From 5572257844e071451dffa5b76bf459b18c27c23a Mon Sep 17 00:00:00 2001
From: Gaurav <gaurav.sinha@vyatta.com>
Date: Wed, 22 Feb 2012 11:52:37 -0800
Subject: changing structure of hashes kept for timeouts (cherry picked from
 commit 3fd99241f39f7482e35c0d4e4a91342fd8d9d4ad)

---
 lib/Vyatta/Conntrack/RuleCT.pm       | 92 ++++++++++++++++++++----------------
 scripts/vyatta-conntrack-timeouts.pl |  3 ++
 2 files changed, 55 insertions(+), 40 deletions(-)

diff --git a/lib/Vyatta/Conntrack/RuleCT.pm b/lib/Vyatta/Conntrack/RuleCT.pm
index e53e07f..f1d17f9 100644
--- a/lib/Vyatta/Conntrack/RuleCT.pm
+++ b/lib/Vyatta/Conntrack/RuleCT.pm
@@ -9,46 +9,44 @@ my $dst = new Vyatta::IpTables::AddressFilter;
 
 my %fields = (
   _rule_number => undef,
-  _protocol    => {
-                   _tcp => {
-                         _close => undef,
-                         _close_wait => undef,
-                         _established => undef,
-                         _fin_wait => undef,
-                         _last_ack => undef,
-                         _syn_sent => undef,
-                         _syn_recv => undef,
-                         _time_wait => undef,
-                    },
-                   _udp => {
-                       _other => undef,
-                       _stream => undef,    
-                    },
-                   _other => undef,
-                   _icmp => undef , 
-                 },
+  _protocol    => undef, 
+  _tcp => {
+     _close => undef,
+     _close_wait => undef,
+     _established => undef,
+     _fin_wait => undef,
+     _last_ack => undef,
+     _syn_sent => undef,
+     _syn_recv => undef,
+     _time_wait => undef,
+     },
+     _udp => {
+     _other => undef,
+     _stream => undef,    
+     },
+     _other => undef,
+     _icmp => undef , 
 );
 
 my %dummy_rule = (
   _rule_number => 10000,
-  _protocol    => {
-                   _tcp => {
-                         _close => undef,
-                         _close_wait => undef,
-                         _established => undef,
-                         _fin_wait => undef,
-                         _last_ack => undef,
-                         _syn_sent => undef,
-                         _syn_recv => undef,
-                         _time_wait => undef,
-                        },
-                   _udp => {
-                       _other => undef,
-                       _stream => undef,    
-                    },
-                   _other => undef,
-                   _icmp => undef , 
-                  },
+  _protocol    => undef, 
+  _tcp => {
+     _close => undef,
+     _close_wait => undef,
+     _established => undef,
+     _fin_wait => undef,
+     _last_ack => undef,
+     _syn_sent => undef,
+     _syn_recv => undef,
+     _time_wait => undef,
+     },
+     _udp => {
+     _other => undef,
+     _stream => undef,    
+     },
+     _other => undef,
+     _icmp => undef , 
 );
 
 my $DEBUG = 'false';
@@ -91,17 +89,26 @@ sub setup_base {
   }
   if ($config->$exists_func("protocol tcp")) {
     $self->{_protocol} = "tcp";
+    $self->{_tcp}->{_close} = $config->$val_func("protocol tcp close"); 
+    $self->{_tcp}->{_close_wait} = $config->$val_func("protocol tcp close-wait"); 
+    $self->{_tcp}->{_time_wait} = $config->$val_func("protocol tcp time_wait"); 
+    $self->{_tcp}->{_syn_recv} = $config->$val_func("protocol tcp syn-recv"); 
+    $self->{_tcp}->{_syn_sent} = $config->$val_func("protocol tcp syn-sent"); 
+    $self->{_tcp}->{_last_ack} = $config->$val_func("protocol tcp last-ack"); 
+    $self->{_tcp}->{_fin_wait} = $config->$val_func("protocol tcp fin-wait"); 
+    $self->{_tcp}->{_established} = $config->$val_func("protocol tcp established"); 
   } elsif ($config->$exists_func("protocol icmp")) {
     $self->{_protocol} = "icmp";
+    $self->{_icmp} = $config->$val_func("protocol icmp");
   } elsif ($config->$exists_func("protocol udp")) {
     $self->{_protocol} = "udp";
+    $self->{_udp}->{_other} = $config->$val_func("protocol udp other"); 
+    $self->{_udp}->{_stream} = $config->$val_func("protocol udp stream"); 
   } elsif ($config->$exists_func("protocol other")) {
     $self->{_protocol} = "other";
+    $self->{_other} = $config->$val_func("protocol other");
   }
 
-  print "protocol is [\n"; 
-  print $self->{_protocol}; 
-  print "]\n"; 
   $src->$addr_setup("$level source");
   $dst->$addr_setup("$level destination");
 
@@ -129,7 +136,12 @@ sub print {
   print "state: $self->{_state}\n"         if defined $self->{_state};
   $src->print();
   $dst->print();
-
+  print "$self->{_tcp}->{_close}\n";
+  print "$self->{_tcp}->{_close_wait}\n";
+  print "$self->{_tcp}->{_established}\n";
+  print "$self->{_tcp}->{_fin_wait}\n";
+  print "$self->{_tcp}->{_syn_sent}\n";
+  print "$self->{_tcp}->{_syn_recv}\n";
 }
 
 sub rule {
diff --git a/scripts/vyatta-conntrack-timeouts.pl b/scripts/vyatta-conntrack-timeouts.pl
index a079ed1..9b69f0a 100644
--- a/scripts/vyatta-conntrack-timeouts.pl
+++ b/scripts/vyatta-conntrack-timeouts.pl
@@ -34,14 +34,17 @@ sub update_config {
   foreach my $rule (sort keys %rules) { 
     if ("$rules{$rule}" eq 'static') {
     } elsif ("$rules{$rule}" eq 'added') {      
+      print $rules{$rule};
       my $node = new Vyatta::Conntrack::RuleCT;
       $node->setup("system conntrack timeout custom rule $rule");
       $node->print();
     } elsif ("$rules{$rule}" eq 'changed') {
+      print $rules{$rule};
       my $node = new Vyatta::Conntrack::RuleCT;
       $node->setup("system conntrack timeout custom rule $rule");
       $node->print();
     } elsif ("$rules{$rule}" eq 'deleted') {
+      print $rules{$rule};
     }  
   }
 }
-- 
cgit v1.2.3