]>
Commit | Line | Data |
---|---|---|
1 | #!/bin/sh | |
2 | # | |
3 | # chkconfig: 2345 07 93 | |
4 | # description: Automates administration of IP sets. | |
5 | # | |
6 | # config: /etc/sysconfig/ipset | |
7 | # | |
8 | ||
9 | IPSET_CONFIG=/etc/sysconfig/ipset | |
10 | if [ ! -f $IPSET_CONFIG ]; then | |
11 | case "$1" in | |
12 | start|restart|try-restart|reload|force-reload) | |
13 | exit 0 | |
14 | ;; | |
15 | esac | |
16 | fi | |
17 | ||
18 | . /etc/rc.d/init.d/functions | |
19 | ||
20 | start() { | |
21 | if [ ! -f $IPSET_CONFIG ]; then | |
22 | return | |
23 | fi | |
24 | ||
25 | show "Applying ipset rules" | |
26 | /usr/sbin/ipset -X | |
27 | /usr/sbin/ipset -R < $IPSET_CONFIG | |
28 | RETVAL=$? | |
29 | if [ $RETVAL = 0 ]; then | |
30 | ok | |
31 | else | |
32 | fail | |
33 | fi | |
34 | touch /var/lock/subsys/ipset | |
35 | } | |
36 | ||
37 | stop() { | |
38 | if [ ! -f /var/lock/subsys/ipset ]; then | |
39 | return | |
40 | fi | |
41 | ||
42 | show "Resetting ipset rules" | |
43 | /usr/sbin/ipset -X && ok || fail | |
44 | rm -f /var/lock/subsys/ipset | |
45 | } | |
46 | ||
47 | save() { | |
48 | show "Saving current rules to %s" $IPSET_CONFIG | |
49 | /usr/sbin/ipset -S > $IPSET_CONFIG.tmp | |
50 | RETVAL=$? | |
51 | if [ $RETVAL = 0 ]; then | |
52 | cat $IPSET_CONFIG.tmp > $IPSET_CONFIG | |
53 | chmod 600 $IPSET_CONFIG | |
54 | ok | |
55 | else | |
56 | fail | |
57 | fi | |
58 | rm -f $IPSET_CONFIG.tmp | |
59 | } | |
60 | ||
61 | status() { | |
62 | /usr/sbin/ipset list | |
63 | RETVAL=$? | |
64 | } | |
65 | ||
66 | RETVAL=0 | |
67 | case "$1" in | |
68 | start) | |
69 | start | |
70 | ;; | |
71 | stop) | |
72 | stop | |
73 | ;; | |
74 | restart|try-restart|reload|force-reload) | |
75 | start | |
76 | ;; | |
77 | save) | |
78 | save | |
79 | ;; | |
80 | status) | |
81 | status | |
82 | ;; | |
83 | *) | |
84 | msg_usage "$0 {start|stop|restart|try-restart|reload|force-reload|save|status}" | |
85 | exit 3 | |
86 | esac | |
87 | ||
88 | exit $RETVAL |