diff options
| author | Bob Gilligan <gilligan@sydney.vyatta.com> | 2007-12-19 15:08:24 -0800 |
|---|---|---|
| committer | Bob Gilligan <gilligan@sydney.vyatta.com> | 2007-12-19 15:08:24 -0800 |
| commit | b707e21887f0dbb188e9b2028912aaac8acb7961 (patch) | |
| tree | 7e486581b8bdcdc2d71eff5f0d1a850994c87325 | |
| parent | 57aedd6c182e619856d6f5b2b9387407bb1abdce (diff) | |
| download | vyatta-op-firewall-b707e21887f0dbb188e9b2028912aaac8acb7961.tar.gz vyatta-op-firewall-b707e21887f0dbb188e9b2028912aaac8acb7961.zip | |
Change firewall operational commands so that they work correctly with
admin level users and "users" level users.
| -rw-r--r-- | Makefile.am | 5 | ||||
| -rwxr-xr-x | scripts/firewall/vyatta-show-firewall.pl | 2 | ||||
| -rw-r--r-- | templates/clear/firewall/name/node.tag/counters/node.def | 2 | ||||
| -rw-r--r-- | templates/show/firewall/node.def | 2 | ||||
| -rw-r--r-- | templates/show/firewall/node.tag/detail/node.def | 2 | ||||
| -rw-r--r-- | templates/show/firewall/node.tag/detail/rule/node.tag/node.def | 2 | ||||
| -rw-r--r-- | templates/show/firewall/node.tag/node.def | 4 | ||||
| -rw-r--r-- | templates/show/firewall/node.tag/rule/node.tag/node.def | 2 | ||||
| -rw-r--r-- | templates/show/firewall/node.tag/statistics/node.def | 2 |
9 files changed, 12 insertions, 11 deletions
diff --git a/Makefile.am b/Makefile.am index d44534a..6ba9848 100644 --- a/Makefile.am +++ b/Makefile.am @@ -2,10 +2,11 @@ opdir = $(datadir)/vyatta-op/templates xsldir = @XSLDIR@ -sbin_SCRIPTS = +bin_sudo_usersdir = $(bindir)/sudo-users + xsl_DATA = -sbin_SCRIPTS += scripts/firewall/vyatta-show-firewall.pl +bin_sudo_users_SCRIPTS = scripts/firewall/vyatta-show-firewall.pl xsl_DATA += src/xsl/show_firewall_detail.xsl xsl_DATA += src/xsl/show_firewall_statistics_brief.xsl diff --git a/scripts/firewall/vyatta-show-firewall.pl b/scripts/firewall/vyatta-show-firewall.pl index be9e60d..57a34fa 100755 --- a/scripts/firewall/vyatta-show-firewall.pl +++ b/scripts/firewall/vyatta-show-firewall.pl @@ -16,7 +16,7 @@ sub show_chain { my $chain = shift; my $fh = shift; - open(STATS, "iptables -L $chain -vn |") or exit 1; + open(STATS, "/sbin/iptables -L $chain -vn |") or exit 1; my @stats = (); while (<STATS>) { if (!/^\s*(\d+[KMG]?)\s+(\d+[KMG]?)\s/) { diff --git a/templates/clear/firewall/name/node.tag/counters/node.def b/templates/clear/firewall/name/node.tag/counters/node.def index 7db183a..0f42391 100644 --- a/templates/clear/firewall/name/node.tag/counters/node.def +++ b/templates/clear/firewall/name/node.tag/counters/node.def @@ -1,3 +1,3 @@ help: Clear firewall counters -run: iptables -Z $4 +run: sudo /sbin/iptables -Z $4 diff --git a/templates/show/firewall/node.def b/templates/show/firewall/node.def index a56e847..c27582d 100644 --- a/templates/show/firewall/node.def +++ b/templates/show/firewall/node.def @@ -1,3 +1,3 @@ help: Show firewall information -run: ${vyatta_sbindir}/vyatta-show-firewall.pl -all /opt/vyatta/share/xsl/show_firewall.xsl +run: sudo ${vyatta_bindir}/sudo-users/vyatta-show-firewall.pl -all /opt/vyatta/share/xsl/show_firewall.xsl diff --git a/templates/show/firewall/node.tag/detail/node.def b/templates/show/firewall/node.tag/detail/node.def index 2812bcd..f5295dd 100644 --- a/templates/show/firewall/node.tag/detail/node.def +++ b/templates/show/firewall/node.tag/detail/node.def @@ -1,3 +1,3 @@ help: Show firewall rules (detail output) -run: ${vyatta_sbindir}/vyatta-show-firewall.pl $3 /opt/vyatta/share/xsl/show_firewall_detail.xsl +run: sudo ${vyatta_bindir}/sudo-users/vyatta-show-firewall.pl $3 /opt/vyatta/share/xsl/show_firewall_detail.xsl diff --git a/templates/show/firewall/node.tag/detail/rule/node.tag/node.def b/templates/show/firewall/node.tag/detail/rule/node.tag/node.def index 2d5d2ee..f3af458 100644 --- a/templates/show/firewall/node.tag/detail/rule/node.tag/node.def +++ b/templates/show/firewall/node.tag/detail/rule/node.tag/node.def @@ -1,4 +1,4 @@ help: Show detailed information about one firewall rule allowed: echo -n "<NUMBER>" -run: ${vyatta_sbindir}/vyatta-show-firewall.pl $3 /opt/vyatta/share/xsl/show_firewall_detail.xsl $6 +run: sudo ${vyatta_bindir}/sudo-users/vyatta-show-firewall.pl $3 /opt/vyatta/share/xsl/show_firewall_detail.xsl $6 diff --git a/templates/show/firewall/node.tag/node.def b/templates/show/firewall/node.tag/node.def index abc66d4..134ad7d 100644 --- a/templates/show/firewall/node.tag/node.def +++ b/templates/show/firewall/node.tag/node.def @@ -1,4 +1,4 @@ help: Show firewall rules for given chain -allowed: iptables --list -n | grep ^Chain | awk '{ print $2 }' -run: ${vyatta_sbindir}/vyatta-show-firewall.pl $3 /opt/vyatta/share/xsl/show_firewall.xsl +allowed: sudo ${vyatta_bindir}/sudo-users/iptables --list -n | /bin/grep ^Chain | /usr/bin/awk '{ print $2 }' +run: sudo ${vyatta_bindir}/sudo-users/vyatta-show-firewall.pl $3 /opt/vyatta/share/xsl/show_firewall.xsl diff --git a/templates/show/firewall/node.tag/rule/node.tag/node.def b/templates/show/firewall/node.tag/rule/node.tag/node.def index ba37eb7..cf252ed 100644 --- a/templates/show/firewall/node.tag/rule/node.tag/node.def +++ b/templates/show/firewall/node.tag/rule/node.tag/node.def @@ -1,4 +1,4 @@ help: Show firewall rules (summary output) allowed: echo -n "<NUMBER>" -run: ${vyatta_sbindir}/vyatta-show-firewall.pl $3 /opt/vyatta/share/xsl/show_firewall.xsl $5 +run: sudo ${vyatta_bindir}/sudo-users/vyatta-show-firewall.pl $3 /opt/vyatta/share/xsl/show_firewall.xsl $5 diff --git a/templates/show/firewall/node.tag/statistics/node.def b/templates/show/firewall/node.tag/statistics/node.def index be7a8a1..fcbdddc 100644 --- a/templates/show/firewall/node.tag/statistics/node.def +++ b/templates/show/firewall/node.tag/statistics/node.def @@ -1,3 +1,3 @@ help: Show firewall counter information -run: ${vyatta_sbindir}/vyatta-show-firewall.pl $3 /opt/vyatta/share/xsl/show_firewall_statistics.xsl +run: sudo ${vyatta_bindir}/sudo-users/vyatta-show-firewall.pl $3 /opt/vyatta/share/xsl/show_firewall_statistics.xsl |