]> git.proxmox.com Git - pve-firewall.git/commitdiff
projects / pve-firewall.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (from parent 1: e5d76bd)
start API
authorDietmar Maurer <dietmar@proxmox.com>
Tue, 18 Mar 2014 07:03:26 +0000 (08:03 +0100)
committerDietmar Maurer <dietmar@proxmox.com>
Tue, 18 Mar 2014 07:52:25 +0000 (08:52 +0100)
src/Makefile patch | blob | blame | history
src/PVE/API2/Firewall/Groups.pm [new file with mode: 0644] patch | blob
src/PVE/API2/Firewall/Makefile [new file with mode: 0644] patch | blob
src/PVE/API2/Makefile [new file with mode: 0644] patch | blob
src/PVE/Firewall.pm patch | blob | blame | history
src/PVE/Makefile [new file with mode: 0644] patch | blob
src/pvefw patch | blob | blame | history

diff --git a/src/Makefile b/src/Makefile
index 1a2d24d250c46af64a0d61d3327a81df4792cc7a..c3e5aeffe0b05a88d547955a1968c602cda8cc64 100644 (file)
--- a/src/Makefile
+++ b/src/Makefile
@@ -1,14 +1,11 @@
 
 
-PREFIX=/usr
-BINDIR=${PREFIX}/bin
-SBINDIR=${PREFIX}/sbin
-MANDIR=${PREFIX}/share/man
-DOCDIR=${PREFIX}/share/doc
-MAN1DIR=${MANDIR}/man1/
-PERLDIR=${PREFIX}/share/perl5
-
-LIB_SOURCES=                   \
-       Firewall.pm
+export PREFIX=/usr
+export BINDIR=${PREFIX}/bin
+export SBINDIR=${PREFIX}/sbin
+export MANDIR=${PREFIX}/share/man
+export DOCDIR=${PREFIX}/share/doc
+export MAN1DIR=${MANDIR}/man1/
+export PERLDIR=${PREFIX}/share/perl5
 
 all: pvefw-logger
 
 
 all: pvefw-logger
 
@@ -23,15 +20,14 @@ pvefw-logger: pvefw-logger.c
 
 .PHONY: install
 install: pvefw pvefw-logger
 
 .PHONY: install
 install: pvefw pvefw-logger
+       make -C PVE install
        install -d -m 0755 ${DESTDIR}/${SBINDIR}
        install -m 0755 pvefw ${DESTDIR}/${SBINDIR}
        install -m 0755 --strip pvefw-logger ${DESTDIR}/${SBINDIR}
        install -d -m 0755 ${DESTDIR}/${SBINDIR}
        install -m 0755 pvefw ${DESTDIR}/${SBINDIR}
        install -m 0755 --strip pvefw-logger ${DESTDIR}/${SBINDIR}
-       install -d -m 0755 ${DESTDIR}${PERLDIR}/PVE
-       for i in ${LIB_SOURCES}; do install -D -m 0644 PVE/$$i ${DESTDIR}${PERLDIR}/PVE/$$i; done
-
 
 .PHONY: clean
 clean:         
 
 .PHONY: clean
 clean:         
+       make -C PVE clean
        rm -rf *~ pvefw-logger
 
 .PHONY: distclean
        rm -rf *~ pvefw-logger
 
 .PHONY: distclean
diff --git a/src/PVE/API2/Firewall/Groups.pm b/src/PVE/API2/Firewall/Groups.pm
new file mode 100644 (file)
index 0000000..cd9199e
--- /dev/null
+++ b/src/PVE/API2/Firewall/Groups.pm
@@ -0,0 +1,47 @@
+package PVE::API2::Firewall::Groups;
+
+use strict;
+use warnings;
+use PVE::JSONSchema qw(get_standard_option);
+
+use PVE::Firewall;
+
+
+use Data::Dumper; # fixme: remove
+
+use base qw(PVE::RESTHandler);
+
+__PACKAGE__->register_method({
+    name => 'list',
+    path => '',
+    method => 'GET',
+    description => "List security groups.",
+    proxyto => 'node',
+    parameters => {
+       additionalProperties => 0,
+       properties => {
+           node => get_standard_option('pve-node'),
+       },
+    },
+    returns => {
+       type => 'array',
+       items => {
+           type => "object",
+           properties => {},
+       },
+       links => [ { rel => 'child', href => "{name}" } ],
+    },
+    code => sub {
+       my ($param) = @_;
+
+       my $groups_conf = PVE::Firewall::load_security_groups();
+
+       my $res = [];
+       foreach my $group (keys %{$groups_conf->{rules}}) {
+           push @$res, { name => $group };
+       }
+
+       return $res;
+    }});
+
+1;
diff --git a/src/PVE/API2/Firewall/Makefile b/src/PVE/API2/Firewall/Makefile
new file mode 100644 (file)
index 0000000..bb57ab9
--- /dev/null
+++ b/src/PVE/API2/Firewall/Makefile
@@ -0,0 +1,14 @@
+LIB_SOURCES=                   \
+       Groups.pm
+
+all:
+
+.PHONY: install
+install:
+       install -d -m 0755 ${DESTDIR}${PERLDIR}/PVE/API2/Firewall
+       for i in ${LIB_SOURCES}; do install -D -m 0644 $$i ${DESTDIR}${PERLDIR}/PVE/API2/Firewall/$$i; done     
+
+
+.PHONY: clean
+clean:
+       rm -rf *~
diff --git a/src/PVE/API2/Makefile b/src/PVE/API2/Makefile
new file mode 100644 (file)
index 0000000..a9ea452
--- /dev/null
+++ b/src/PVE/API2/Makefile
@@ -0,0 +1,12 @@
+
+all:
+
+.PHONY: install
+install:
+       install -d -m 0755 ${DESTDIR}${PERLDIR}/PVE/API2
+       make -C Firewall install
+
+.PHONY: clean
+clean:
+       rm -rf *~
+       make -C Firewall clean
\ No newline at end of file
diff --git a/src/PVE/Firewall.pm b/src/PVE/Firewall.pm
index 8594c9e0e47cb583bea125dd02df385a0b5af052..d4de6f6eed702f84abd264b3307cb80dc34dcc96 100644 (file)
--- a/src/PVE/Firewall.pm
+++ b/src/PVE/Firewall.pm
@@ -1154,7 +1154,7 @@ sub generate_group_rules {
 
