From: marta <marta@8c455092-636d-4788-adf5-e71def0336e8>
Date: Wed, 16 Dec 2009 17:10:02 +0000 (+0000)
Subject: Update the cleanup for expired rules.
X-Git-Tag: ipfw-0.9-8~7
X-Git-Url: http://git.onelab.eu/?a=commitdiff_plain;h=fd71c20d7328b71ac47493f9f27925de690980ed;p=ipfw.git

Update the cleanup for expired rules.
Changed the package name, properties set.
---

diff --git a/planetlab/ipfw-cleanup b/planetlab/ipfw-cleanup
index 429328a..c58dc3e 100755
--- a/planetlab/ipfw-cleanup
+++ b/planetlab/ipfw-cleanup
@@ -2,7 +2,6 @@
 #
 # Marta Carbone
 # Copyright (C) 2009 Universita` di Pisa
-# $Id$
 #
 # This script parse the ipfw rules
 # and remove the old ones.
@@ -13,43 +12,53 @@
 # If the time value is older than current,
 # the rules and related pipes will be deleted.
 #
-# $Id$
+# $Id:$
+
+DEBUG=0		# 1 to enable debug messages
+LOG_FILE=/tmp/ipfw.log
+# variable shared with the vsys ipfw-be backend
+DBFILE=/tmp/ff
+
+debug() # $1 debug message
+{
+	if [ ! $DEBUG ]; then
+		echo "$1" >> $LOG_FILE
+	fi
+}
 
-RULE_LIST="ipfw show"
 # Get $NOW referred to UTC
 NOW=`date -u +%s`
 
 # check for module existence
-/sbin/lsmod | grep ipfw
+/sbin/lsmod | grep ipfw >> /dev/null
 if [ x"$?" == x"1" ]; then
-	echo "ipfw module does not exist";
+	debug "ipfw module does not exist"
 	exit 0;
 fi
 
-${RULE_LIST} | 
+cat ${DBFILE} | 
 awk '
 	BEGIN {
-		print now a "Start to clean rules ";
+		system("echo Start to clean rules >> /tmp/ipfw.log");
 		cleaned=0;
 	}
 
-	# delete rules and pipes
-	function delete_rule(rule_id) {
-		command="/sbin/ipfw delete " rule_id "; ipfw pipe delete " rule_id;
-		system(command);
-	}
-
 	# awk main body
-	/\/\/\ [0-9]*/ { # select timeout string
-
-			timeout=$13;
-
-			if (now > timeout) {
-				delete_rule($1);
-				cleaned++;
-			}
+	{
+		slice_id=$1;
+		type=$2;
+		port=$3;
+		timeout=$6;
+		if (now > timeout) {
+			# call the backend script to cleanup expired rules
+			command="echo delete " type " " port " | /vsys/ipfw-be ";
+			# grep for the username
+			command=command "`grep :" slice_id ": /etc/passwd | cut -d ':' -f 1`";
+			system(command);
+			cleaned++;
+		}
 	}
 
-	END {	print " " cleaned " rules cleaned";
+	END {	system("echo " cleaned " rules cleaned >> /tmp/ipfw.log");
 	}
 ' now=${NOW}
diff --git a/planetlab/ipfwroot.spec b/planetlab/ipfwroot.spec
index 25b418e..0e5e696 100644
--- a/planetlab/ipfwroot.spec
+++ b/planetlab/ipfwroot.spec
@@ -1,11 +1,11 @@
 #
-# $Id$
+# $Id: ipfwroot.spec 16174 2009-12-15 13:38:15Z marta $
 #
 # TODO:
 # restart crond
 # modprobe ipfw_mod.ko (depmod ?)
 #
-%define url $URL: http://onelab1.iet.unipi.it/svn/trunk/ipfw.spec $
+%define url $URL:$
 
 # Marta Carbone <marta.carbone@iet.unipi.it>
 # 2009 - Universita` di Pisa
@@ -15,7 +15,7 @@
 # kernel_release : vs2.3.0.29.1.planetlab
 # kernel_version : 2.6.22.14
 
-%define name ipfw
+%define name ipfwroot
 %define version 0.9
 %define taglevel 7
 
@@ -59,7 +59,7 @@ rm -rf $RPM_BUILD_ROOT
 install -D -m 755 dummynet/ipfw_mod.ko $RPM_BUILD_ROOT/lib/modules/%{kernel_id}/net/netfilter/ipfw_mod.ko
 install -D -m 755 ipfw/ipfw $RPM_BUILD_ROOT/sbin/ipfw
 install -D -m 755 planetlab/ipfw-cleanup $RPM_BUILD_ROOT/usr/bin/ipfw-cleanup
-install -D -m 755 planetlab/ipfw.cron $RPM_BUILD_ROOT/%{_sysconfdir}/cron.d/ipfw.cron
+install -D -m 644 planetlab/ipfw.cron $RPM_BUILD_ROOT/%{_sysconfdir}/cron.d/ipfw.cron
 
 %clean
 rm -rf $RPM_BUILD_ROOT
diff --git a/planetlab/ipfwslice.spec b/planetlab/ipfwslice.spec
index a4f1521..30824ab 100644
--- a/planetlab/ipfwslice.spec
+++ b/planetlab/ipfwslice.spec
@@ -1,17 +1,17 @@
 #
-# $Id$
+# $Id: ipfwslice.spec 16174 2009-12-15 13:38:15Z marta $
 #
 # TODO:
 # restart crond
 # modprobe ipfw_mod.ko (depmod ?)
 #
-%define url $URL: http://onelab1.iet.unipi.it/svn/trunk/ipfw-slice.spec $
+%define url $URL:$
 
 # Marta Carbone <marta.carbone@iet.unipi.it>
 # 2009 - Universita` di Pisa
 # License is BSD.
 
-%define name ipfw-slice
+%define name ipfwslice
 %define version 0.9
 %define taglevel 7
 
diff --git a/planetlab/planetlab-tags.mk b/planetlab/planetlab-tags.mk
index ee3c12d..26c5d2f 100644
--- a/planetlab/planetlab-tags.mk
+++ b/planetlab/planetlab-tags.mk
@@ -1,4 +1,4 @@
-# $Id: planetlab-tags.mk 4496 2009-12-14 12:01:38Z luigi $
+# $Id:$
 # These are good to build the ipfw modules from svn on kernels 2.6.22
 linux-2.6-SVNBRANCH	:= 22
 linux-2.6-SVNPATH	:= http://svn.planet-lab.org/svn/linux-2.6/tags/linux-2.6-22-39-1
diff --git a/planetlab/planetlab.mk b/planetlab/planetlab.mk
index e49bde8..bc6daf3 100644
--- a/planetlab/planetlab.mk
+++ b/planetlab/planetlab.mk
@@ -1,4 +1,4 @@
-# $Id: planetlab.mk 4496 2009-12-14 12:01:38Z luigi $
+# $Id:$
 # .mk file to build a module
 kernel-MODULES := linux-2.6
 kernel-SPEC := kernel-2.6.spec 
diff --git a/planetlab/sample_hook b/planetlab/sample_hook
index b47c8de..ec56cbd 100755
--- a/planetlab/sample_hook
+++ b/planetlab/sample_hook
@@ -3,6 +3,7 @@
 #
 # Marta Carbone <marta.carbone@iet.unipi.it>
 # 2009 - Universita` di Pisa
+# $Id:$
 #
 # This is a sample hook file in charge to collect
 # statistical information on netconfig usage. It dumps