From b8b9d15edc59dcdd36fff26ed825363e47dbe27b Mon Sep 17 00:00:00 2001 From: Bart De Schuymer Date: Tue, 14 Jun 2005 19:27:53 +0000 Subject: Rok Papez --- arptables-restore | 71 +++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 71 insertions(+) create mode 100644 arptables-restore (limited to 'arptables-restore') diff --git a/arptables-restore b/arptables-restore new file mode 100644 index 0000000..d672d54 --- /dev/null +++ b/arptables-restore @@ -0,0 +1,71 @@ +#!/usr/bin/perl -w +# +# +# A script that imports text ebtables rules. Similar to iptables-restore. +# It can be used to restore configuration from /etc/sysconfig/ebtables. +# + +use strict; +my $tool = "/sbin/arptables"; +my $table; +my $rc; +my $line; + +# ============================== +# clear_arptables +# - sets policy to accept +# - flushes chains +# - removes custom chains +# ============================== +sub clear_arptables { + $rc = `$tool -P INPUT ACCEPT`; + unless($? == 0) { print "ERROR: $rc\n"; exit -1 }; + $rc = `$tool -P FORWARD ACCEPT`; + unless($? == 0) { print "ERROR: $rc\n"; exit -1 }; + $rc = `$tool -P OUTPUT ACCEPT`; + unless($? == 0) { print "ERROR: $rc\n"; exit -1 }; + + $rc = `$tool -F`; + unless($? == 0) { print "ERROR: $rc\n"; exit -1 }; + + $rc = `$tool -L`; + unless($? == 0) { print "ERROR: $rc\n"; exit -1 }; + + foreach $line (split("\n",$rc)) { + unless ($line =~ m/Chain\s(.*?)\s\(.*references\)/) { next; } + $rc = `$tool -X $1`; + unless($? == 0) { print "ERROR: $rc\n"; exit -1 }; + } +} +# ============================== + + +unless (-x $tool) { print "ERROR: $tool isn't executable\n"; exit -1; }; +&clear_arptables(); + +$line = 0; +while(<>) { + $line++; + if(m/^#/) { next; }; + if(m/^$/) { next; }; + + if(m/^\*(.*)/) { + $table = $1; + next; + } + + # Process a chain directive + if(m/^\:(.*?)\s(.*)/) { + # is it a user or a built in chain ? + if ("$2" eq "-") { + $rc = `$tool -t $table -N $1`; + unless($? == 0) {print "ERROR(line $line): $rc\n"; exit -1}; + next; + } + $rc = `$tool -t $table -P $1 $2`; + unless($? == 0) {print "ERROR(line $line): $rc\n"; exit -1}; + next; + } + $rc = `$tool -t $table $_`; + unless($? == 0) {print "ERROR(line $line): $rc\n"; exit -1}; +} -- cgit v1.2.3