diff options
| author | John Southworth <john.southworth@vyatta.com> | 2012-01-06 15:40:28 -0800 |
|---|---|---|
| committer | John Southworth <john.southworth@vyatta.com> | 2012-01-06 15:40:28 -0800 |
| commit | d671cb3fcaf9eeec6a4d8ff5a95f3c6c72bd2781 (patch) | |
| tree | 27dbd29589a696abc9e783ab7e7567019390ac9d | |
| parent | 6af6db0a9dee75685cd84e576e0019208941659d (diff) | |
| download | vyatta-zone-d671cb3fcaf9eeec6a4d8ff5a95f3c6c72bd2781.tar.gz vyatta-zone-d671cb3fcaf9eeec6a4d8ff5a95f3c6c72bd2781.zip | |
Add function to return zone policy information so that it may be easily queried from the webgui and operational commands
| -rwxr-xr-x | lib/Vyatta/Zone.pm | 27 |
1 files changed, 27 insertions, 0 deletions
diff --git a/lib/Vyatta/Zone.pm b/lib/Vyatta/Zone.pm index a4c9d64..763be7a 100755 --- a/lib/Vyatta/Zone.pm +++ b/lib/Vyatta/Zone.pm @@ -498,4 +498,31 @@ $zone_chain chain failed [$error]" if $error; return; } +sub get_zone_hash { + #### Return a hash containing zone policy for use in operational/gui commands + my $zone_hash = (); + my @zones = get_all_zones("listOrigNodes"); + for my $zone (@zones){ + my @from_zones = get_from_zones("listOrigNodes", $zone); + for my $from_zone (@from_zones){ + $zone_hash->{$zone}{'from'}->{$from_zone}{'firewall'}->{'ipv4'} = + get_firewall_ruleset("returnOrigValue", $zone, $from_zone, "name"); + $zone_hash->{$zone}{'from'}->{$from_zone}{'firewall'}->{'ipv6'} = + get_firewall_ruleset("returnOrigValue", $zone, $from_zone, "ipv6-name"); + $zone_hash->{$zone}{'from'}->{$from_zone}{'content-inspection'} = + is_ips_enabled("returnOrigValue", $zone, $from_zone, "enable"); + } + if (is_local_zone("existsOrig", $zone)){ + $zone_hash->{$zone}{'interfaces'} = ['local-zone']; + } else { + my @interfaces = get_zone_interfaces("returnOrigValues", $zone); + $zone_hash->{$zone}{'interfaces'} = [@interfaces]; + } + my $config = new Vyatta::Config; + my $desc = $config->returnOrigValue("zone-policy zone $zone description"); + $zone_hash->{$zone}{'description'} = $desc; + } + return $zone_hash; +} + 1; |