Projekt

Obecné

Profil

« Předchozí | Další » 

Revize 873

Přidáno uživatelem Jiří Sviták před více než 13 roky(ů)

Pridan skript pro nove presmerovani, ktery ma byt spousten cronem na centralni brane. Optimalizace aktivace presmerovani u preruseni clenstvi. Dalsi vylepseni presmerovani.

Zobrazit rozdíly:

freenetis/branches/redirection/application/helpers/redirect.php
<?php defined('SYSPATH') or die('No direct script access.');
/**
*
* @package Redirect helper
* @author Jiri Svitak
*/
class redirect_Core
{
/**
* Replaces special tags in curly brackets {tag} by value associated to target's member IP address.
* Unknown values for tags are replaced by question mark ?.
* @author Jiri Svitak
* @param $text Input HTML stream.
* @param $ip_address Based on given IP address, dependent information in database is searched.
* @return unknown_type Output HTML stream.
*/
static function replace($text, $ip_address)
{
$ip = ORM::factory('ip_address')->where('ip_address', $ip_address)->find();
// other information dependent on IP address registered in database
if (!$ip->id)
{
$member_name = '???';
$variable_symbol = '???';
$current_credit = '???';
}
else
{
// member properties
$member_name = $ip->iface->device->user->member->name;
$variable_symbol = $ip->iface->device->user->member->variable_symbol;
// current credit
$account_balance = ORM::factory('account_balance')->where('member_id', $ip->iface->device->user->member_id)->find();
$current_credit = $account_balance->balance;
// count payment amount to end of year
}
// subnet name
$subnet_model = new Subnet_Model();
$subnet = $subnet_model->get_subnet_of_ip_address($ip_address);
if (!$subnet->id)
{
$subnet_name = '???';
}
else
{
$subnet_name = $subnet->name;
}
// ip address
$text = str_replace('{ip_address}', $ip_address, $text);
// subnet name
$text = str_replace('{subnet_name}', $subnet_name, $text);
// member name
$text = str_replace('{member_name}', $member_name, $text);
// variable symbol of member
$text = str_replace('{variable_symbol}', $variable_symbol, $text);
// current credit
$text = str_replace('{current_credit}', $current_credit, $text);
return $text;
}
/**
* Updates static html file with redirection message.
* @param $ip_address
* @return unknown_type
*/
static function update($ip_address, $contact, $content, $footer)
{
// html code to contact
$to_contact =
'<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<?php // useful settings for expiration prevent caching of this website ?>
<meta http-equiv="Expires" content="0" />
<meta http-equiv="Cache-Control" content="No-Cache" />
<title>'.url_lang::lang('texts.Redirection').'</title>
'.str_replace('https', 'http', html::stylesheet('media/css/style.css', 'screen')).'
<style type="text/css">
#content-padd h2 {margin: 10px 0px;}
#content-padd h3 {margin: 10px 0px;}
#content-padd li {margin-left: 20px;}
#content-padd a {font-weight: bold;}
td {width: 100px;}
</style>
</head>
<body>
<div id="main">
<div id="header">
<h1 id="logo"><span>Freenetis</span></h1>
<div class="status">
</div>
<div class="map"></div>
</div>
<div id="middle">
<div id="menu">
<div id="menu-padd">';
// html code to content
$to_content =
' </div>
</div>
<div id="content">
<div id="content-padd" style="margin:10px">';
// html code to footer
$to_footer =
' </div>
</div>
<div class="clear"></div>
</div>
<div id="footer">
<div id="footer-padd" style="text-align:center;">';
// html code after footer
$after_footer =
' </div>
</div>
</div>
</body>
</html>';
// generate page
$page = $to_contact.$contact.$to_content.$content.$to_footer.$footer.$after_footer;
// save page to file
$filename = $ip_address.'.html';
$file = fopen('static/'.$filename,'w+');
fputs($file, $page);
fclose($file);
}
}
freenetis/branches/redirection/application/models/ip_address.php
function get_ip_addresses_with_interrupted_membership()
{
return $this->db->query("
SELECT ip.id, ip.ip_address, ip.whitelisted
SELECT ip.id, ip.ip_address, ip.whitelisted, s.name AS subnet_name, m.name AS member_name,
m.variable_symbol, a.balance
FROM ip_addresses ip
JOIN ifaces i ON i.id = ip.iface_id
JOIN devices d ON d.id = i.device_id
JOIN users u ON u.id = d.user_id
JOIN members m ON m.id = u.member_id
JOIN members m ON m.id = u.member_id AND m.id <> 1
JOIN membership_interrupts mi ON mi.member_id = m.id
WHERE mi.from <= CURDATE() AND CURDATE() <= mi.to
JOIN members_fees mf ON mi.members_fee_id = mf.id
JOIN fees f ON f.id = mf.fee_id
JOIN subnets s ON s.id = ip.subnet_id
JOIN accounts a ON a.member_id = m.id
WHERE mf.activation_date <= CURDATE() AND CURDATE() <= mf.deactivation_date AND f.special_type_id = ".Fee_Model::$membership_interrupt."
