mirror of
https://github.com/firehol/firehol.git
synced 2024-06-28 18:02:33 +00:00
Convert update-ipsets to new command system
This commit is contained in:
Phil Whineray
parent
09cf465d2a
commit
1ea9a58bd4
12
configure.ac
12
configure.ac
@ -62,28 +62,34 @@ fi
|
||||
FIREHOL_CONFIG_DIR=$(eval echo "$sysconfdir/firehol" | sed -e 's|^NONE|/usr/local|')
|
||||
AC_SUBST(FIREHOL_CONFIG_DIR)
|
||||
|
||||
AX_CHECK_PROG([ADNSHOST], [adnshost], [])
|
||||
AX_CHECK_PROG([AGGREGATE], [aggregate], [])
|
||||
AX_CHECK_PROG([AGGREGATE], [aggregate-flim], [])
|
||||
AX_NEED_PROG([AGGREGATE], [cat], [])
|
||||
AX_NEED_PROG([CAT], [cat], [])
|
||||
AX_NEED_PROG([TAIL], [tail], [])
|
||||
AX_NEED_PROG([CHMOD], [chmod], [])
|
||||
AX_NEED_PROG([CHOWN], [chown], [])
|
||||
AX_NEED_PROG([CP], [cp], [])
|
||||
AX_NEED_PROG([CURL], [curl], [])
|
||||
AX_NEED_PROG([CUT], [cut], [])
|
||||
AX_NEED_PROG([DATE], [date], [])
|
||||
AX_NEED_PROG([DIFF], [diff], [])
|
||||
AX_NEED_PROG([DIRNAME], [dirname], [])
|
||||
AX_NEED_PROG([ENV], [env], [])
|
||||
AX_NEED_PROG([EXPR], [expr], [])
|
||||
AX_NEED_PROG([FIND], [find], [])
|
||||
AX_NEED_PROG([FLOCK], [flock], [])
|
||||
AX_NEED_PROG([FOLD], [fold], [])
|
||||
AX_NEED_PROG([FUNZIP], [funzip], [])
|
||||
AX_CHECK_PROG([GAWK], [gawk], [])
|
||||
AX_CHECK_PROG([GAWK], [mawk], [])
|
||||
AX_CHECK_PROG([GAWK], [nawk], [])
|
||||
AX_NEED_PROG([GAWK], [awk], [])
|
||||
AX_NEED_GREP()
|
||||
AX_CHECK_PROG([GIT], [git], [])
|
||||
AX_NEED_EGREP()
|
||||
AX_NEED_PROG([HEAD], [head], [])
|
||||
AX_NEED_PROG([HOST], [host], [])
|
||||
AX_NEED_PROG([HOSTNAME_CMD], [hostname], [])
|
||||
AX_CHECK_PROG([MODPROBE], [modprobe], [-q], [$PATH:/sbin:/usr/sbin])
|
||||
AX_NEED_PROG([MODPROBE], [insmod], [], [$PATH:/sbin:/usr/sbin])
|
||||
@ -107,6 +113,7 @@ AX_CHECK_PROG([PAGER], [pager], [])
|
||||
AX_CHECK_PROG([PAGER], [less], [])
|
||||
AX_CHECK_PROG([PAGER], [more], [])
|
||||
AX_NEED_PROG([PAGER], [cat], [])
|
||||
AX_CHECK_PROG([PV], [pv], [])
|
||||
AX_CHECK_PROG([RENICE], [renice], [])
|
||||
AX_NEED_PROG([RM], [rm], [])
|
||||
AX_NEED_SED()
|
||||
@ -115,11 +122,12 @@ AX_NEED_PROG([SORT], [sort], [])
|
||||
AX_NEED_PROG([SLEEP], [sleep], [])
|
||||
AX_NEED_PROG([SS], [ss], [])
|
||||
AX_NEED_PROG([SYSCTL], [sysctl], [], [$PATH:/sbin:/usr/sbin])
|
||||
AX_NEED_PROG([TAIL], [tail], [])
|
||||
AX_NEED_PROG([TOUCH], [touch], [])
|
||||
AX_NEED_PROG([TR], [tr], [])
|
||||
AX_NEED_PROG([UNAME], [uname], [])
|
||||
AX_NEED_PROG([UNIQ], [uniq], [])
|
||||
AX_CHECK_PROG([ZCAT], [zcat], [])