     die "no such security group '$group'\n" if !$groups_conf->{$group};
 
 
     die "no such security group '$group'\n" if !$groups_conf->{$group};
 
-    my $rules = $groups_conf->{$group}->{rules};
+    my $rules = $groups_conf->{rules}->{$group};
 
     my $chain = "GROUP-${group}-IN";
 
 
     my $chain = "GROUP-${group}-IN";
 
@@ -1476,7 +1476,7 @@ sub parse_group_fw_rules {
     my $section;
     my $group;
 
     my $section;
     my $group;
 
-    my $res = { rules => [] };
+    my $res = { rules => {} };
 
     while (defined(my $line = <$fh>)) {
        next if $line =~ m/^#/;
 
     while (defined(my $line = <$fh>)) {
        next if $line =~ m/^#/;
@@ -1502,7 +1502,7 @@ sub parse_group_fw_rules {
            next;
        }
 
            next;
        }
 
-       push @{$res->{$group}->{$section}}, @$rules;
+       push @{$res->{$section}->{$group}}, @$rules;
     }
 
     return $res;
     }
 
     return $res;
@@ -1699,7 +1699,7 @@ sub compile {
     my $hostfw_options = {};
     my $hostfw_conf = {};
 
     my $hostfw_options = {};
     my $hostfw_conf = {};
 
-    $filename = "/etc/pve/local/host.fw";
+    my $filename = "/etc/pve/local/host.fw";
     if (my $fh = IO::File->new($filename, O_RDONLY)) {
        $hostfw_conf = parse_host_fw_rules($filename, $fh);
        $hostfw_options = $hostfw_conf->{options};
     if (my $fh = IO::File->new($filename, O_RDONLY)) {
        $hostfw_conf = parse_host_fw_rules($filename, $fh);
        $hostfw_options = $hostfw_conf->{options};
diff --git a/src/PVE/Makefile b/src/PVE/Makefile
new file mode 100644 (file)
index 0000000..5e0c55c
--- /dev/null
+++ b/src/PVE/Makefile
@@ -0,0 +1,16 @@
+
+LIB_SOURCES=                   \
+       Firewall.pm
+
+all:
+
+.PHONY: install
+install:
+       install -d -m 0755 ${DESTDIR}${PERLDIR}/PVE
+       for i in ${LIB_SOURCES}; do install -D -m 0644 $$i ${DESTDIR}${PERLDIR}/PVE/$$i; done   
+       make -C API2 install
+
+.PHONY: clean
+clean:
+       rm -rf *~
+       make -C API2 clean
\ No newline at end of file
diff --git a/src/pvefw b/src/pvefw
index d0f1e6023fd8042e75daf2e3456d5c63f9df4b54..1671f557ef21b9aa7d79ee1a95e47da6aaf9375d 100755 (executable)
--- a/src/pvefw
+++ b/src/pvefw
@@ -14,9 +14,12 @@ use PVE::RPCEnvironment;
 use PVE::JSONSchema qw(get_standard_option);
 
 use PVE::CLIHandler;
 use PVE::JSONSchema qw(get_standard_option);
 
 use PVE::CLIHandler;
+use PVE::API2::Firewall::Groups;
 
 use base qw(PVE::CLIHandler);
 
 
 use base qw(PVE::CLIHandler);
 
+use Data::Dumper;
+
 $ENV{'PATH'} = '/sbin:/bin:/usr/sbin:/usr/bin';
 
 initlog ('pvefw');
 $ENV{'PATH'} = '/sbin:/bin:/usr/sbin:/usr/bin';
 
 initlog ('pvefw');
@@ -234,6 +237,13 @@ my $cmddef = {
        }
     }],
     stop => [ __PACKAGE__, 'stop', []],
        }
     }],
     stop => [ __PACKAGE__, 'stop', []],
+
+    # This is for debugging 
+    listgroups => [ 'PVE::API2::Firewall::Groups', 'list', [], 
+                   { node => $nodename }, sub {
+                       my $res = shift;
+                       print Dumper($res);
+                   }],
 };
 
 my $cmd = shift;
 };
 
 my $cmd = shift;
Firewall test scripts