");
}
freenetis/branches/redirection/application/controllers/web_interface.php
}
}
/**
* Method used for exchange of synchronization status between Freenetis and central router.
* @author Jiri Svitak
* @param $synchronized
* @return unknown_type
*/
/*
function synchronized($synchronized = null)
{
// test if central router has send information about its synchronization status
// if necessary update synchronization status in Freenetis
if (isset($synchronized))
{
// synchronization is necessary
if ($synchronized == 0)
{
}
}
// if central router has not set anything, then this method returns synchronization status of Freenetis
else
{
}
}
*/
// asi neni nutne resit posilani zpravy z centralniho routeru, proste kdyz jsem prijde, tak je synchornizovany
function synchronized()
freenetis/branches/redirection/application/controllers/messages.php
$view->title = $headline;
$view->content = new View('show_all');
$view->content->headline = $headline;
$view->content->message = $this->session->get_once('message');
$view->content->table = $grid;
$view->render(TRUE);
}
......
if($form->validate())
{
$form_data = $form->as_array();
$message->name = $form_data['name'];
if ($message->type == 0)
{
$message->name = $form_data['name'];
}
if ($message->type == Message_Model::$user_message ||
$message->type == Message_Model::$interrupted_membership_message ||
$message->type == Message_Model::$debtor_message ||
......
}
$message->text = $form_data['text'];
unset($form_data);
// saving message and refreshing all static pages with this message
// saving message
if ($message->save())
{
$this->session->set_flash('message', url_lang::lang('texts.Message has been successfully updated.'));
// after successful update of message in database is necessary to change content of static html pages of message
$db = new Database();
// update of unknown device page
if ($message->type == Message_Model::$unknown_device_message)
{
Redirect_Controller::update('unknown_device_message');
}
// update of cancel message page
elseif ($message->type == Message_Model::$cancel_message)
{
Redirect_Controller::update('cancel_message');
}
// update of contact information, it means that all messages have to be updated
elseif ($message->type == Message_Model::$contact_information)
{
Redirect_Controller::update('unknown_device_message');
Redirect_Controller::update('cancel_message');
//$ips = $db->query("SELECT ip.ip_address FROM ip_addresses ip JOIN messages_ip_addresses mip ON mip.ip_address_id = ip.id");
$ips = $db->select('ip_address')->from('ip_addresses')
->join('messages_ip_addresses', 'ip_addresses.id', 'messages_ip_addresses.ip_address_id', 'INNER')->get();
foreach($ips as $ip)
{
Redirect_Controller::update($ip->ip_address);
}
}
elseif ($message->type == Message_Model::$user_message ||
$message->type == Message_Model::$interrupted_membership_message ||
$message->type == Message_Model::$debtor_message ||
$message->type == Message_Model::$payment_notice_message)
{
$ips = $db->select('ip_address')->from('ip_addresses')
->join('messages_ip_addresses', 'ip_addresses.id', 'messages_ip_addresses.ip_address_id', 'INNER')
->where("message_id=$message_id")->get();
foreach($ips as $ip)
{
Redirect_Controller::update($ip->ip_address);
}
}
}
else
{
......
