diff options
| author | Michael Larson <slioch@eng-140.vyatta.com> | 2008-03-20 09:54:56 -0700 |
|---|---|---|
| committer | Michael Larson <slioch@eng-140.vyatta.com> | 2008-03-20 09:54:56 -0700 |
| commit | db3ccf7834617fa5f278e512bb73b831acb407d3 (patch) | |
| tree | bcf07c7f52890a76070e08e6c59dbc7da7a1a4a9 /src | |
| parent | e1bc4714fd3049d928c8aa106ab698d51a5d315a (diff) | |
| download | vyatta-wanloadbalance-db3ccf7834617fa5f278e512bb73b831acb407d3.tar.gz vyatta-wanloadbalance-db3ccf7834617fa5f278e512bb73b831acb407d3.zip | |
modified configuration to mirror nat/firewall for port/address configuration. added port configuration support for common port
configuration validation. still needs additional validation for address configuration.
Diffstat (limited to 'src')
| -rw-r--r-- | src/lbdata.cc | 2 | ||||
| -rw-r--r-- | src/lbdata.hh | 4 | ||||
| -rw-r--r-- | src/lbdatafactory.cc | 32 | ||||
| -rw-r--r-- | src/lbdecision.cc | 18 |
4 files changed, 22 insertions, 34 deletions
diff --git a/src/lbdata.cc b/src/lbdata.cc index 7078912..470279a 100644 --- a/src/lbdata.cc +++ b/src/lbdata.cc @@ -144,11 +144,9 @@ LBData::dump() cout << " rule: " << r_iter->first << endl; cout << " " << r_iter->second._proto << endl; cout << " " << r_iter->second._s_addr << endl; - cout << " " << r_iter->second._s_net << endl; cout << " " << r_iter->second._s_port << endl; cout << " " << r_iter->second._d_addr << endl; - cout << " " << r_iter->second._d_net << endl; cout << " " << r_iter->second._d_port << endl; LBRule::InterfaceDistIter ri_iter = r_iter->second._iface_dist_coll.begin(); diff --git a/src/lbdata.hh b/src/lbdata.hh index 5072459..627507c 100644 --- a/src/lbdata.hh +++ b/src/lbdata.hh @@ -29,12 +29,12 @@ class LBRule { public: string _proto; string _s_addr; - string _s_net; string _s_port; + string _s_port_ipt; string _d_addr; - string _d_net; string _d_port; + string _d_port_ipt; InterfaceDistColl _iface_dist_coll; }; diff --git a/src/lbdatafactory.cc b/src/lbdatafactory.cc index 7f62a69..1cfcd34 100644 --- a/src/lbdatafactory.cc +++ b/src/lbdatafactory.cc @@ -46,11 +46,11 @@ LBDataFactory::load(const string &conf_file) //read line by line and populate vect char str[1025]; int depth(0); - vector<string> path(10); + vector<string> path(32); while (fgets(str, 1024, fp) != 0) { string line(str); - int pos = line.find("#"); + unsigned int pos = line.find("#"); line = line.substr(0,pos); string key,value; @@ -64,6 +64,10 @@ LBDataFactory::load(const string &conf_file) key = symbol; } else if (value.empty()) { + if ((pos = line.find("\"")) != string::npos) { + unsigned int end_pos = line.rfind("\""); + symbol = line.substr(pos+1,end_pos-pos-1); + } value = symbol; } path[depth] = key; @@ -78,7 +82,7 @@ LBDataFactory::load(const string &conf_file) if (tokens.size() != 0) { process(path,depth,key,value); } - if (depth > 9 || depth < 0) { + if (depth > 31 || depth < 0) { if (_debug) { cerr << "configuration error: malformed configuration file: brackets" << endl; } @@ -258,17 +262,10 @@ void LBDataFactory::process_rule_source(const string &key, const string &value) { if (key == "address") { - if (inet_addr(value.c_str()) == (unsigned)-1) { - if (_debug) { - cerr << "malformed ip address: " << key << ", " << value << endl; - } - syslog(LOG_ERR, "wan_lb, malformed ip address in configuration: %s,%s", key.c_str(),value.c_str()); - return; - } _rule_iter->second._s_addr = value; } - else if (key == "network") { - _rule_iter->second._s_net = value; + else if (key == "port-ipt") { + _rule_iter->second._s_port_ipt = value; } else if (key == "port") { _rule_iter->second._s_port = value; @@ -279,17 +276,10 @@ void LBDataFactory::process_rule_destination(const string &key, const string &value) { if (key == "address") { - if (inet_addr(value.c_str()) == (unsigned)-1) { - if (_debug) { - cerr << "malformed ip address: " << key << ", " << value << endl; - } - syslog(LOG_ERR, "wan_lb, malformed ip address in configuration: %s,%s", key.c_str(),value.c_str()); - return; - } _rule_iter->second._d_addr = value; } - else if (key == "network") { - _rule_iter->second._d_net = value; + else if (key == "port-ipt") { + _rule_iter->second._d_port_ipt = value; } else if (key == "port") { _rule_iter->second._d_port = value; diff --git a/src/lbdecision.cc b/src/lbdecision.cc index 4ff35b2..fb79994 100644 --- a/src/lbdecision.cc +++ b/src/lbdecision.cc @@ -283,25 +283,25 @@ LBDecision::get_application_cmd(LBRule &rule) if (rule._s_addr.empty() == false) { filter += "--source " + rule._s_addr + " "; } - else if (rule._s_net.empty() == false && rule._s_addr.empty() == true) { - filter += "--source " + rule._s_net + " "; - } if (rule._d_addr.empty() == false) { filter += "--destination " + rule._d_addr + " "; } - else if (rule._d_net.empty() == false && rule._d_addr.empty() == true) { - filter += "--destination " + rule._d_net + " "; - } - else if (rule._proto == "udp" || rule._proto == "tcp") { - if (rule._s_port.empty() == false) { + if (rule._proto == "udp" || rule._proto == "tcp") { + if (rule._s_port.empty() == false && rule._s_port_ipt.empty() == true) { filter += "-m multiport --source-port " + rule._s_port + " "; } + else if (rule._s_port_ipt.empty() == false) { + filter += rule._s_port_ipt + " "; + } - if (rule._d_port.empty() == false) { + if (rule._d_port.empty() == false && rule._d_port_ipt.empty() == true) { filter += "-m multiport --destination-port " + rule._d_port + " "; } + else if (rule._d_port_ipt.empty() == false) { + filter += rule._d_port_ipt + " "; + } } return filter; |