From f0118dc081cfa4e4efd9cbfe6f008cd322539b10 Mon Sep 17 00:00:00 2001 From: Gaurav Date: Wed, 15 Feb 2012 16:57:34 -0800 Subject: timeout script, similar to firewall one, with a few differences. (cherry picked from commit 23a5a4ee111ab1519be62841bf03d555a674b371) --- scripts/vyatta-conntrack-timeouts.pl | 25 +++++++++++++++---------- 1 file changed, 15 insertions(+), 10 deletions(-) (limited to 'scripts/vyatta-conntrack-timeouts.pl') diff --git a/scripts/vyatta-conntrack-timeouts.pl b/scripts/vyatta-conntrack-timeouts.pl index 7725a3b..09d24ce 100644 --- a/scripts/vyatta-conntrack-timeouts.pl +++ b/scripts/vyatta-conntrack-timeouts.pl @@ -12,6 +12,10 @@ use Getopt::Long; use Vyatta::Zone; use Sys::Syslog qw(:standard :macros); +#for future use when v6 timeouts need to be set +my %cmd_hash = ( 'ipv4' => 'iptables', + 'ipv6' => 'ip6tables'); + my ($create, $delete, $update); GetOptions("create=s" => \$create, @@ -19,16 +23,17 @@ GetOptions("create=s" => \$create, "update=s" => \$update, ); -if ($create and ($create eq 'true')) { - print "create\n"; - # create a nfct-timeout policy based on protocol specific timers - # check if the rule has protocol configured - # if configured, check what the protocol is and get the appropriate timers. +if (($create eq 'true') or ($update eq 'true')) { + update_config(); } -if ($delete and ($delete eq 'true')) { - print "delete"; -} -if ($update and ($update eq 'true')) { - print "update"; +sub update_config { + my $config = new Vyatta::Config; + my %rules = (); #hash of timeout config rules + my $iptables_cmd = $cmd_hash{'ipv4'}; + + $config->setLevel("system conntrack timeout custom rule"); + %rules = $config->listNodeStatus(); + print %rules; } + -- cgit v1.2.3