|
||||
AX_NEED_PROG([UNZIP], [unzip], [])
|
||||
AX_CHECK_PROG([ZCAT], [gzcat], [])
|
||||
AX_CHECK_PROG([ZCAT], [gunzip], [-c])
|
||||
AX_NEED_PROG([ZCAT], [gzip], [-d -c])
|
||||
|
||||
@ -65,9 +65,6 @@ fi
|
||||
# Files we will check in their entirety
|
||||
git show :ChangeLog > /tmp/staged-ChangeLog.$$
|
||||
git show :NEWS > /tmp/staged-NEWS.$$
|
||||
git show :sbin/firehol.in > /tmp/staged-sbin-firehol.in$$
|
||||
git show :sbin/fireqos.in > /tmp/staged-sbin-fireqos.in$$
|
||||
git show :sbin/link-balancer.in > /tmp/staged-sbin-link-balancer.in$$
|
||||
git show :configure.ac > /tmp/staged-configure.ac$$
|
||||
|
||||
status=0
|
||||
@ -98,6 +95,14 @@ fi
|
||||
|
||||
check_commands() {
|
||||
local status=0
|
||||
|
||||
if [ -z "$(git diff --cached $against -- sbin/$1)" ]
|
||||
then
|
||||
# No change so do not check, to reduce overhead
|
||||
return 0
|
||||
fi
|
||||
|
||||
git show :sbin/$1 > /tmp/staged-sbin-${1}$$
|
||||
# Find commands that have been enclosed in quotes and remove anything after
|
||||
# if nothing matched the substitution, proceed to the next line
|
||||
# if the command is used in a -z check, proceed to the next line
|
||||
@ -116,7 +121,7 @@ check_commands() {
|
||||
if [ -s /tmp/staged-problem-lines.$$ ]
|
||||
then
|
||||
status=1
|
||||
echo "Detected use(s) of '${SOMETHING_CMD}' in ${1}. Check lines:"
|
||||
echo "Detected use(s) of \"\${SOMETHING_CMD}\" in ${1}. Check lines:"
|
||||
cat /tmp/staged-problem-lines.$$
|
||||
fi
|
||||
|
||||
@ -168,6 +173,7 @@ check_commands() {
|
||||
check_commands firehol.in || status=1
|
||||
check_commands fireqos.in || status=1
|
||||
check_commands link-balancer.in || status=1
|
||||
check_commands update-ipsets.in || status=1
|
||||
|
||||
rm -f /tmp/staged-*.$$
|
||||
|
||||
|
||||
@ -1026,7 +1026,7 @@ N|IP6TABLES_RESTORE_CMD|@IP6TABLES_RESTORE@|ip6tables-restore
|
||||
Y|PAGER_CMD|@PAGER@|less more pager cat
|
||||
Y|RENICE_CMD|@RENICE@|renice :
|
||||
Y|STTY_CMD|@STTY@|stty :
|
||||
N|ZCAT_CMD|@ZCAT@|zcat gzcat "gzip -dc"
|
||||
N|ZCAT_CMD|@ZCAT@|gzcat "gzip -dc"
|
||||
N|MODPROBE_CMD|@MODPROBE@|'modprobe -q' insmod
|
||||
N|IP_CMD|@IP@|ip
|
||||
N|SS_CMD|@SS@|ss
|
||||
|
||||
File diff suppressed because it is too large
Load Diff
@ -27,8 +27,10 @@ then
|
||||
haderror="Y"
|
||||
fi
|
||||
|
||||
if [ ! -x ../sbin/iprange ]
|
||||
if [ -x ../sbin/iprange ]
|
||||
then
|
||||
iprange_path="$(cd ../sbin; pwd)/iprange"
|
||||
else
|
||||
echo "Executable ../sbin/iprange program not found (was it built yet?)"
