From db3ccf7834617fa5f278e512bb73b831acb407d3 Mon Sep 17 00:00:00 2001 From: Michael Larson Date: Thu, 20 Mar 2008 09:54:56 -0700 Subject: modified configuration to mirror nat/firewall for port/address configuration. added port configuration support for common port configuration validation. still needs additional validation for address configuration. --- scripts/vyatta-wanloadbalance.pl | 58 +++++++++++++++++++++------------------- 1 file changed, 30 insertions(+), 28 deletions(-) (limited to 'scripts/vyatta-wanloadbalance.pl') diff --git a/scripts/vyatta-wanloadbalance.pl b/scripts/vyatta-wanloadbalance.pl index 5069e29..ec361fa 100644 --- a/scripts/vyatta-wanloadbalance.pl +++ b/scripts/vyatta-wanloadbalance.pl @@ -88,25 +88,26 @@ sub write_rules { print FILE_LCK "\tdestination {\n"; my $daddr = $config->returnValue("$rule destination address"); if (defined $daddr) { - print FILE_LCK "\t\taddress " . $daddr . "\n"; - } - - my $dnet = $config->returnValue("$rule destination network"); - if (defined $dnet && !defined $daddr) { - print FILE_LCK "\t\tnetwork " . $dnet . "\n"; - } - elsif (defined $dnet && defined $daddr) { - print "Please specify either destination address or source network\n"; - exit 2; + print FILE_LCK "\t\taddress \"" . $daddr . "\"\n"; } my $option = $config->returnValue("$rule destination port"); if (defined $option) { - if ($protocol ne "tcp" && $protocol ne "udp") { - print "Please specify protocol tcp or udp when configuring ports\n"; - exit 2; + my $can_use_port; + my $port_str; + my $port_err; + + if ($protocol eq "tcp" || $protocol eq "udp") { + $can_use_port = "yes"; + } + ($port_str, $port_err) = VyattaMisc::getPortRuleString($option, $can_use_port, "d", $protocol); + if (defined $port_str) { + print FILE_LCK "\t\tport-ipt \"" . $port_str . "\"\n"; + } + else { + print $port_err; + exit 1; } - print FILE_LCK "\t\tport " . $option . "\n"; } print FILE_LCK "\t}\n"; @@ -118,25 +119,26 @@ sub write_rules { print FILE_LCK "\tsource {\n"; my $saddr = $config->returnValue("$rule source address"); if (defined $saddr) { - print FILE_LCK "\t\taddress " . $saddr . "\n"; - } - - my $snet = $config->returnValue("$rule source network"); - if (defined $snet && !defined $saddr) { - print FILE_LCK "\t\tnetwork " . $snet . "\n"; - } - elsif (defined $snet && defined $saddr) { - print "Please specify either source address or source network\n"; - exit 2; + print FILE_LCK "\t\taddress \"" . $saddr . "\"\n"; } $option = $config->returnValue("$rule source port"); if (defined $option) { - if ($protocol ne "tcp" && $protocol ne "udp") { - print "Please specify protocol tcp or udp when configuring ports\n"; - exit 2; + my $can_use_port; + my $port_str; + my $port_err; + + if ($protocol eq "tcp" || $protocol eq "udp") { + $can_use_port = "yes"; + } + ($port_str, $port_err) = VyattaMisc::getPortRuleString($option, $can_use_port, "d", $protocol); + if (defined $port_str) { + print FILE_LCK "\t\tport-ipt \"" . $port_str . "\"\n"; + } + else { + print $port_err; + exit 1; } - print FILE_LCK "\t\tport " . $option . "\n"; } print FILE_LCK "\t}\n"; -- cgit v1.2.3