/* script_unblock
This function iterates through the blocklist and removes a user specified item
from this list if it was found.
Returncodes:
VRS_SUCCESS: success, item was removed
VRS_ERR_COMMAND_FAILED: saving the blocklist in backend failed
VRS_ERR_COMMANDLINE: item not found in blocklist
*/
int
script_unblock(const int debuglvl, VuurmuurScript *vr_script)
{
char removed = FALSE; /* used to track if we really removed the
object */
BlockList blocklist; /* "new" blocklist (object to be removed will
not be added to this list) */
int retval = VRS_SUCCESS;
char *str = NULL;
d_list_setup(debuglvl, &blocklist.list, free);
blocklist.old_blocklistfile_used = FALSE;
while(rf->ask(debuglvl, rule_backend, "blocklist", "RULE",
vr_script->bdat, sizeof(vr_script->bdat), TYPE_RULE, 1) == 1)
{
rules_encode_rule(debuglvl, vr_script->bdat, sizeof(vr_script->bdat));
str = remove_leading_part(vr_script->bdat);
if(strcmp(vr_script->set, str))
{
/* ok, no match; keep it in the list */
if(d_list_append(debuglvl, &blocklist.list,
remove_leading_part(vr_script->bdat)) == NULL)
{
(void)vrprint.error(VRS_ERR_INTERNAL, VR_ERR,
"parameter problem (in: %s:%d)",
__FUNC__, __LINE__);
return(VRS_ERR_INTERNAL);
}
}
else
{
/* we want to remove it: so lets just not put it in the list! */
removed = TRUE; /* this means, we have something changed in
the blocklist */
}
free(str);
}
if(removed == TRUE)
{
if(blocklist_save_list(debuglvl, &blocklist) != 0)
{
(void)vrprint.error(VRS_ERR_COMMAND_FAILED, VR_ERR,
"could not save updated blocklist (in: %s:%d).",
__FUNC__, __LINE__);
return(VRS_ERR_COMMAND_FAILED);
}
logchange("item '%s' removed from the blocklist.", vr_script->bdat);
}
else
{
(void)vrprint.error(VRS_ERR_COMMANDLINE, VR_ERR,
"item '%s' not found in the blocklist (in: %s:%d).",
vr_script->set, __FUNC__, __LINE__);
retval = VRS_ERR_COMMANDLINE;
}
d_list_cleanup(debuglvl, &blocklist.list);
return(retval);
}
int
script_add(const int debuglvl, VuurmuurScript *vr_script)
{
char found = FALSE;
/*
first check if the object already exists
*/
if( vr_script->type == VRMR_TYPE_ZONE || vr_script->type == VRMR_TYPE_NETWORK ||
vr_script->type == VRMR_TYPE_HOST || vr_script->type == VRMR_TYPE_GROUP)
{
while(vr_script->vctx.zf->list(debuglvl, vr_script->vctx.zone_backend, vr_script->bdat, &vr_script->zonetype, VRMR_BT_ZONES) != NULL)
{
if(vr_script->zonetype == vr_script->type && strcmp(vr_script->bdat,vr_script->name) == 0)
{
found = TRUE;
}
}
if(found == TRUE)
{
if(vr_script->type == VRMR_TYPE_ZONE)
vrmr_error(VRS_ERR_ALREADY_EXISTS, VR_ERR, "zone '%s' already exists.", vr_script->name);
else if(vr_script->type == VRMR_TYPE_NETWORK)
vrmr_error(VRS_ERR_ALREADY_EXISTS, VR_ERR, "network '%s' already exists.", vr_script->name);
else if(vr_script->type == VRMR_TYPE_HOST)
vrmr_error(VRS_ERR_ALREADY_EXISTS, VR_ERR, "host '%s' already exists.", vr_script->name);
else if(vr_script->type == VRMR_TYPE_GROUP)
vrmr_error(VRS_ERR_ALREADY_EXISTS, VR_ERR, "group '%s' already exists.", vr_script->name);
return(VRS_ERR_ALREADY_EXISTS);
}
}
else if(vr_script->type == VRMR_TYPE_SERVICE)
{
while(vr_script->vctx.sf->list(debuglvl, vr_script->vctx.serv_backend, vr_script->bdat, &vr_script->zonetype, VRMR_BT_SERVICES) != NULL)
{
if(strcmp(vr_script->bdat,vr_script->name) == 0)
{
found = TRUE;
}
}
if(found == TRUE)
{
vrmr_error(VRS_ERR_ALREADY_EXISTS, VR_ERR, "service '%s' already exists.", vr_script->name);
return(VRS_ERR_ALREADY_EXISTS);
}
}
