ebtables-restore

   1 #!/usr/bin/perl -w
   2 #
   3 #
   4 # A script that imports text ebtables rules. Similar to iptables-restore.
   5 # It can be used to restore configuration from /etc/sysconfig/ebtables.
   6 #
   7
   8 use strict;
   9 my $ebtables = "__EXEC_PATH__/ebtables";
  10 my $table = "";
  11 my $rc;
  12 my $child;
  13 my $line;
  14
  15 # ==============================
  16 # Check table
  17 # Creates user chains.
  18 # ==============================
  19 sub check_chain {
  20     if ($table eq "filter") {
  21         if ($_[1] eq "INPUT") { return; }
  22         if ($_[1] eq "FORWARD") { return; }
  23         if ($_[1] eq "OUTPUT") { return; }
  24     }
  25     if ($table eq "nat") {
  26         if ($_[1] eq "PREROUTING") { return; }
  27         if ($_[1] eq "POSTROUTING") { return; }
  28         if ($_[1] eq "OUTPUT") { return; }
  29     }
  30     if ($table eq "broute") {
  31         if ($_[1] eq "BROUTING") { return; }
  32     }
  33     $rc = `$ebtables -t $_[0] -N $_[1]`;
  34     unless($? == 0) {print "ERROR: $rc\n"; exit -1};
  35 }
  36 # ==============================
  37
  38 if (-x "__EXEC_PATH__/ebtablesd" && -x "__EXEC_PATH__/ebtablesu") {
  39     `killall ebtablesd 2>/dev/null`;
  40     $child = fork();
  41     if ($child == 0) {
  42         $rc = `__EXEC_PATH__/ebtablesd`;
  43         if (!($rc eq "")) {
  44             exit -1;
  45         }
  46         exit 0;
  47     }
  48     $ebtables = "__EXEC_PATH__/ebtablesu";
  49     while (!(-e "__PIPE__")) {
  50         if ((kill 0) < $child) {
  51             exit -1;
  52         }
  53     }
  54 } else {
  55     unless (-x $ebtables) { print "ERROR: $ebtables isn't executable\n"; exit -1; };
  56 }
  57
  58 $line = 0;
  59 while(<>) {
  60     $line++;
  61     if(m/^#/) { next; };
  62     if(m/^$/) { next; };
  63     if ($ebtables eq "__EXEC_PATH__/ebtablesu") {
  64         if ((kill 0) < $child) {
  65             exit -1;
  66         }
  67     }
  68     if(m/^\*(.*)/) {
  69         if (!($table eq "")) {
  70             if (!defined($ENV{'EBTABLES_SAVE_COUNTER'}) || !($ENV{'EBTABLES_SAVE_COUNTER'} eq "yes")) {
  71                 $rc = `$ebtables -t $table -Z`;
  72                 unless($? == 0) {print "ERROR: $rc\n"; exit -1};
  73             }
  74             if ($ebtables eq "__EXEC_PATH__/ebtablesu") {
  75                 $rc = `$ebtables commit $table`;
  76                 $rc = `$ebtables free $table`;
  77                 unless($? == 0) {print "ERROR: $rc\n"; exit -1};
  78            }
  79         }
  80         $table = $1;
  81         if ($ebtables eq "__EXEC_PATH__/ebtablesu") {
  82             $rc = `$ebtables open $table`;
  83             unless($? == 0) {print "ERROR: $rc\n"; exit -1};
  84             $rc = `$ebtables -F`;
  85             unless($? == 0) {print "ERROR: $rc\n"; exit -1};
  86         } else {
  87             $rc = `$ebtables -t filter --init-table`;
  88             unless($? == 0) {print "ERROR: $rc\n"; exit -1};
  89         }
  90         next;
  91     }
  92     if(m/^\:(.*?)\s(.*)/) {
  93         &check_chain($table,$1);
  94         $rc = `$ebtables -t $table -P $1 $2`;
  95         unless($? == 0) {print "ERROR(line $line): $rc\n"; exit -1};
  96         next;
  97     }
  98     $rc = `$ebtables -t $table $_`;
  99     unless($? == 0) {print "ERROR(line $line): $rc\n"; exit -1};
 100 }
 101
 102 if (!($table eq "")) {
 103     if (!defined($ENV{'EBTABLES_SAVE_COUNTER'}) || !($ENV{'EBTABLES_SAVE_COUNTER'} eq "yes")) {
 104         $rc = `$ebtables -t $table -Z`;
 105         unless($? == 0) {print "ERROR: '-t $table -Z' failed\n"; exit -1};
 106     }
 107     if ($ebtables eq "__EXEC_PATH__/ebtablesu") {
 108         $rc = `$ebtables commit $table`;
 109         unless($? == 0) {print "ERROR: $rc\n"; exit -1};
 110     }
 111 }
 112
 113 if ($ebtables eq "__EXEC_PATH__/ebtablesu") {
 114     $rc = `$ebtables quit`;
 115     unless($? == 0) {print "ERROR: $rc\n"; exit -1};
 116     waitpid($child,0);
 117     exit 0;
 118 }