*/
function update($message_id)
{
$db = new Database();
// preparation
$message = new Message_Model($message_id);
$ip_model = new Ip_address_Model();
// boundary credit status
$debtor_boundary = $this->settings->get('debtor_boundary');
// boundary credit status
$payment_notice_boundary = $this->settings->get('payment_notice_boundary');
if ($message->type == Message_Model::$interrupted_membership_message)
$user_id = $this->session->get('user_id');
$datetime = date('Y-m-d H:i:s');
$db = new Message_Model();
$database = new Database();
// contact information
$contact_message = ORM::factory('message')->where(array('type' => Message_Model::$contact_information))->find();
$contact = $contact_message->text;
//try
{
// find IP addresses with interrupted membership
$ips = $ip_model->get_ip_addresses_with_interrupted_membership();
// delete old redirections
$db->delete('messages_ip_addresses', array('message_id' => $message_id));
// set new redirections in junction table
foreach($ips as $ip)
// choose which message to update
switch($message->type)
{
if (!$ip->whitelisted)
{
$db->insert('messages_ip_addresses',
array('ip_address_id' => $ip->id, 'message_id' => $message_id, 'datetime' => date('Y-m-d H:i:s')));
Redirect_Controller::update($ip->ip_address);
}
case Message_Model::$interrupted_membership_message:
//$db->transaction_start();
// delete old redirections
$database->delete('messages_ip_addresses', array('message_id' => $message_id));
// find IP addresses with interrupted membership
$ips = $ip_model->get_ip_addresses_with_interrupted_membership();
// message text
$content = $message->text;
// first sql for inserting transfers
$sql_insert = "INSERT INTO messages_ip_addresses (message_id, ip_address_id, user_id, comment, datetime) VALUES ";
$values = array();
// set new redirections in junction table
foreach($ips as $ip)
{
if (!$ip->whitelisted)
{
// replace special tags
foreach ($ip as $key => $value)
{
$content = str_replace('{'.$key.'}', $value, $content);
}
redirect::update($ip->ip_address, $contact, $content, '');
// insert values
$values[] = "($message->id, $ip->id, $user_id, '', '$datetime')";
}
}
$sql_insert .= implode(",", $values);
if (!$database->query($sql_insert))
throw new Exception();
break;
case Message_Model::$debtor_message:
// boundary credit status
$debtor_boundary = $this->settings->get('debtor_boundary');
if (empty($debtor_boundary))
{
$this->session->set_flash('message', url_lang::lang('texts.Error - debtor credit boundary has not been set.'));
url::redirect(url_lang::base().'messages/show_all');
}
// delete old redirections
$db->delete('messages_ip_addresses', array('message_id' => $message_id));
// finding IP addresses to redirect to debtor message
$ips = $ip_model->get_ip_addresses_of_debtors($debtor_boundary);
// set new redirections in junction table
foreach($ips as $ip)
{
if (!$ip->whitelisted)
{
$db->insert('messages_ip_addresses',
array('ip_address_id' => $ip->id, 'message_id' => $message_id, 'datetime' => date('Y-m-d H:i:s')));
Redirect_Controller::update($ip->ip_address);
}
}
break;
case Message_Model::$payment_notice_message:
// boundary credit status
$payment_notice_boundary = $this->settings->get('payment_notice_boundary');
if (empty($payment_notice_boundary))
{
$this->session->set_flash('message', url_lang::lang('texts.Error - payment notice credit boundary has not been set.'));
url::redirect(url_lang::base().'messages/show_all');
}
// delete old redirections
$db->delete('messages_ip_addresses', array('message_id' => $message_id));
// find ip addresses to redirect to payment notice message
// set new redirections in junction table
foreach($ips as $ip)
{
if (!$ip->whitelisted)
{
$db->insert('messages_ip_addresses',
array('ip_address_id' => $ip->id, 'message_id' => $message_id, 'datetime' => date('Y-m-d H:i:s')));
Redirect_Controller::update($ip->ip_address);
}
}
break;
default:
Controller::warning(PARAMETER);
}
//$db->transaction_commit();
$this->session->set_flash('message', url_lang::lang('texts.Redirection has been successfully set.'));
url::redirect(url_lang::base().'messages/show_all');
}
elseif ($message->type == Message_Model::$debtor_message)
/*
catch (Exception $e)
{
if (empty($debtor_boundary))
{
$this->session->set_flash('message', url_lang::lang('texts.Error - debtor credit boundary has not been set.'));
url::redirect(url_lang::base().'messages/show_all');
}
// finding IP addresses to redirect to debtor message
$ips = $ip_model->get_ip_addresses_of_debtors($debtor_boundary);
// delete old redirections
$db->delete('messages_ip_addresses', array('message_id' => $message_id));
// set new redirections in junction table
foreach($ips as $ip)
{
