Révision 844bed17
Ajouté par Thomas Noël il y a plus de 9 ans
| usr/local/univnautes/sp/update-whitelists.sh | ||
|---|---|---|
| 22 | 22 |
## real start |
| 23 | 23 |
|
| 24 | 24 |
log() {
|
| 25 |
logger -p local4.info -t update-whitelist "$*"
|
|
| 25 |
logger -p local4.info -t sp/update-whitelists "$*"
|
|
| 26 | 26 |
} |
| 27 | 27 |
|
| 28 | 28 |
rm -rf $WLDIR |
| ... | ... | |
| 51 | 51 |
fi |
| 52 | 52 |
done |
| 53 | 53 |
|
| 54 |
# concat all whitelists |
|
| 54 | 55 |
cat $WLDIR/*/whitelist | \ |
| 55 | 56 |
grep -v "\(^[[:space:]]*#\)\|\(^[[:space:]]*$\)" | \ |
| 56 | 57 |
tr -d ' ' | \ |
| 57 |
sed 's#\(^[^/]*$\)#\1/32#' > $WLDIR/all |
|
| 58 |
sed 's#\(^[^/]*$\)#\1/32#' | \ |
|
| 59 |
sort -u > $WLDIR/all |
|
| 58 | 60 |
|
| 59 |
# FIXME |
|
| 61 |
# computes differences between the whitelist and the actual ipfw table |
|
| 62 |
for ctx in $(/usr/local/sbin/ipfw_context -l | tail -n +2 | cut -f1 -d:); do |
|
| 63 |
WL=/var/tmp/ipfw-table42-$ctx |
|
| 64 |
/sbin/ipfw -x $ctx table 42 list | cut -f1 -d" " | sort -u > $WL-actual |
|
| 65 |
cat $WLDIR/all $WL-actual | sort | uniq -d > $WL-common |
|
| 66 |
cat $WLDIR/all $WL-common | sort | uniq -u > $WL-add |
|
| 67 |
cat $WL-actual $WL-common | sort | uniq -u > $WL-delete |
|
| 68 |
for i in `cat $WL-add` |
|
| 69 |
do |
|
| 70 |
log "$ctx: add $i" |
|
| 71 |
/sbin/ipfw -x $ctx -q table 42 add $i |
|
| 72 |
done |
|
| 73 |
for i in `cat $WL-delete` |
|
| 74 |
do |
|
| 75 |
log "$ctx: delete $i" |
|
| 76 |
/sbin/ipfw -x $ctx -q table 42 delete $i |
|
| 77 |
done |
|
| 78 |
done |
|
Formats disponibles : Unified diff
update-whitelists: use table 42