diff options
| author | Stephen Hemminger <stephen.hemminger@vyatta.com> | 2008-02-29 12:17:54 -0800 |
|---|---|---|
| committer | Stephen Hemminger <stephen.hemminger@vyatta.com> | 2008-03-03 15:19:24 -0800 |
| commit | 657fa3becbc9e34e965148a7cc287054d818f1d4 (patch) | |
| tree | e1e748880dc09ec1f16907e0b86f25fba5736d23 /templates | |
| parent | b70c02f69ea5abf32e0ebe4781e6cd396a4a1dd4 (diff) | |
| download | vyatta-op-firewall-657fa3becbc9e34e965148a7cc287054d818f1d4.tar.gz vyatta-op-firewall-657fa3becbc9e34e965148a7cc287054d818f1d4.zip | |
convert to using iptables directly
Some usages of iptables by sudo are allowed by /etc/sudoers.
This avoids having to run perl command as root, and keeps kernel
the same as mainline.
Diffstat (limited to 'templates')
7 files changed, 9 insertions, 8 deletions
diff --git a/templates/clear/firewall/name/node.tag/node.def b/templates/clear/firewall/name/node.tag/node.def index 6a61828..e4d5631 100644 --- a/templates/clear/firewall/name/node.tag/node.def +++ b/templates/clear/firewall/name/node.tag/node.def @@ -1,2 +1,2 @@ help: Clear firewall rules for a given chain -allowed: sudo ${vyatta_bindir}/sudo-users/iptables --list -n | /bin/grep ^Chain | /usr/bin/awk '{ print $2 }'
\ No newline at end of file +allowed: /sbin/iptables --list -n | /bin/grep ^Chain | /usr/bin/awk '{ print $2 }' diff --git a/templates/show/firewall/node.def b/templates/show/firewall/node.def index c27582d..376c8e3 100644 --- a/templates/show/firewall/node.def +++ b/templates/show/firewall/node.def @@ -1,3 +1,3 @@ help: Show firewall information -run: sudo ${vyatta_bindir}/sudo-users/vyatta-show-firewall.pl -all /opt/vyatta/share/xsl/show_firewall.xsl +run: ${vyatta_bindir}/vyatta-show-firewall.pl -all /opt/vyatta/share/xsl/show_firewall.xsl diff --git a/templates/show/firewall/node.tag/detail/node.def b/templates/show/firewall/node.tag/detail/node.def index 0e007dc..7233143 100644 --- a/templates/show/firewall/node.tag/detail/node.def +++ b/templates/show/firewall/node.tag/detail/node.def @@ -1,3 +1,3 @@ help: Show firewall rules (detail output) -run: sudo ${vyatta_bindir}/sudo-users/vyatta-show-firewall.pl "$3" /opt/vyatta/share/xsl/show_firewall_detail.xsl +run: ${vyatta_bindir}/vyatta-show-firewall.pl "$3" /opt/vyatta/share/xsl/show_firewall_detail.xsl diff --git a/templates/show/firewall/node.tag/detail/rule/node.tag/node.def b/templates/show/firewall/node.tag/detail/rule/node.tag/node.def index fa350cf..9b65c5b 100644 --- a/templates/show/firewall/node.tag/detail/rule/node.tag/node.def +++ b/templates/show/firewall/node.tag/detail/rule/node.tag/node.def @@ -1,4 +1,4 @@ help: Show detailed information about one firewall rule allowed: echo -n "<NUMBER>" -run: sudo ${vyatta_bindir}/sudo-users/vyatta-show-firewall.pl "$3" /opt/vyatta/share/xsl/show_firewall_detail.xsl "$6" +run: ${vyatta_bindir}/vyatta-show-firewall.pl "$3" /opt/vyatta/share/xsl/show_firewall_detail.xsl "$6" diff --git a/templates/show/firewall/node.tag/node.def b/templates/show/firewall/node.tag/node.def index 0ec0f97..aef2d21 100644 --- a/templates/show/firewall/node.tag/node.def +++ b/templates/show/firewall/node.tag/node.def @@ -1,4 +1,4 @@ help: Show firewall rules for given chain -allowed: sudo ${vyatta_bindir}/sudo-users/iptables --list -n | /bin/grep ^Chain | /usr/bin/awk '{ print $2 }' -run: sudo ${vyatta_bindir}/sudo-users/vyatta-show-firewall.pl "$3" /opt/vyatta/share/xsl/show_firewall.xsl +allowed: sudo /sbin/iptables --list -n | /bin/grep ^Chain | /usr/bin/awk '{ print $2 }' +run: ${vyatta_bindir}/vyatta-show-firewall.pl "$3" /opt/vyatta/share/xsl/show_firewall.xsl diff --git a/templates/show/firewall/node.tag/rule/node.tag/node.def b/templates/show/firewall/node.tag/rule/node.tag/node.def index 4dbf8c1..f4ff051 100644 --- a/templates/show/firewall/node.tag/rule/node.tag/node.def +++ b/templates/show/firewall/node.tag/rule/node.tag/node.def @@ -1,4 +1,4 @@ help: Show firewall rules (summary output) allowed: echo -n "<NUMBER>" -run: sudo ${vyatta_bindir}/sudo-users/vyatta-show-firewall.pl "$3" /opt/vyatta/share/xsl/show_firewall.xsl "$5" +run: ${vyatta_bindir}/vyatta-show-firewall.pl "$3" /opt/vyatta/share/xsl/show_firewall.xsl "$5" diff --git a/templates/show/firewall/node.tag/statistics/node.def b/templates/show/firewall/node.tag/statistics/node.def index 21616cf..515ab2c 100644 --- a/templates/show/firewall/node.tag/statistics/node.def +++ b/templates/show/firewall/node.tag/statistics/node.def @@ -1,3 +1,4 @@ help: Show firewall counter information -run: sudo ${vyatta_bindir}/sudo-users/vyatta-show-firewall.pl "$3" /opt/vyatta/share/xsl/show_firewall_statistics.xsl +run: ${vyatta_bindir}/vyatta-show-firewall.pl "$3" /opt/vyatta/share/xsl/show_firewall_statistics.xsl + |