From 17fd3bf4548804e1442eb0f1d12932d1dfd37cb9 Mon Sep 17 00:00:00 2001
From: Marat Nepomnyashy <marat@vyatta.com>
Date: Fri, 4 Jan 2008 16:40:36 -0800
Subject: Add dependency on package 'vyatta-op-xml'.

---
 debian/control | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/debian/control b/debian/control
index b4acc52..33de101 100644
--- a/debian/control
+++ b/debian/control
@@ -8,7 +8,8 @@ Standards-Version: 3.7.2
 Package: vyatta-op-firewall
 Architecture: all
 Depends: bash (>= 3.1),
- vyatta-op
+ vyatta-op,
+ vyatta-op-xml
 Suggests: util-linux (>= 2.13-5),
  net-tools,
  ethtool,
-- 
cgit v1.2.3


From e51bc73ce7b196e0bf02c41faa33237dc2dd138e Mon Sep 17 00:00:00 2001
From: An-Cheng Huang <ancheng@vyatta.com>
Date: Fri, 8 Feb 2008 16:46:21 -0800
Subject: merge ports in show output

---
 src/xsl/show_firewall.xsl        | 42 ++++++----------------------------------
 src/xsl/show_firewall_detail.xsl | 28 ++++-----------------------
 2 files changed, 10 insertions(+), 60 deletions(-)

diff --git a/src/xsl/show_firewall.xsl b/src/xsl/show_firewall.xsl
index d40f024..158d970 100644
--- a/src/xsl/show_firewall.xsl
+++ b/src/xsl/show_firewall.xsl
@@ -147,52 +147,22 @@
 
   <xsl:text>&newln;</xsl:text>
 
-  <xsl:if test="src_port_num!='' or src_port_name!='' or src_port_start!=''">
+  <xsl:if test="src_port!=''">
     <xsl:value-of select="$pad6"/>
     <xsl:value-of select="$pad8"/>
     <xsl:text>src ports: </xsl:text>
-    <xsl:if test="src_port_num!=''">
-      <xsl:value-of select="src_port_num"/>
-      <xsl:if test="src_port_name!='' or src_port_start!=''">
-        <xsl:text>,</xsl:text>
-      </xsl:if>
-    </xsl:if>
-    <xsl:if test="src_port_name!=''">
-      <xsl:value-of select="src_port_name"/>
-      <xsl:if test="src_port_start!=''">
-        <xsl:text>,</xsl:text>
-      </xsl:if>
-    </xsl:if>
-    <xsl:if test="src_port_start!=''">
-      <xsl:value-of select="src_port_start"/>
-      <xsl:text>-</xsl:text>
-      <xsl:value-of select="src_port_stop"/>
-    </xsl:if>
+    <xsl:value-of select="src_port"/>
+
     <xsl:text>&newln;</xsl:text>
   </xsl:if>
   
-  <xsl:if test="dst_port_num!='' or dst_port_name!='' or dst_port_start!=''">
+  <xsl:if test="dst_port!=''">
     <xsl:value-of select="$pad6"/>
     <xsl:value-of select="$pad8"/>
     <xsl:value-of select="$pad20"/>
     <xsl:text>dst ports: </xsl:text>
-    <xsl:if test="dst_port_num!=''">
-      <xsl:value-of select="dst_port_num"/>
-      <xsl:if test="dst_port_name!='' or dst_port_start!=''">
-        <xsl:text>,</xsl:text>
-      </xsl:if>
-    </xsl:if>
-    <xsl:if test="dst_port_name!=''">
-      <xsl:value-of select="dst_port_name"/>
-      <xsl:if test="dst_port_start!=''">
-        <xsl:text>,</xsl:text>
-      </xsl:if>
-    </xsl:if>
-    <xsl:if test="dst_port_start!=''">
-      <xsl:value-of select="dst_port_start"/>
-      <xsl:text>-</xsl:text>
-      <xsl:value-of select="dst_port_stop"/>
-    </xsl:if>
+    <xsl:value-of select="dst_port"/>
+
     <xsl:text>&newln;</xsl:text>
   </xsl:if>
 
diff --git a/src/xsl/show_firewall_detail.xsl b/src/xsl/show_firewall_detail.xsl
index 6e970cb..bd817c8 100644
--- a/src/xsl/show_firewall_detail.xsl
+++ b/src/xsl/show_firewall_detail.xsl
@@ -135,18 +135,8 @@
 <xsl:text>  Ports: </xsl:text>
 