if (!$ip->whitelisted)
{
$db->insert('messages_ip_addresses',
array('ip_address_id' => $ip->id, 'message_id' => $message_id, 'datetime' => date('Y-m-d H:i:s')));
Redirect_Controller::update($ip->ip_address);
}
}
$db->transaction_rollback();
$this->session->set_flash('message', url_lang::lang('texts.Error - cannot set redirection.'));
url::redirect(url_lang::base().'messages/show_all');
}
elseif ($message->type == Message_Model::$payment_notice_message)
{
if (empty($payment_notice_boundary))
{
$this->session->set_flash('message', url_lang::lang('texts.Error - payment notice credit boundary has not been set.'));
url::redirect(url_lang::base().'messages/show_all');
}
// finding IP addresses to redirect to debtor message
/* @todo account_balances absolete
$ips = $db->query("
SELECT ip.id, ip.ip_address, ip.whitelisted
FROM ip_addresses ip
JOIN ifaces i ON i.id = ip.iface_id
JOIN devices d ON d.id = i.device_id
JOIN users u ON u.id = d.user_id
JOIN members m ON m.id = u.member_id
JOIN account_balances ab ON ab.member_id = m.id AND m.id <> 1
WHERE ab.balance < $payment_notice_boundary AND ab.balance >= $debtor_boundary
");
*/
// delete old redirections
$db->delete('messages_ip_addresses', array('message_id' => $message_id));
// set new redirections in junction table
foreach($ips as $ip)
{
if (!$ip->whitelisted)
{
$db->insert('messages_ip_addresses',
array('ip_address_id' => $ip->id, 'message_id' => $message_id, 'datetime' => date('Y-m-d H:i:s')));
Redirect_Controller::update($ip->ip_address);
}
}
}
else
{
Controller::warning(PARAMETER);
}
$this->session->set_flash('message', url_lang::lang('texts.Redirection has been successfully set.'));
url::redirect(url_lang::base().'messages/show_all');
*/
}
}
freenetis/branches/redirection/application/controllers/redirect.php
/**
* Updates static html file with redirection message.
* @param $ip_address
* @return unknown_type
*/
static function update($ip_address)
{
$page = file_get_contents(url_lang::base().'web_interface/redirect_content/'.$ip_address);
$filename = $ip_address.'.html';
$file = fopen('static/'.$filename,'w+');
fputs($file, $page);
fclose($file);
}
/**
* Replaces special tags in curly brackets {tag} by value associated to target's member IP address.
* Unknown values for tags are replaced by question mark ?.
* @author Jiri Svitak
* @param $text Input HTML stream.
* @param $ip_address Based on given IP address, dependent information in database is searched.
* @return unknown_type Output HTML stream.
*/
static function replace($text, $ip_address)
{
$ip = ORM::factory('ip_address')->where('ip_address', $ip_address)->find();
// other information dependent on IP address registered in database
if (!$ip->id)
{
$member_name = '???';
$variable_symbol = '???';
$current_credit = '???';
}
else
{
// member properties
$member_name = $ip->iface->device->user->member->name;
$variable_symbol = $ip->iface->device->user->member->variable_symbol;
// current credit
$account_balance = ORM::factory('account_balance')->where('member_id', $ip->iface->device->user->member_id)->find();
$current_credit = $account_balance->balance;
// count payment amount to end of year
}
// subnet name
$subnet_model = new Subnet_Model();
$subnet = $subnet_model->get_subnet_of_ip_address($ip_address);
if (!$subnet->id)
{
$subnet_name = '???';
}
else
{
$subnet_name = $subnet->name;
}
// ip address
$text = str_replace('{ip_address}', $ip_address, $text);
// subnet name
$text = str_replace('{subnet_name}', $subnet_name, $text);
// member name
$text = str_replace('{member_name}', $member_name, $text);
// variable symbol of member
$text = str_replace('{variable_symbol}', $variable_symbol, $text);
// current credit
$text = str_replace('{current_credit}', $current_credit, $text);
return $text;
}
/**
* This is the address where are members of network redirected to.
freenetis/branches/redirection/scripts/frnts_synchronization.sh
#! /bin/bash
##################################################################################
# #
# This script serves for redirection ip policy of IS FreeNetIS #
# #
# auhtor Sevcik Roman 2011 #
# email sevcik.roman@slfree.net #
# #
# name frnts_synchronization.sh #
# version 1.9 #
# #
##################################################################################
#Local variable contains path to iptables - mandatory
IPTABLES=/sbin/iptables
#Local variable contains ip address useful for self-canceling. More infos in doc
IP_TARGET=212.111.4.121
#Local variable contains port number to be redirect from - mandatory
PORT_WEB=80
#Local variable contains port number to be redirect to - mandatory
PORT_REDIRECT=36000
#URL of pages which we need to dowload from freenetis.
