Révision 844bed17
Ajouté par Thomas Noël il y a plus de 9 ans
usr/local/univnautes/sp/update-whitelists.sh | ||
---|---|---|
22 | 22 |
## real start |
23 | 23 |
|
24 | 24 |
log() { |
25 |
logger -p local4.info -t update-whitelist "$*"
|
|
25 |
logger -p local4.info -t sp/update-whitelists "$*"
|
|
26 | 26 |
} |
27 | 27 |
|
28 | 28 |
rm -rf $WLDIR |
... | ... | |
51 | 51 |
fi |
52 | 52 |
done |
53 | 53 |
|
54 |
# concat all whitelists |
|
54 | 55 |
cat $WLDIR/*/whitelist | \ |
55 | 56 |
grep -v "\(^[[:space:]]*#\)\|\(^[[:space:]]*$\)" | \ |
56 | 57 |
tr -d ' ' | \ |
57 |
sed 's#\(^[^/]*$\)#\1/32#' > $WLDIR/all |
|
58 |
sed 's#\(^[^/]*$\)#\1/32#' | \ |
|
59 |
sort -u > $WLDIR/all |
|
58 | 60 |
|
59 |
# FIXME |
|
61 |
# computes differences between the whitelist and the actual ipfw table |
|
62 |
for ctx in $(/usr/local/sbin/ipfw_context -l | tail -n +2 | cut -f1 -d:); do |
|
63 |
WL=/var/tmp/ipfw-table42-$ctx |
|
64 |
/sbin/ipfw -x $ctx table 42 list | cut -f1 -d" " | sort -u > $WL-actual |
|
65 |
cat $WLDIR/all $WL-actual | sort | uniq -d > $WL-common |
|
66 |
cat $WLDIR/all $WL-common | sort | uniq -u > $WL-add |
|
67 |
cat $WL-actual $WL-common | sort | uniq -u > $WL-delete |
|
68 |
for i in `cat $WL-add` |
|
69 |
do |
|
70 |
log "$ctx: add $i" |
|
71 |
/sbin/ipfw -x $ctx -q table 42 add $i |
|
72 |
done |
|
73 |
for i in `cat $WL-delete` |
|
74 |
do |
|
75 |
log "$ctx: delete $i" |
|
76 |
/sbin/ipfw -x $ctx -q table 42 delete $i |
|
77 |
done |
|
78 |
done |
Formats disponibles : Unified diff
update-whitelists: use table 42