diff options
| author | Mohit Mehta <mohit.mehta@vyatta.com> | 2009-02-05 18:29:39 -0800 |
|---|---|---|
| committer | Mohit Mehta <mohit.mehta@vyatta.com> | 2009-02-05 18:29:39 -0800 |
| commit | 24631daaf1d68ebd1c8ce7973dccb8f1a89a1d6e (patch) | |
| tree | b18e2714cf56e5dcbc26d61fe6711962808de5a1 /templates | |
| parent | b70edadeac1f18f9887037c1772a2f88a4420027 (diff) | |
| download | vyatta-op-firewall-24631daaf1d68ebd1c8ce7973dccb8f1a89a1d6e.tar.gz vyatta-op-firewall-24631daaf1d68ebd1c8ce7973dccb8f1a89a1d6e.zip | |
add the following commands
'show firewall detail'
'show firewall statistics'
'clear firewall modify <fw-modify> counters'
'clear firewall modify <fw-modify> rule <rule-num> counters'
allow show command on rule 1025 for any chain
Diffstat (limited to 'templates')
10 files changed, 16 insertions, 26 deletions
diff --git a/templates/clear/firewall/modify/node.def b/templates/clear/firewall/modify/node.def new file mode 100644 index 0000000..208c4f1 --- /dev/null +++ b/templates/clear/firewall/modify/node.def @@ -0,0 +1 @@ +help: Clear firewall statistics for chain diff --git a/templates/clear/firewall/modify/node.tag/counters/node.def b/templates/clear/firewall/modify/node.tag/counters/node.def new file mode 100644 index 0000000..e47bcdc --- /dev/null +++ b/templates/clear/firewall/modify/node.tag/counters/node.def @@ -0,0 +1,2 @@ +help: Clear firewall counters +run: /opt/vyatta/bin/vyatta-clear-firewall "/sbin/iptables" "mangle" "$4" diff --git a/templates/clear/firewall/modify/node.tag/node.def b/templates/clear/firewall/modify/node.tag/node.def new file mode 100644 index 0000000..458fcb7 --- /dev/null +++ b/templates/clear/firewall/modify/node.tag/node.def @@ -0,0 +1,2 @@ +help: Clear firewall rules for a given chain +allowed: ls /opt/vyatta/config/active/firewall/modify/ 2>/dev/null diff --git a/templates/clear/firewall/modify/node.tag/rule/node.def b/templates/clear/firewall/modify/node.tag/rule/node.def new file mode 100644 index 0000000..ff490a2 --- /dev/null +++ b/templates/clear/firewall/modify/node.tag/rule/node.def @@ -0,0 +1 @@ +help: Clear firewall statistics for a rule diff --git a/templates/clear/firewall/modify/node.tag/rule/node.tag/counters/node.def b/templates/clear/firewall/modify/node.tag/rule/node.tag/counters/node.def new file mode 100644 index 0000000..d3cbae8 --- /dev/null +++ b/templates/clear/firewall/modify/node.tag/rule/node.tag/counters/node.def @@ -0,0 +1,2 @@ +help: Clear counters for specified rule +run: /opt/vyatta/bin/vyatta-clear-firewall "/sbin/iptables" "mangle" "$4" "$6" diff --git a/templates/clear/firewall/modify/node.tag/rule/node.tag/node.def b/templates/clear/firewall/modify/node.tag/rule/node.tag/node.def new file mode 100644 index 0000000..80a0676 --- /dev/null +++ b/templates/clear/firewall/modify/node.tag/rule/node.tag/node.def @@ -0,0 +1,2 @@ +help: Clear firewall statistics for given rule +allowed: ls /opt/vyatta/config/active/firewall/modify/${COMP_WORDS[COMP_CWORD-2]}/rule/ 2>/dev/null diff --git a/templates/clear/firewall/name/node.tag/counters/node.def b/templates/clear/firewall/name/node.tag/counters/node.def index 61819b1..47eb883 100644 --- a/templates/clear/firewall/name/node.tag/counters/node.def +++ b/templates/clear/firewall/name/node.tag/counters/node.def @@ -1,6 +1,2 @@ help: Clear firewall counters -run: sudo /sbin/iptables -Z "$4" 2>/dev/null - result=`echo $?` - if [ $result != 0 ]; then - echo Invalid firewall name \'$4\' - fi +run: /opt/vyatta/bin/vyatta-clear-firewall "/sbin/iptables" "filter" "$4" diff --git a/templates/clear/firewall/name/node.tag/rule/node.tag/counters/node.def b/templates/clear/firewall/name/node.tag/rule/node.tag/counters/node.def index c960e9e..29b1f0b 100644 --- a/templates/clear/firewall/name/node.tag/rule/node.tag/counters/node.def +++ b/templates/clear/firewall/name/node.tag/rule/node.tag/counters/node.def @@ -1,22 +1,2 @@ help: Clear counters for specified rule -run: - firewall_name=$4 - cli_rule_num=$6 - result=`sudo /sbin/iptables -L $firewall_name 2>/dev/null` - result=`echo $?` - if [ $result != 0 ]; then - echo Invalid firewall name \'$firewall_name\' - else - iptables_rule_num=( `sudo /sbin/iptables -L $firewall_name --line-numbers \ - | grep "/\* $firewall_name-$cli_rule_num " | awk '{ print $1 }'` ) - num_iptables_rules=${#iptables_rule_num[*]} - if [ $num_iptables_rules != 0 ]; then - i=0 - while [ $i -lt $num_iptables_rules ]; do - sudo /sbin/iptables -Z "$firewall_name" "${iptables_rule_num[$i]}" - let i++ - done - else - echo No \'rule $cli_rule_num\' under firewall name \'$firewall_name\' - fi - fi +run: /opt/vyatta/bin/vyatta-clear-firewall "/sbin/iptables" "filter" "$4" "$6" diff --git a/templates/show/firewall/detail/node.def b/templates/show/firewall/detail/node.def new file mode 100644 index 0000000..97b88db --- /dev/null +++ b/templates/show/firewall/detail/node.def @@ -0,0 +1,2 @@ +help: Show detailed firewall information +run: ${vyatta_bindir}/vyatta-show-firewall.pl "all_all" /opt/vyatta/share/xsl/show_firewall_detail.xsl diff --git a/templates/show/firewall/statistics/node.def b/templates/show/firewall/statistics/node.def new file mode 100644 index 0000000..7d09e66 --- /dev/null +++ b/templates/show/firewall/statistics/node.def @@ -0,0 +1,2 @@ +help: Show firewall counter information +run: ${vyatta_bindir}/vyatta-show-firewall.pl "all_all" /opt/vyatta/share/xsl/show_firewall_statistics.xsl |