#SET_URL_RANGES - contains list of CIDR networks (e.g. 192.160.0/23) which we can regirect
#SET_URL_WHITELIST - contains list of "whitelisted" IP addresses of members will not be redirect. Never
#SET_URL_ALLOWED - contains list of IP allowed adresses will not be redirect
#SET_URL_SELF_CANCEL - contains list of IP adresses which can disable redirection itself
#SET_URL_SEEN - ulpoads list of IP adresses which have already disabled redirection itsef
#SET_URL_RANGES=http://<hostname>/cs/web_interface/redirected_ranges
#SET_URL_WHITELIST=http://<hostname>/cs/web_interface/whitelist
#SET_URL_ALLOWED=http://<hostname>/cs/web_interface/allowed_ip_addresses
#SET_URL_SELF_CANCEL=http://<hostname>/cs/web_interface/self_cancelable_ip_addresses
#SET_URL_SEEN=http://<hostname>/cs/web_interface/already_seen
SET_URL_RANGES=http://10.144.0.1:8080/ranges
SET_URL_WHITELIST=http://10.144.0.1:8080/whitelist
SET_URL_ALLOWED=http://10.144.0.1:8080/allowed
SET_URL_SELF_CANCEL=http://10.144.0.1:8080/self_cancel
SET_URL_SEEN=http://10.144.0.1:8080/seen.php
#Paths where temporary data will be saved.
PATH_RANGES=/tmp/ranges
PATH_WHITELIST=/tmp/whitelist
PATH_ALLOWED=/tmp/allowed
PATH_SELF_CANCEL=/tmp/self_cancel
#######################################################################################
# Function returns 1 if is ip valid
# @param ip adresa
# return 1 if is ip valid
valid_ip ()
{
local ip=$1
local stat=1
if [[ $ip =~ ^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$ ]]; then
OIFS=$IFS
IFS='.'
ip=($ip)
IFS=$OIFS
[[ ${ip[0]} -le 255 && ${ip[1]} -le 255 && ${ip[2]} -le 255 && ${ip[3]} -le 255 ]]
stat=$?
fi;
return $stat
}
start ()
{
echo "Adding sets.";
ipset -N whitelist iphash --hashsize 10000 --probes 4 --resize 50
ipset -N allowed iphash --hashsize 10000 --probes 8 --resize 50
ipset -N self_cancel iphash --hashsize 10000 --probes 8 --resize 50
ipset -N seen iphash --hashsize 10000 --probes 8 --resize 50
ipset -N ranges nethash --hashsize 1024 --probes 4 --resize 50
echo "Adding firewall rules.";
#Rule for allowing access. If come packet to $IP_TARGET then we add souce address do set allowed and to set seen
#Set seen is used for ip synchronization with FreeNetIS.
$IPTABLES -i eth1 -t nat -A PREROUTING -m set --set self_cancel src -d $IP_TARGET -j SET --add-set allowed src
$IPTABLES -i eth1 -t nat -A PREROUTING -m set --set self_cancel src -d $IP_TARGET -j SET --add-set seen src
#If is IP in set whitelist or allowed then it is not redirected
$IPTABLES -i eth1 -t nat -A PREROUTING -m set --set whitelist src -j ACCEPT
$IPTABLES -i eth1 -t nat -A PREROUTING -m set --set allowed src -j ACCEPT
#Redirect everything trafic what has destination port $PORT_WEB to $PORT_REDIRECT
$IPTABLES -i eth1 -t nat -A PREROUTING -m set --set ranges src -p tcp --dport $PORT_WEB -j REDIRECT --to-port $PORT_REDIRECT
#If is IP in set whitelist or allowed then it is not redirected
$IPTABLES -i eth1 -I FORWARD 1 -m set --set whitelist src -j ACCEPT
$IPTABLES -i eth1 -I FORWARD 2 -m set --set allowed src -j ACCEPT
#Else everything drop
$IPTABLES -i eth1 -I FORWARD 3 -m set --set ranges src -j DROP
}
stop ()
{
echo "Deleting firewall rules.";
#Rule for allowing access. If come packet to $IP_TARGET then we add souce address do set allowed and to set seen
#Set seen is used for ip synchronization with FreeNetIS.
