templates-cfg/system/conntrack/log/node.def


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35

help: Log connection tracking events per protocol
priority: 219 # failure at log shouldnt fail conntrack 
end:
if [[ ${COMMIT_ACTION} != 'DELETE' ]]
then
  declare -a ARR;
  declare -a EVENTS;
  declare -a STATES;
  eval "ARR=($(cli-shell-api listNodes system conntrack log))";
  if [ "${#ARR[@]}" == "0" ]; then
    echo Protocol must be specified for log;
    exit 1;
  fi
  for var in "${ARR[@]}"
  do
    eval "EVENTS=($(cli-shell-api listNodes system conntrack log $var))";
    if [ "${#EVENTS[@]}" == "0" ]; then
      echo Event must be specified for specified protocol $var;
      exit 1;
    fi
    if [ "$var" == "tcp" ]; then
      for i in "${EVENTS[@]}"
      do
        if [ "$i" == "update" ]; then
          eval "STATES=($(cli-shell-api listNodes system conntrack log $var $i))";
          if [ "${#STATES[@]}" == "0" ]; then
            echo State must be specified for specified protocol-event $var $i;
            exit 1;
          fi
        fi
      done
    fi
  done
fi
sudo /opt/vyatta/sbin/vyatta-update-conntrack-log.pl