-PREFIX=/usr
-BINDIR=${PREFIX}/bin
-SBINDIR=${PREFIX}/sbin
-MANDIR=${PREFIX}/share/man
-DOCDIR=${PREFIX}/share/doc
-MAN1DIR=${MANDIR}/man1/
-PERLDIR=${PREFIX}/share/perl5
-
-LIB_SOURCES= \
- Firewall.pm
+export PREFIX=/usr
+export BINDIR=${PREFIX}/bin
+export SBINDIR=${PREFIX}/sbin
+export MANDIR=${PREFIX}/share/man
+export DOCDIR=${PREFIX}/share/doc
+export MAN1DIR=${MANDIR}/man1/
+export PERLDIR=${PREFIX}/share/perl5
all: pvefw-logger
.PHONY: install
install: pvefw pvefw-logger
+ make -C PVE install
install -d -m 0755 ${DESTDIR}/${SBINDIR}
install -m 0755 pvefw ${DESTDIR}/${SBINDIR}
install -m 0755 --strip pvefw-logger ${DESTDIR}/${SBINDIR}
- install -d -m 0755 ${DESTDIR}${PERLDIR}/PVE
- for i in ${LIB_SOURCES}; do install -D -m 0644 PVE/$$i ${DESTDIR}${PERLDIR}/PVE/$$i; done
-
.PHONY: clean
clean:
+ make -C PVE clean
rm -rf *~ pvefw-logger
.PHONY: distclean
--- /dev/null
+package PVE::API2::Firewall::Groups;
+
+use strict;
+use warnings;
+use PVE::JSONSchema qw(get_standard_option);
+
+use PVE::Firewall;
+
+
+use Data::Dumper; # fixme: remove
+
+use base qw(PVE::RESTHandler);
+
+__PACKAGE__->register_method({
+ name => 'list',
+ path => '',
+ method => 'GET',
+ description => "List security groups.",
+ proxyto => 'node',
+ parameters => {
+ additionalProperties => 0,
+ properties => {
+ node => get_standard_option('pve-node'),
+ },
+ },
+ returns => {
+ type => 'array',
+ items => {
+ type => "object",
+ properties => {},
+ },
+ links => [ { rel => 'child', href => "{name}" } ],
+ },
+ code => sub {
+ my ($param) = @_;
+
+ my $groups_conf = PVE::Firewall::load_security_groups();
+
+ my $res = [];
+ foreach my $group (keys %{$groups_conf->{rules}}) {
+ push @$res, { name => $group };
+ }
+
+ return $res;
+ }});
+
+1;
--- /dev/null
+LIB_SOURCES= \
+ Groups.pm
+
+all:
+
+.PHONY: install
+install:
+ install -d -m 0755 ${DESTDIR}${PERLDIR}/PVE/API2/Firewall
+ for i in ${LIB_SOURCES}; do install -D -m 0644 $$i ${DESTDIR}${PERLDIR}/PVE/API2/Firewall/$$i; done
+
+
+.PHONY: clean
+clean:
+ rm -rf *~
--- /dev/null
+
+all:
+
+.PHONY: install
+install:
+ install -d -m 0755 ${DESTDIR}${PERLDIR}/PVE/API2
+ make -C Firewall install
+
+.PHONY: clean
+clean:
+ rm -rf *~
+ make -C Firewall clean
\ No newline at end of file
die "no such security group '$group'\n" if !$groups_conf->{$group};
- my $rules = $groups_conf->{$group}->{rules};
+ my $rules = $groups_conf->{rules}->{$group};
my $chain = "GROUP-${group}-IN";
my $section;
my $group;
- my $res = { rules => [] };
+ my $res = { rules => {} };
while (defined(my $line = <$fh>)) {
next if $line =~ m/^#/;
next;
}
- push @{$res->{$group}->{$section}}, @$rules;
+ push @{$res->{$section}->{$group}}, @$rules;
}
return $res;
my $hostfw_options = {};
my $hostfw_conf = {};
- $filename = "/etc/pve/local/host.fw";
+ my $filename = "/etc/pve/local/host.fw";
if (my $fh = IO::File->new($filename, O_RDONLY)) {
$hostfw_conf = parse_host_fw_rules($filename, $fh);
$hostfw_options = $hostfw_conf->{options};
--- /dev/null
+
+LIB_SOURCES= \
+ Firewall.pm
+
+all:
+
+.PHONY: install
+install:
+ install -d -m 0755 ${DESTDIR}${PERLDIR}/PVE
+ for i in ${LIB_SOURCES}; do install -D -m 0644 $$i ${DESTDIR}${PERLDIR}/PVE/$$i; done
+ make -C API2 install
+
+.PHONY: clean
+clean:
+ rm -rf *~
+ make -C API2 clean
\ No newline at end of file
use PVE::JSONSchema qw(get_standard_option);
use PVE::CLIHandler;
+use PVE::API2::Firewall::Groups;
use base qw(PVE::CLIHandler);
+use Data::Dumper;
+
$ENV{'PATH'} = '/sbin:/bin:/usr/sbin:/usr/bin';
initlog ('pvefw');
}
}],
stop => [ __PACKAGE__, 'stop', []],
+
+ # This is for debugging
+ listgroups => [ 'PVE::API2::Firewall::Groups', 'list', [],
+ { node => $nodename }, sub {
+ my $res = shift;
+ print Dumper($res);
+ }],
};
my $cmd = shift;