$IPTABLES -i eth1 -t nat -D PREROUTING -m set --set self_cancel src -d $IP_TARGET -j SET --add-set allowed src
$IPTABLES -i eth1 -t nat -D PREROUTING -m set --set self_cancel src -d $IP_TARGET -j SET --add-set seen src
#If is IP in set whitelist or allowed then it is not redirected
$IPTABLES -i eth1 -t nat -D PREROUTING -m set --set whitelist src -j ACCEPT
$IPTABLES -i eth1 -t nat -D PREROUTING -m set --set allowed src -j ACCEPT
#Redirect everything trafic what has destination port $PORT_WEB to $PORT_REDIRECT
$IPTABLES -i eth1 -t nat -D PREROUTING -m set --set ranges src -p tcp --dport $PORT_WEB -j REDIRECT --to-port $PORT_REDIRECT
#If is IP in set whitelist or allowed then it is not redirected
$IPTABLES -i eth1 -D FORWARD -m set --set whitelist src -j ACCEPT
$IPTABLES -i eth1 -D FORWARD -m set --set allowed src -j ACCEPT
#Else everything drop
$IPTABLES -i eth1 -D FORWARD -m set --set ranges src -j DROP
echo "Deleting sets.";
ipset -X whitelist
ipset -X allowed
ipset -X self_cancel
ipset -X seen
ipset -X ranges
}
update ()
{
#Erase content of all sets
echo "Cleaning sets...";
ipset -F whitelist
ipset -F allowed
ipset -F self_cancel
ipset -F ranges
#Some stuff - do not delete!
#oldifs=$IFS
#export IFS=";" ; echo "pole je ${a[*]}"
#IFS=$oldifs
#echo "pole je ${a[*]}"
#Send data from seen set to server
for i in $(ipset -L seen);
do
if valid_ip $i; then
seen="$seen$i;";
fi
done
seen=${seen%;}
echo "Sending seen set data...";
wget -q -O /dev/null $SET_URL_SEEN --no-check-certificate --post-data "seen=$seen"
echo "Downloading data...";
wget -q -O $PATH_WHITELIST $SET_URL_WHITELIST --no-check-certificate
wget -q -O $PATH_ALLOWED $SET_URL_ALLOWED --no-check-certificate
wget -q -O $PATH_SELF_CANCEL $SET_URL_SELF_CANCEL --no-check-certificate
wget -q -O $PATH_RANGES $SET_URL_RANGES --no-check-certificate
#Filling sets
for i in $(cat $PATH_WHITELIST);
do
echo "$i - added to set whitelist"
ipset -A whitelist $i
done
for i in $(cat $PATH_ALLOWED);
do
echo "$i - added to set allowed"
ipset -A allowed $i
done
for i in $(cat $PATH_SELF_CANCEL);
do
echo "$i - added to set self_cancel"
ipset -A self_cancel $i
done
for i in $(cat $PATH_RANGES);
do
echo "$i - added to set ranges"
ipset -A ranges $i
done
#Erase content of seen set
echo "Cleaning seen set...";
ipset -F seen
#Cleaning up...
rm $PATH_RANGES
rm $PATH_WHITELIST
rm $PATH_ALLOWED
rm $PATH_SELF_CANCEL
}
# Function shows help
help ()
{
echo "usage : (start | update | stop | restart)"
echo "start - initialization of firewall rules"
echo "update - load ipset data from defined URLs"
echo "stop - clears firewall rules"
echo "restart - restarts firewall rules"
}
# Is parameter #1 zero length?
if [ -z "$1" ]; then
help
exit 1
fi;
case "$1" in
start)
start
exit 1
;;
restart)
stop
start
update
exit 1
;;
update)
update
exit 1
;;
*)
help
exit 1
;;
stop)
stop
exit 1
;;
esac
exit 0

Také k dispozici: Unified diff