]>
git.proxmox.com Git - pve-firewall.git/blob - fwtest.pl
13 net0
=> 'rtl8139=9A:42:2D:0C:01:FF,bridge=vmbr0',
16 net0
=> 'rtl8139=0E:9D:ED:CC:9B:ED,bridge=vmbr0',
20 net0
=> 'rtl8139=0E:9D:ED:CC:AA:ED,bridge=vmbr0',
21 net1
=> 'rtl8139=0E:9D:ED:CC:CC:ED,bridge=vmbr1',
25 net0
=> 'rtl8139=0E:9D:ED:CC:BC:ED,bridge=vmbr0',
26 net1
=> 'rtl8139=0E:9D:ED:CC:BC:AA,tag=5,bridge=vmbr0',
32 my ($filename, $fh) = @_;
36 my $res = { in => [], out
=> [] };
38 while (defined(my $line = <$fh>)) {
39 next if $line =~ m/^#/;
40 next if $line =~ m/^\s*$/;
42 if ($line =~ m/^\[(in|out)\]\s*$/i) {
48 my ($action, $iface, $source, $dest, $proto, $dport, $sport) =
51 if (!($action && $iface && $source && $dest)) {
52 warn "skip incomplete line\n";
56 if ($action !~ m/^(ACCEPT|DROP)$/) {
57 warn "unknown action '$action'\n";
61 if ($iface !~ m/^(all|net0|net1|net2|net3|net4|net5)$/) {
62 warn "unknown interface '$iface'\n";
66 if ($proto && $proto !~ m/^(icmp|tcp|udp)$/) {
67 warn "unknown protokol '$proto'\n";
71 if ($source !~ m/^(any)$/) {
72 warn "unknown source '$source'\n";
76 if ($dest !~ m/^(any)$/) {
77 warn "unknown destination '$dest'\n";
91 push @{$res->{$section}}, $rule;
97 my $testdir = "./testdir";
102 foreach my $vmid (keys %{$vmdata->{qemu
}}) {
103 my $filename = "config/$vmid.fw";
104 my $fh = IO
::File-
>new($filename, O_RDONLY
);
107 $rules->{$vmid} = parse_fw_rules
($filename, $fh);
110 PVE
::Firewall
::compile
($testdir, $vmdata, $rules);
112 PVE
::Tools
::run_command
(['shorewall', 'check', $testdir]);