projects
/
pve-firewall.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
remove shorewall specific commands
[pve-firewall.git]
/
PVE
/
Firewall.pm
diff --git
a/PVE/Firewall.pm
b/PVE/Firewall.pm
index ff5cadfdd6ae1fd2098e30800dc72d184e02fb3a..8e5cfb1f996ccc0d552173c87cce02bcec9e0f76 100644
(file)
--- a/
PVE/Firewall.pm
+++ b/
PVE/Firewall.pm
@@
-15,15
+15,19
@@
use Data::Dumper;
my $macros;
my @ruleset = ();
my $macros;
my @ruleset = ();
-sub get_shorewall_macros {
+# todo: implement some kind of MACROS, like shorewall /usr/share/shorewall/macro.*
+sub get_firewall_macros {
return $macros if $macros;
return $macros if $macros;
- foreach my $path (</usr/share/shorewall/macro.*>) {
- if ($path =~ m|/macro\.(\S+)$|) {
- $macros->{$1} = 1;
- }
- }
+ #foreach my $path (</usr/share/shorewall/macro.*>) {
+ # if ($path =~ m|/macro\.(\S+)$|) {
+ # $macros->{$1} = 1;
+ # }
+ #}
+
+ $macros = {}; # fixme: implemet me
+
return $macros;
}
return $macros;
}
@@
-859,7
+863,7
@@
sub parse_fw_rules {
my $res = { in => [], out => [] };
my $res = { in => [], out => [] };
- my $macros = get_
sho
rewall_macros();
+ my $macros = get_
fi
rewall_macros();
my $protocols = get_etc_protocols();
while (defined(my $line = <$fh>)) {
my $protocols = get_etc_protocols();
while (defined(my $line = <$fh>)) {
@@
-992,18
+996,12
@@
sub read_vm_firewall_rules {
}
sub compile {
}
sub compile {
-
my $vmdata = read_local_vm_config();
my $rules = read_vm_firewall_rules($vmdata);
# print Dumper($vmdata);
my $vmdata = read_local_vm_config();
my $rules = read_vm_firewall_rules($vmdata);
# print Dumper($vmdata);
- my $swdir = '/etc/shorewall';
- mkdir $swdir;
-
- &$compile_shorewall($swdir, $vmdata, $rules);
-
- PVE::Tools::run_command(['shorewall', 'compile']);
+ die "implement me";
}
sub compile_and_start {
}
sub compile_and_start {
@@
-1011,8
+1009,7
@@
sub compile_and_start {
compile();
compile();
- PVE::Tools::run_command(['shorewall', $restart ? 'restart' : 'start']);
+ die "implement me";
}
}
-
1;
1;