Removed the cleanup file, it is now integrated into the backend.

diff --git a/planetlab/ipfw-cleanup b/planetlab/ipfw-cleanup
deleted file mode 100755 (executable)
index c58dc3e..0000000
--- a/planetlab/ipfw-cleanup
+++ /dev/null
@@ -1,64 +0,0 @@
-#!/bin/sh
-#
-# Marta Carbone
-# Copyright (C) 2009 Universita` di Pisa
-#
-# This script parse the ipfw rules
-# and remove the old ones.
-#
-# The ipfw output is parsed and each time
-# value stored as comment is compared against
-# the current time.
-# If the time value is older than current,
-# the rules and related pipes will be deleted.
-#
-# $Id:$
-
-DEBUG=0                # 1 to enable debug messages
-LOG_FILE=/tmp/ipfw.log
-# variable shared with the vsys ipfw-be backend
-DBFILE=/tmp/ff
-
-debug() # $1 debug message
-{
-       if [ ! $DEBUG ]; then
-               echo "$1" >> $LOG_FILE
-       fi
-}
-
-# Get $NOW referred to UTC
-NOW=`date -u +%s`
-
-# check for module existence
-/sbin/lsmod | grep ipfw >> /dev/null
-if [ x"$?" == x"1" ]; then
-       debug "ipfw module does not exist"
-       exit 0;
-fi
-
-cat ${DBFILE} | 
-awk '
-       BEGIN {
-               system("echo Start to clean rules >> /tmp/ipfw.log");
-               cleaned=0;
-       }
-
-       # awk main body
-       {
-               slice_id=$1;
-               type=$2;
-               port=$3;
-               timeout=$6;
-               if (now > timeout) {
-                       # call the backend script to cleanup expired rules
-                       command="echo delete " type " " port " | /vsys/ipfw-be ";
-                       # grep for the username
-                       command=command "`grep :" slice_id ": /etc/passwd | cut -d ':' -f 1`";
-                       system(command);
-                       cleaned++;
-               }
-       }
-
-       END {   system("echo " cleaned " rules cleaned >> /tmp/ipfw.log");
-       }
-' now=${NOW}

diff --git a/planetlab/ipfw.cron b/planetlab/ipfw.cron
index f6a6486..b5525a0 100644 (file)
--- a/planetlab/ipfw.cron
+++ b/planetlab/ipfw.cron
@@ -1,3 +1,3 @@
 # Runs every 5 minutes and clean ipfw expired rules
-# $Id$
-*/5 * * * * root    /usr/bin/ipfw-cleanup > /dev/null 2>&1
+# $Id:$
+*/5 * * * * root     echo "super killexpired" | /vsys/ipfw-be root > /dev/null 2>&1

diff --git a/planetlab/ipfwroot.spec b/planetlab/ipfwroot.spec
index ef64aa0..a99da6e 100644 (file)
--- a/planetlab/ipfwroot.spec
+++ b/planetlab/ipfwroot.spec
@@ -58,13 +58,12 @@ rm -rf $RPM_BUILD_ROOT
 %install
 install -D -m 755 dummynet2/ipfw_mod.ko $RPM_BUILD_ROOT/lib/modules/%{kernel_id}/net/netfilter/ipfw_mod.ko
 install -D -m 755 ipfw/ipfw $RPM_BUILD_ROOT/sbin/ipfw
-install -D -m 755 planetlab/ipfw-cleanup $RPM_BUILD_ROOT/usr/bin/ipfw-cleanup
 install -D -m 644 planetlab/ipfw.cron $RPM_BUILD_ROOT/%{_sysconfdir}/cron.d/ipfw.cron
 
 %post
 # load the module
-##modprobe ipfw_mod
 ##depmod -a
+##modprobe ipfw_mod
 # clean the old database and initialize the firewall
 ##echo "super dbcleanup" | /vsys/ipfw-be 0
 ##echo "super init" | /vsys/ipfw-be 0
@@ -86,6 +85,9 @@ rm -rf $RPM_BUILD_ROOT
 LOADED=`cat /proc/modules | grep ^ipfw_mod`; if [ -n "$LOADED" ] ; then rmmod ipfw_mod; fi
 
 %changelog
+* Mon Jan 11 2010 Marta Carbone <marta.carbone@iet.unipi.it>
+- Integrated the ipfw rules cleanup into the backend
+
 * Sat Jan 09 2010 Thierry Parmentelat <thierry.parmentelat@sophia.inria.fr> - ipfw-0.9-8
 - builds on 2.6.22 & 2.6.27 - for 32 and 64 bits