| Message ID | 20220214184257.2406-5-stefan.schantl@ipfire.org |
|---|---|
| State | Accepted |
| Commit | 6babb404cc63d6f5c25d64be8e4370b7cb009c2c |
| Headers |
Return-Path: <development-bounces@lists.ipfire.org> Received: from mail01.ipfire.org (mail01.haj.ipfire.org [172.28.1.202]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) client-signature ECDSA (P-384)) (Client CN "mail01.haj.ipfire.org", Issuer "R3" (verified OK)) by web04.haj.ipfire.org (Postfix) with ESMTPS id 4JyClv4Nk9z3xgN for <patchwork@web04.haj.ipfire.org>; Mon, 14 Feb 2022 18:43:23 +0000 (UTC) Received: from mail02.haj.ipfire.org (mail02.haj.ipfire.org [172.28.1.201]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) client-signature ECDSA (P-384)) (Client CN "mail02.haj.ipfire.org", Issuer "R3" (verified OK)) by mail01.ipfire.org (Postfix) with ESMTPS id 4JyClp3Vngz5Mt; Mon, 14 Feb 2022 18:43:18 +0000 (UTC) Received: from mail02.haj.ipfire.org (localhost [127.0.0.1]) by mail02.haj.ipfire.org (Postfix) with ESMTP id 4JyClp1HbTz32KT; Mon, 14 Feb 2022 18:43:18 +0000 (UTC) Received: from mail01.ipfire.org (mail01.haj.ipfire.org [172.28.1.202]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) client-signature ECDSA (P-384)) (Client CN "mail01.haj.ipfire.org", Issuer "R3" (verified OK)) by mail02.haj.ipfire.org (Postfix) with ESMTPS id 4JyCll722qz2xVx for <development@lists.ipfire.org>; Mon, 14 Feb 2022 18:43:15 +0000 (UTC) Received: from [127.0.0.1] (localhost [127.0.0.1]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384) (No client certificate requested) by mail01.ipfire.org (Postfix) with ESMTPSA id 4JyCll4Hb9z3d2; Mon, 14 Feb 2022 18:43:15 +0000 (UTC) DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=ipfire.org; s=202003ed25519; t=1644864195; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=+IJmKt4HQhCQgXQh1ckb7JWPOo6fxKBLy+Yp0LCG3Es=; b=JuAUwQi5UC2KNyWtGYSzGycQrg0/NhThTOaM+d7eRNpt+C7xo8E6Va2xDnmm/2AzkNI3Z7 BrZO4SQGUZOUTcCg== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ipfire.org; s=202003rsa; t=1644864195; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=+IJmKt4HQhCQgXQh1ckb7JWPOo6fxKBLy+Yp0LCG3Es=; b=tA2bQ4xJx0UFC8dqAyRDWtMk4xXai6zgbEn06l8DCeH/CjpsLyYLiVOQR2pF0QOQYFLd88 xhv/yRJDeRJXjZesd50l9v2AS+fM9C+yXkQDgdmq04nZ9ZCDqGvvUKEdHXdWjlF7C4gsUs r8pIRpeATedoTMlndpLm87BxEBL1z/x8RuAbqzIPDoYlADghQXBlWKBj8TtLSG7nXdXwFL xu78qRRmBvDxa5pYSNbAFEQvfr7IrxYcsWl5ssZGGUzXko38mNJMR3cWz3IdVS3/XA+MXh ycp/J+uGwD4+I35mc2kIERSADAovshO4qc5Gbjbrd4t9IvEtAhYa4ATmTWKUxw== From: Stefan Schantl <stefan.schantl@ipfire.org> To: development@lists.ipfire.org Subject: [PATCH 05/12] rules.pl: Add tiny ipset_restore function. Date: Mon, 14 Feb 2022 19:42:49 +0100 Message-Id: <20220214184257.2406-5-stefan.schantl@ipfire.org> In-Reply-To: <20220214184257.2406-1-stefan.schantl@ipfire.org> References: <20220214184257.2406-1-stefan.schantl@ipfire.org> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-BeenThere: development@lists.ipfire.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: IPFire development talk <development.lists.ipfire.org> List-Unsubscribe: <https://lists.ipfire.org/mailman/options/development>, <mailto:development-request@lists.ipfire.org?subject=unsubscribe> List-Archive: <http://lists.ipfire.org/pipermail/development/> List-Post: <mailto:development@lists.ipfire.org> List-Help: <mailto:development-request@lists.ipfire.org?subject=help> List-Subscribe: <https://lists.ipfire.org/mailman/listinfo/development>, <mailto:development-request@lists.ipfire.org?subject=subscribe> Errors-To: development-bounces@lists.ipfire.org Sender: "Development" <development-bounces@lists.ipfire.org> |
| Series |
[01/12] location-functions.pl: Rename and set the location for exported databases to "/var/lib/location/ipset/".
|
|
Commit Message
Stefan Schantl
Feb. 14, 2022, 6:42 p.m. UTC
This helper function is used to load a previously exported list of
networks for a given country code into the ipset module, so it can be
used for any kind of firewall rules.
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
---
config/firewall/rules.pl | 7 +++++++
1 file changed, 7 insertions(+)
Comments
Reviewed-by: Peter Müller <peter.mueller@ipfire.org> > This helper function is used to load a previously exported list of > networks for a given country code into the ipset module, so it can be > used for any kind of firewall rules. > > Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org> > --- > config/firewall/rules.pl | 7 +++++++ > 1 file changed, 7 insertions(+) > > diff --git a/config/firewall/rules.pl b/config/firewall/rules.pl > index da01b8775..5b1153b08 100644 > --- a/config/firewall/rules.pl > +++ b/config/firewall/rules.pl > @@ -888,3 +888,10 @@ sub firewall_is_in_subnet { > > return 0; > } > + > +sub ipset_restore ($) { > + my ($ccode) = @_; > + > + # Run ipset and restore the list of the given country code. > + run("$IPSET restore < $Location::Functions::ipset_db_directory/$ccode.ipset4"); > +}
Reviewed-by: Michael Tremer <michael.tremer@ipfire.org> > On 14 Feb 2022, at 18:42, Stefan Schantl <stefan.schantl@ipfire.org> wrote: > > This helper function is used to load a previously exported list of > networks for a given country code into the ipset module, so it can be > used for any kind of firewall rules. > > Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org> > --- > config/firewall/rules.pl | 7 +++++++ > 1 file changed, 7 insertions(+) > > diff --git a/config/firewall/rules.pl b/config/firewall/rules.pl > index da01b8775..5b1153b08 100644 > --- a/config/firewall/rules.pl > +++ b/config/firewall/rules.pl > @@ -888,3 +888,10 @@ sub firewall_is_in_subnet { > > return 0; > } > + > +sub ipset_restore ($) { > + my ($ccode) = @_; > + > + # Run ipset and restore the list of the given country code. > + run("$IPSET restore < $Location::Functions::ipset_db_directory/$ccode.ipset4"); > +} > -- > 2.30.2 >
diff --git a/config/firewall/rules.pl b/config/firewall/rules.pl index da01b8775..5b1153b08 100644 --- a/config/firewall/rules.pl +++ b/config/firewall/rules.pl @@ -888,3 +888,10 @@ sub firewall_is_in_subnet { return 0; } + +sub ipset_restore ($) { + my ($ccode) = @_; + + # Run ipset and restore the list of the given country code. + run("$IPSET restore < $Location::Functions::ipset_db_directory/$ccode.ipset4"); +}