else if(vr_script->type == VRMR_TYPE_INTERFACE)
{
while(vr_script->vctx.af->list(debuglvl, vr_script->vctx.ifac_backend, vr_script->bdat, &vr_script->zonetype, VRMR_BT_INTERFACES) != NULL)
{
if(strcmp(vr_script->bdat,vr_script->name) == 0)
{
found = TRUE;
}
}
if(found == TRUE)
{
vrmr_error(VRS_ERR_ALREADY_EXISTS, VR_ERR, "interface '%s' already exists.", vr_script->name);
return(VRS_ERR_ALREADY_EXISTS);
}
}
else if(vr_script->type == VRMR_TYPE_RULE)
{
while(vr_script->vctx.rf->list(debuglvl, vr_script->vctx.rule_backend, vr_script->bdat, &vr_script->zonetype, VRMR_BT_RULES) != NULL)
{
if(strcmp(vr_script->bdat,vr_script->name) == 0)
{
found = TRUE;
}
}
if(found == TRUE)
{
vrmr_error(VRS_ERR_ALREADY_EXISTS, VR_ERR, "ruleset '%s' already exists.", vr_script->name);
return(VRS_ERR_ALREADY_EXISTS);
}
}
/*
now add it
*/
if(vr_script->type == VRMR_TYPE_ZONE)
{
if(vr_script->vctx.zf->add(debuglvl, vr_script->vctx.zone_backend, vr_script->name, VRMR_TYPE_ZONE) < 0)
{
vrmr_error(-1, VR_ERR, "adding zone '%s' failed (in: %s:%d).", vr_script->name, __FUNC__, __LINE__);
return(VRS_ERR_COMMAND_FAILED);
}
logchange(vr_script, "zone '%s' added.", vr_script->name);
}
else if(vr_script->type == VRMR_TYPE_NETWORK)
{
if(vr_script->vctx.zf->add(debuglvl, vr_script->vctx.zone_backend, vr_script->name, VRMR_TYPE_NETWORK) < 0)
{
vrmr_error(-1, VR_ERR, "adding network '%s' failed (in: %s:%d).", vr_script->name, __FUNC__, __LINE__);
return(VRS_ERR_COMMAND_FAILED);
}
logchange(vr_script, "network '%s' added.", vr_script->name);
}
else if(vr_script->type == VRMR_TYPE_HOST)
{
if(vr_script->vctx.zf->add(debuglvl, vr_script->vctx.zone_backend, vr_script->name, VRMR_TYPE_HOST) < 0)
{
vrmr_error(-1, VR_ERR, "adding host '%s' failed (in: %s:%d).", vr_script->name, __FUNC__, __LINE__);
return(VRS_ERR_COMMAND_FAILED);
}
logchange(vr_script, "host '%s' added.", vr_script->name);
}
else if(vr_script->type == VRMR_TYPE_GROUP)
{
if(vr_script->vctx.zf->add(debuglvl, vr_script->vctx.zone_backend, vr_script->name, VRMR_TYPE_GROUP) < 0)
{
vrmr_error(-1, VR_ERR, "adding group '%s' failed (in: %s:%d).", vr_script->name, __FUNC__, __LINE__);
return(VRS_ERR_COMMAND_FAILED);
}
logchange(vr_script, "group '%s' added.", vr_script->name);
}
else if(vr_script->type == VRMR_TYPE_SERVICE)
{
if(vr_script->vctx.sf->add(debuglvl, vr_script->vctx.serv_backend, vr_script->name, VRMR_TYPE_SERVICE) < 0)
{
vrmr_error(-1, VR_ERR, "adding service '%s' failed (in: %s:%d).", vr_script->name, __FUNC__, __LINE__);
return(VRS_ERR_COMMAND_FAILED);
}
logchange(vr_script, "service '%s' added.", vr_script->name);
}
else if(vr_script->type == VRMR_TYPE_INTERFACE)
{
if(vr_script->vctx.af->add(debuglvl, vr_script->vctx.ifac_backend, vr_script->name, VRMR_TYPE_INTERFACE) < 0)
{
vrmr_error(-1, VR_ERR, "adding interface '%s' failed (in: %s:%d).", vr_script->name, __FUNC__, __LINE__);
return(VRS_ERR_COMMAND_FAILED);
}
logchange(vr_script, "interface '%s' added.", vr_script->name);
}
else if(vr_script->type == VRMR_TYPE_RULE)
{
if(vr_script->vctx.rf->add(debuglvl, vr_script->vctx.rule_backend, vr_script->name, VRMR_TYPE_RULE) < 0)
{
vrmr_error(-1, VR_ERR, "adding ruleset '%s' failed (in: %s:%d).", vr_script->name, __FUNC__, __LINE__);
return(VRS_ERR_COMMAND_FAILED);
}
logchange(vr_script, "ruleset '%s' added.", vr_script->name);
}
else
{
vrmr_error(VRS_ERR_INTERNAL, VR_INTERR, "unknown type %d.", vr_script->type);
return(VRS_ERR_INTERNAL);
}
return(0);
}