   <xsl:choose>
-    <xsl:when test="src_port_num!='0'">
-      <xsl:value-of select="src_port_num"/>
-    </xsl:when>
-
-    <xsl:when test="src_port_start!='0'">
-      <xsl:value-of select="src_port_start"/>
-      <xsl:text>:</xsl:text>
-      <xsl:value-of select="src_port_stop"/>
-    </xsl:when>
-
-    <xsl:when test="src_port_name!=''">
-      <xsl:value-of select="src_port_name"/>
+    <xsl:when test="src_port!=''">
+      <xsl:value-of select="src_port"/>
     </xsl:when>
 
     <xsl:otherwise>
@@ -181,18 +171,8 @@
 <xsl:text>  Ports: </xsl:text>
 
   <xsl:choose>
-    <xsl:when test="dst_port_num!='0'">
-      <xsl:value-of select="dst_port_num"/>
-    </xsl:when>
-
-    <xsl:when test="dst_port_start!='0'">
-      <xsl:value-of select="dst_port_start"/>
-      <xsl:text>:</xsl:text>
-      <xsl:value-of select="dst_port_stop"/>
-    </xsl:when>
-
-    <xsl:when test="dst_port_name!=''">
-      <xsl:value-of select="dst_port_name"/>
+    <xsl:when test="dst_port!=''">
+      <xsl:value-of select="dst_port"/>
     </xsl:when>
 
     <xsl:otherwise>
-- 
cgit v1.2.3


From 4fad9e78f05796db27e32376401316248aaf9bef Mon Sep 17 00:00:00 2001
From: An-Cheng Huang <ancheng@vyatta.com>
Date: Thu, 21 Feb 2008 23:23:06 -0800
Subject: add error checking for show command

---
 scripts/firewall/vyatta-show-firewall.pl | 20 +++++++++++++++++---
 1 file changed, 17 insertions(+), 3 deletions(-)

diff --git a/scripts/firewall/vyatta-show-firewall.pl b/scripts/firewall/vyatta-show-firewall.pl
index 57a34fa..4995a09 100755
--- a/scripts/firewall/vyatta-show-firewall.pl
+++ b/scripts/firewall/vyatta-show-firewall.pl
@@ -10,6 +10,16 @@ my $chain_name = $ARGV[0];
 my $xsl_file = $ARGV[1];
 my $rule_num = $ARGV[2];    # rule number to match (optional)
 
+if (! -e $xsl_file) {
+  print "Invalid XSL file \"$xsl_file\"\n";
+  exit 1;
+}
+
+if (defined($rule_num) && (!($rule_num =~ /^\d+$/) || ($rule_num > 1025))) {
+  print "Invalid rule number \"$rule_num\"\n";
+  exit 1;
+}
+
 sub numerically { $a <=> $b; }
 
 sub show_chain {
@@ -69,10 +79,10 @@ sub show_chain {
   print $fh "</format></opcommand>\n";
 }
 
+my $config = new VyattaConfig;
+$config->setLevel("firewall name");
+my @chains = $config->listOrigNodes();
 if ($chain_name eq "-all") {
-  my $config = new VyattaConfig;
-  $config->setLevel("firewall name");
-  my @chains = $config->listOrigNodes();
   foreach (@chains) {
     print "Firewall \"$_\":\n";
     open(RENDER, "| /opt/vyatta/sbin/render_xml $xsl_file") or exit 1;
@@ -81,6 +91,10 @@ if ($chain_name eq "-all") {
     print "-" x 80 . "\n";
   }
 } else {
+  if (scalar(grep(/^$chain_name$/, @chains)) <= 0) {
+    print "Invalid name \"$chain_name\"\n";
+    exit 1;
+  }
   open(RENDER, "| /opt/vyatta/sbin/render_xml $xsl_file") or exit 1;
   show_chain($chain_name, *RENDER{IO});
   close RENDER;
-- 
cgit v1.2.3


From 39079b7e93d309125d0244348716ef40e5adccf5 Mon Sep 17 00:00:00 2001
From: An-Cheng Huang <ancheng@vyatta.com>
Date: Thu, 21 Feb 2008 23:36:05 -0800
Subject: fix quoting in show command templates

---
 templates/show/firewall/node.tag/detail/node.def               | 2 +-
 templates/show/firewall/node.tag/detail/rule/node.tag/node.def | 2 +-
 templates/show/firewall/node.tag/node.def                      | 2 +-
 templates/show/firewall/node.tag/rule/node.tag/node.def        | 2 +-
 templates/show/firewall/node.tag/statistics/node.def           | 2 +-
 5 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/templates/show/firewall/node.tag/detail/node.def b/templates/show/firewall/node.tag/detail/node.def
index f5295dd..0e007dc 100644
--- a/templates/show/firewall/node.tag/detail/node.def
+++ b/templates/show/firewall/node.tag/detail/node.def
@@ -1,3 +1,3 @@
 help: Show firewall rules (detail output)
-run: sudo ${vyatta_bindir}/sudo-users/vyatta-show-firewall.pl $3 /opt/vyatta/share/xsl/show_firewall_detail.xsl
+run: sudo ${vyatta_bindir}/sudo-users/vyatta-show-firewall.pl "$3" /opt/vyatta/share/xsl/show_firewall_detail.xsl
 
