elsif ($module eq 'nfs') {
-    print " $iptables_cmd -D VYATTA_CT_HELPER -t raw -p tcp --dport 111 -j CT --helper nfs \n";
-#   run_cmd (" $iptables_cmd -D VYATTA_CT_HELPER -t raw -p tcp --dport 111 -j CT --helper nfs ");
+    run_cmd("$iptables_cmd -D VYATTA_CT_HELPER -t raw -p tcp --dport 111 -j CT --helper rpc");
+    run_cmd("$iptables_cmd -D VYATTA_CT_HELPER -t raw -p udp --dport 111 -j CT --helper rpc");
   }
 }
 
@@ -61,15 +57,12 @@ delete_helper_from_chain {
 sub disable_helper_module {
   my ($module) = @_;
  
-  print "disable $module\n"; 
   delete_helper_from_chain($module);
 }
 
 # should enable the required helper module
 sub enable_helper_module {
   my ($module) = @_;
- 
-  print "enable $module\n"; 
   add_helper_to_chain($module);
 }
author	Gaurav Sinha <gaurav.sinha@vyatta.com>	2012-06-07 23:19:36 -0700
committer	Gaurav Sinha <gaurav.sinha@vyatta.com>	2012-06-07 23:19:36 -0700
commit	2d083c4aba26b08c68f812119d49e70328d9ef8b (patch)
tree	d79bd4962972bc1f41f85e294858e2e2ec434274 /scripts
parent	ca94628e7c1f78486a8f3ea89cba3b2c2f1f1320 (diff)
download	vyatta-conntrack-2d083c4aba26b08c68f812119d49e70328d9ef8b.tar.gz vyatta-conntrack-2d083c4aba26b08c68f812119d49e70328d9ef8b.zip