diff options
| author | Thomas Mangin <thomas.mangin@exa.net.uk> | 2020-04-09 19:08:24 +0100 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2020-04-09 20:08:24 +0200 |
| commit | 9875a21bdb26df19f2faf3e81153dea15e4f9e3c (patch) | |
| tree | 8a1ecc1b318d80db156f397c34bc75f40c184728 /src/conf_mode/firewall_options.py | |
| parent | c8a86d3ccee63b972c36346e6cb1c712c6801ad2 (diff) | |
| download | vyos-1x-9875a21bdb26df19f2faf3e81153dea15e4f9e3c.tar.gz vyos-1x-9875a21bdb26df19f2faf3e81153dea15e4f9e3c.zip | |
util: T2226: os.system was wrongly converted to run
os.system does print the ouput of the command, run() does not.
A new function called call() does the printing and return the error code.
Diffstat (limited to 'src/conf_mode/firewall_options.py')
| -rwxr-xr-x | src/conf_mode/firewall_options.py | 26 |
1 files changed, 13 insertions, 13 deletions
diff --git a/src/conf_mode/firewall_options.py b/src/conf_mode/firewall_options.py index 90f004bc4..0b800f48f 100755 --- a/src/conf_mode/firewall_options.py +++ b/src/conf_mode/firewall_options.py @@ -21,7 +21,7 @@ import copy from vyos.config import Config from vyos import ConfigError -from vyos.util import run +from vyos.util import call default_config_data = { @@ -87,19 +87,19 @@ def apply(tcp): target = 'VYOS_FW_OPTIONS' # always cleanup iptables - run('iptables --table mangle --delete FORWARD --jump {} >&/dev/null'.format(target)) - run('iptables --table mangle --flush {} >&/dev/null'.format(target)) - run('iptables --table mangle --delete-chain {} >&/dev/null'.format(target)) + call('iptables --table mangle --delete FORWARD --jump {} >&/dev/null'.format(target)) + call('iptables --table mangle --flush {} >&/dev/null'.format(target)) + call('iptables --table mangle --delete-chain {} >&/dev/null'.format(target)) # always cleanup ip6tables - run('ip6tables --table mangle --delete FORWARD --jump {} >&/dev/null'.format(target)) - run('ip6tables --table mangle --flush {} >&/dev/null'.format(target)) - run('ip6tables --table mangle --delete-chain {} >&/dev/null'.format(target)) + call('ip6tables --table mangle --delete FORWARD --jump {} >&/dev/null'.format(target)) + call('ip6tables --table mangle --flush {} >&/dev/null'.format(target)) + call('ip6tables --table mangle --delete-chain {} >&/dev/null'.format(target)) # Setup new iptables rules if tcp['new_chain4']: - run('iptables --table mangle --new-chain {} >&/dev/null'.format(target)) - run('iptables --table mangle --append FORWARD --jump {} >&/dev/null'.format(target)) + call('iptables --table mangle --new-chain {} >&/dev/null'.format(target)) + call('iptables --table mangle --append FORWARD --jump {} >&/dev/null'.format(target)) for opts in tcp['intf_opts']: intf = opts['intf'] @@ -111,13 +111,13 @@ def apply(tcp): # adjust TCP MSS per interface if mss: - run('iptables --table mangle --append {} --out-interface {} --protocol tcp ' \ + call('iptables --table mangle --append {} --out-interface {} --protocol tcp ' '--tcp-flags SYN,RST SYN --jump TCPMSS --set-mss {} >&/dev/null'.format(target, intf, mss)) # Setup new ip6tables rules if tcp['new_chain6']: - run('ip6tables --table mangle --new-chain {} >&/dev/null'.format(target)) - run('ip6tables --table mangle --append FORWARD --jump {} >&/dev/null'.format(target)) + call('ip6tables --table mangle --new-chain {} >&/dev/null'.format(target)) + call('ip6tables --table mangle --append FORWARD --jump {} >&/dev/null'.format(target)) for opts in tcp['intf_opts']: intf = opts['intf'] @@ -129,7 +129,7 @@ def apply(tcp): # adjust TCP MSS per interface if mss: - run('ip6tables --table mangle --append {} --out-interface {} --protocol tcp ' + call('ip6tables --table mangle --append {} --out-interface {} --protocol tcp ' '--tcp-flags SYN,RST SYN --jump TCPMSS --set-mss {} >&/dev/null'.format(target, intf, mss)) return None |