diff --git a/templates/show/firewall/node.tag/detail/rule/node.tag/node.def b/templates/show/firewall/node.tag/detail/rule/node.tag/node.def
index f3af458..fa350cf 100644
--- a/templates/show/firewall/node.tag/detail/rule/node.tag/node.def
+++ b/templates/show/firewall/node.tag/detail/rule/node.tag/node.def
@@ -1,4 +1,4 @@
 help: Show detailed information about one firewall rule
 allowed: echo -n "<NUMBER>"
-run: sudo ${vyatta_bindir}/sudo-users/vyatta-show-firewall.pl $3 /opt/vyatta/share/xsl/show_firewall_detail.xsl $6
+run: sudo ${vyatta_bindir}/sudo-users/vyatta-show-firewall.pl "$3" /opt/vyatta/share/xsl/show_firewall_detail.xsl "$6"
 
diff --git a/templates/show/firewall/node.tag/node.def b/templates/show/firewall/node.tag/node.def
index 134ad7d..0ec0f97 100644
--- a/templates/show/firewall/node.tag/node.def
+++ b/templates/show/firewall/node.tag/node.def
@@ -1,4 +1,4 @@
 help: Show firewall rules for given chain
 allowed: sudo ${vyatta_bindir}/sudo-users/iptables --list -n | /bin/grep ^Chain | /usr/bin/awk '{ print $2 }'
-run: sudo ${vyatta_bindir}/sudo-users/vyatta-show-firewall.pl $3 /opt/vyatta/share/xsl/show_firewall.xsl
+run: sudo ${vyatta_bindir}/sudo-users/vyatta-show-firewall.pl "$3" /opt/vyatta/share/xsl/show_firewall.xsl
 
diff --git a/templates/show/firewall/node.tag/rule/node.tag/node.def b/templates/show/firewall/node.tag/rule/node.tag/node.def
index cf252ed..4dbf8c1 100644
--- a/templates/show/firewall/node.tag/rule/node.tag/node.def
+++ b/templates/show/firewall/node.tag/rule/node.tag/node.def
@@ -1,4 +1,4 @@
 help: Show firewall rules (summary output)
 allowed: echo -n "<NUMBER>"
-run: sudo ${vyatta_bindir}/sudo-users/vyatta-show-firewall.pl $3 /opt/vyatta/share/xsl/show_firewall.xsl $5
+run: sudo ${vyatta_bindir}/sudo-users/vyatta-show-firewall.pl "$3" /opt/vyatta/share/xsl/show_firewall.xsl "$5"
 
diff --git a/templates/show/firewall/node.tag/statistics/node.def b/templates/show/firewall/node.tag/statistics/node.def
index fcbdddc..21616cf 100644
--- a/templates/show/firewall/node.tag/statistics/node.def
+++ b/templates/show/firewall/node.tag/statistics/node.def
@@ -1,3 +1,3 @@
 help: Show firewall counter information
-run: sudo ${vyatta_bindir}/sudo-users/vyatta-show-firewall.pl $3 /opt/vyatta/share/xsl/show_firewall_statistics.xsl
+run: sudo ${vyatta_bindir}/sudo-users/vyatta-show-firewall.pl "$3" /opt/vyatta/share/xsl/show_firewall_statistics.xsl
 
-- 
cgit v1.2.3


From f0229e9eda7d01c9c14c95333873ba6803e36e43 Mon Sep 17 00:00:00 2001
From: Mark O'Brien <mobrien@vyatta.com>
Date: Mon, 25 Feb 2008 17:39:14 -0800
Subject: vc4.0.0

---
 debian/changelog | 15 +++++++++++++++
 1 file changed, 15 insertions(+)

diff --git a/debian/changelog b/debian/changelog
index 1e047b4..21f24cf 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,18 @@
+vyatta-op-firewall (0.2) unstable; urgency=low
+
+  vc4.0.0
+  [ Mark O'Brien ]
+
+
+  [ An-Cheng Huang ]
+  * merge ports in show output
+  * add error checking for show command
+  * fix quoting in show command templates
+
+  [ Mark O'Brien ]
+
+ -- Mark O'Brien <mobrien@vyatta.com>  Mon, 25 Feb 2008 17:39:14 -0800
+
 vyatta-op-firewall (0.1) unstable; urgency=low
 
   * Initial Release.
-- 
cgit v1.2.3