From 8f1192842a00af8626df1dfbb6a76c1f4944ac9b Mon Sep 17 00:00:00 2001 From: Dietmar Maurer Date: Tue, 18 Mar 2014 08:03:26 +0100 Subject: [PATCH] start API --- src/Makefile | 22 +++++++-------- src/PVE/API2/Firewall/Groups.pm | 47 +++++++++++++++++++++++++++++++++ src/PVE/API2/Firewall/Makefile | 14 ++++++++++ src/PVE/API2/Makefile | 12 +++++++++ src/PVE/Firewall.pm | 8 +++--- src/PVE/Makefile | 16 +++++++++++ src/pvefw | 10 +++++++ 7 files changed, 112 insertions(+), 17 deletions(-) create mode 100644 src/PVE/API2/Firewall/Groups.pm create mode 100644 src/PVE/API2/Firewall/Makefile create mode 100644 src/PVE/API2/Makefile create mode 100644 src/PVE/Makefile diff --git a/src/Makefile b/src/Makefile index 1a2d24d..c3e5aef 100644 --- a/src/Makefile +++ b/src/Makefile @@ -1,14 +1,11 @@ -PREFIX=/usr -BINDIR=${PREFIX}/bin -SBINDIR=${PREFIX}/sbin -MANDIR=${PREFIX}/share/man -DOCDIR=${PREFIX}/share/doc -MAN1DIR=${MANDIR}/man1/ -PERLDIR=${PREFIX}/share/perl5 - -LIB_SOURCES= \ - Firewall.pm +export PREFIX=/usr +export BINDIR=${PREFIX}/bin +export SBINDIR=${PREFIX}/sbin +export MANDIR=${PREFIX}/share/man +export DOCDIR=${PREFIX}/share/doc +export MAN1DIR=${MANDIR}/man1/ +export PERLDIR=${PREFIX}/share/perl5 all: pvefw-logger @@ -23,15 +20,14 @@ pvefw-logger: pvefw-logger.c .PHONY: install install: pvefw pvefw-logger + make -C PVE install install -d -m 0755 ${DESTDIR}/${SBINDIR} install -m 0755 pvefw ${DESTDIR}/${SBINDIR} install -m 0755 --strip pvefw-logger ${DESTDIR}/${SBINDIR} - install -d -m 0755 ${DESTDIR}${PERLDIR}/PVE - for i in ${LIB_SOURCES}; do install -D -m 0644 PVE/$$i ${DESTDIR}${PERLDIR}/PVE/$$i; done - .PHONY: clean clean: + make -C PVE clean rm -rf *~ pvefw-logger .PHONY: distclean diff --git a/src/PVE/API2/Firewall/Groups.pm b/src/PVE/API2/Firewall/Groups.pm new file mode 100644 index 0000000..cd9199e --- /dev/null +++ b/src/PVE/API2/Firewall/Groups.pm @@ -0,0 +1,47 @@ +package PVE::API2::Firewall::Groups; + +use strict; +use warnings; +use PVE::JSONSchema qw(get_standard_option); + +use PVE::Firewall; + + +use Data::Dumper; # fixme: remove + +use base qw(PVE::RESTHandler); + +__PACKAGE__->register_method({ + name => 'list', + path => '', + method => 'GET', + description => "List security groups.", + proxyto => 'node', + parameters => { + additionalProperties => 0, + properties => { + node => get_standard_option('pve-node'), + }, + }, + returns => { + type => 'array', + items => { + type => "object", + properties => {}, + }, + links => [ { rel => 'child', href => "{name}" } ], + }, + code => sub { + my ($param) = @_; + + my $groups_conf = PVE::Firewall::load_security_groups(); + + my $res = []; + foreach my $group (keys %{$groups_conf->{rules}}) { + push @$res, { name => $group }; + } + + return $res; + }}); + +1; diff --git a/src/PVE/API2/Firewall/Makefile b/src/PVE/API2/Firewall/Makefile new file mode 100644 