|
||||
echo ""
|
||||
haderror="Y"
|
||||
@ -122,7 +124,7 @@ then
|
||||
|
||||
# Check it all worked
|
||||
cat /proc/net/ip_tables_names > /dev/null || exit 1
|
||||
mkdir /var/run/firehol/haveperms || exit 1
|
||||
mkdir /var/run/firehol/webdir || exit 1
|
||||
echo "Running in separate namespace"
|
||||
ip link add veth0 type veth peer name veth1
|
||||
shift
|
||||
@ -300,6 +302,9 @@ do
|
||||
vnetbuild*)
|
||||
program=vnetbuild
|
||||
;;
|
||||
update-ipsets*)
|
||||
program=update-ipsets
|
||||
;;
|
||||
*)
|
||||
program=
|
||||
;;
|
||||
@ -327,15 +332,19 @@ do
|
||||
# the unit tests set PATH to empty so we must use the explicit one
|
||||
# - iprange because we want to test with the local version
|
||||
# - logger so we get e.g. panics in our logs, not on the system console
|
||||
# - LB_RUN_DIR + FIREQOS_LOCK_FILE + FIREQOS_DIR - keep within our mounts
|
||||
# - LB_RUN_DIR + FIREQOS_LOCK_FILE + FIREQOS_DIR + RUN_PARENT_DIR
|
||||
# keep within our mounts
|
||||
# - PATH reset to ensure it is off (some programs reset it)
|
||||
cat > /etc/firehol/firehol-defaults.conf <<-!
|
||||
EGREP_CMD='/bin/grep -E'
|
||||
IPRANGE_CMD='${TESTDIR}../sbin/iprange'
|
||||
IPRANGE_CMD='$iprange_path'
|
||||
LOGGER_CMD='/bin/echo logger:'
|
||||
LB_RUN_DIR=/var/run/firehol/link-balancer
|
||||
FIREQOS_DIR=/var/run/firehol/fireqos
|
||||
FIREQOS_LOCK_FILE=/var/run/firehol/fireqos.lock
|
||||
UPDATE_IPSETS_LOCK_FILE=/var/run/firehol/update-ipsets.lock
|
||||
RUN_PARENT_DIR=/var/run/firehol
|
||||
WEB_DIR=/var/run/firehol/webdir
|
||||
export PATH=
|
||||
!
|
||||
|
||||
@ -361,8 +370,8 @@ do
|
||||
PATH= $kcov "$script" "$conf" start > "$runlog" 2>&1 < /dev/null
|
||||
status=$?
|
||||
;;
|
||||
link-balancer)
|
||||
cp "$conf" /etc/firehol/link-balancer.conf
|
||||
link-balancer|update-ipsets)
|
||||
cp "$conf" /etc/firehol/${program}.conf
|
||||
$kcov "$script" > "$runlog" 2>&1 < /dev/null
|
||||
status=$?
|
||||
;;
|
||||
@ -381,7 +390,7 @@ do
|
||||
then
|
||||
errors=$((errors + 1))
|
||||
echo "Unexpected run error - check $runlog"
|
||||
elif grep -q 'in: line [0-9]*:' "$runlog"
|
||||
elif grep -q '\.in: line [0-9]*:' "$runlog"
|
||||
then
|
||||
errors=$((errors + 1))
|
||||
echo "Unexpected runtime errors - check $runlog"
|
||||
|
||||
1
unittest/update-ipsets/README
Normal file
1
unittest/update-ipsets/README
Normal file
@ -0,0 +1 @@
|
||||
update-ipsets unit tests belong here
|
||||
0
unittest/update-ipsets/basic/no-setup.conf
Normal file
0
unittest/update-ipsets/basic/no-setup.conf
Normal file
10
unittest/update-ipsets/basic/no-setup.run.sh
Executable file
10
unittest/update-ipsets/basic/no-setup.run.sh
Executable file
@ -0,0 +1,10 @@
|
||||
#!/bin/sh
|
||||
|
||||
$kcov $script
|
||||
status=$?
|
||||
if [ $status -eq 0 ]
|
||||
then
|
||||
exit 0
|
||||
fi
|
||||
echo "Status: $status"
|
||||
exit 1
|
||||
Loading…
Reference in New Issue
Block a user