index 0000000..bb57ab9 --- /dev/null +++ b/src/PVE/API2/Firewall/Makefile @@ -0,0 +1,14 @@ +LIB_SOURCES= \ + Groups.pm + +all: + +.PHONY: install +install: + install -d -m 0755 ${DESTDIR}${PERLDIR}/PVE/API2/Firewall + for i in ${LIB_SOURCES}; do install -D -m 0644 $$i ${DESTDIR}${PERLDIR}/PVE/API2/Firewall/$$i; done + + +.PHONY: clean +clean: + rm -rf *~ diff --git a/src/PVE/API2/Makefile b/src/PVE/API2/Makefile new file mode 100644 index 0000000..a9ea452 --- /dev/null +++ b/src/PVE/API2/Makefile @@ -0,0 +1,12 @@ + +all: + +.PHONY: install +install: + install -d -m 0755 ${DESTDIR}${PERLDIR}/PVE/API2 + make -C Firewall install + +.PHONY: clean +clean: + rm -rf *~ + make -C Firewall clean \ No newline at end of file diff --git a/src/PVE/Firewall.pm b/src/PVE/Firewall.pm index 8594c9e..d4de6f6 100644 --- a/src/PVE/Firewall.pm +++ b/src/PVE/Firewall.pm @@ -1154,7 +1154,7 @@ sub generate_group_rules { die "no such security group '$group'\n" if !$groups_conf->{$group}; - my $rules = $groups_conf->{$group}->{rules}; + my $rules = $groups_conf->{rules}->{$group}; my $chain = "GROUP-${group}-IN"; @@ -1476,7 +1476,7 @@ sub parse_group_fw_rules { my $section; my $group; - my $res = { rules => [] }; + my $res = { rules => {} }; while (defined(my $line = <$fh>)) { next if $line =~ m/^#/; @@ -1502,7 +1502,7 @@ sub parse_group_fw_rules { next; } - push @{$res->{$group}->{$section}}, @$rules; + push @{$res->{$section}->{$group}}, @$rules; } return $res; @@ -1699,7 +1699,7 @@ sub compile { my $hostfw_options = {}; my $hostfw_conf = {}; - $filename = "/etc/pve/local/host.fw"; + my $filename = "/etc/pve/local/host.fw"; if (my $fh = IO::File->new($filename, O_RDONLY)) { $hostfw_conf = parse_host_fw_rules($filename, $fh); $hostfw_options = $hostfw_conf->{options}; diff --git a/src/PVE/Makefile b/src/PVE/Makefile new file mode 100644 index 0000000..5e0c55c --- /dev/null +++ b/src/PVE/Makefile @@ -0,0 +1,16 @@ + +LIB_SOURCES= \ + Firewall.pm + +all: + +.PHONY: install +install: + install -d -m 0755 ${DESTDIR}${PERLDIR}/PVE + for i in ${LIB_SOURCES}; do install -D -m 0644 $$i ${DESTDIR}${PERLDIR}/PVE/$$i; done + make -C API2 install + +.PHONY: clean +clean: + rm -rf *~ + make -C API2 clean \ No newline at end of file diff --git a/src/pvefw b/src/pvefw index d0f1e60..1671f55 100755 --- a/src/pvefw +++ b/src/pvefw @@ -14,9 +14,12 @@ use PVE::RPCEnvironment; use PVE::JSONSchema qw(get_standard_option); use PVE::CLIHandler; +use PVE::API2::Firewall::Groups; use base qw(PVE::CLIHandler); +use Data::Dumper; + $ENV{'PATH'} = '/sbin:/bin:/usr/sbin:/usr/bin'; initlog ('pvefw'); @@ -234,6 +237,13 @@ my $cmddef = { } }], stop => [ __PACKAGE__, 'stop', []], + + # This is for debugging + listgroups => [ 'PVE::API2::Firewall::Groups', 'list', [], + { node => $nodename }, sub { + my $res = shift; + print Dumper($res); + }], }; my $cmd = shift; -- 2.39.2