Changed the package name, properties set.
#
# Marta Carbone
# Copyright (C) 2009 Universita` di Pisa
-# $Id$
#
# This script parse the ipfw rules
# and remove the old ones.
# If the time value is older than current,
# the rules and related pipes will be deleted.
#
-# $Id$
+# $Id:$
+
+DEBUG=0 # 1 to enable debug messages
+LOG_FILE=/tmp/ipfw.log
+# variable shared with the vsys ipfw-be backend
+DBFILE=/tmp/ff
+
+debug() # $1 debug message
+{
+ if [ ! $DEBUG ]; then
+ echo "$1" >> $LOG_FILE
+ fi
+}
-RULE_LIST="ipfw show"
# Get $NOW referred to UTC
NOW=`date -u +%s`
# check for module existence
-/sbin/lsmod | grep ipfw
+/sbin/lsmod | grep ipfw >> /dev/null
if [ x"$?" == x"1" ]; then
- echo "ipfw module does not exist";
+ debug "ipfw module does not exist"
exit 0;
fi
-${RULE_LIST} |
+cat ${DBFILE} |
awk '
BEGIN {
- print now a "Start to clean rules ";
+ system("echo Start to clean rules >> /tmp/ipfw.log");
cleaned=0;
}
- # delete rules and pipes
- function delete_rule(rule_id) {
- command="/sbin/ipfw delete " rule_id "; ipfw pipe delete " rule_id;
- system(command);
- }
-
# awk main body
- /\/\/\ [0-9]*/ { # select timeout string
-
- timeout=$13;
-
- if (now > timeout) {
- delete_rule($1);
- cleaned++;
- }
+ {
+ slice_id=$1;
+ type=$2;
+ port=$3;
+ timeout=$6;
+ if (now > timeout) {
+ # call the backend script to cleanup expired rules
+ command="echo delete " type " " port " | /vsys/ipfw-be ";
+ # grep for the username
+ command=command "`grep :" slice_id ": /etc/passwd | cut -d ':' -f 1`";
+ system(command);
+ cleaned++;
+ }
}
- END { print " " cleaned " rules cleaned";
+ END { system("echo " cleaned " rules cleaned >> /tmp/ipfw.log");
}
' now=${NOW}
#
-# $Id$
+# $Id: ipfwroot.spec 16174 2009-12-15 13:38:15Z marta $
#
# TODO:
# restart crond
# modprobe ipfw_mod.ko (depmod ?)
#
-%define url $URL: http://onelab1.iet.unipi.it/svn/trunk/ipfw.spec $
+%define url $URL:$
# Marta Carbone <marta.carbone@iet.unipi.it>
# 2009 - Universita` di Pisa
# kernel_release : vs2.3.0.29.1.planetlab
# kernel_version : 2.6.22.14
-%define name ipfw
+%define name ipfwroot
%define version 0.9
%define taglevel 7
install -D -m 755 dummynet/ipfw_mod.ko $RPM_BUILD_ROOT/lib/modules/%{kernel_id}/net/netfilter/ipfw_mod.ko
install -D -m 755 ipfw/ipfw $RPM_BUILD_ROOT/sbin/ipfw
install -D -m 755 planetlab/ipfw-cleanup $RPM_BUILD_ROOT/usr/bin/ipfw-cleanup
-install -D -m 755 planetlab/ipfw.cron $RPM_BUILD_ROOT/%{_sysconfdir}/cron.d/ipfw.cron
+install -D -m 644 planetlab/ipfw.cron $RPM_BUILD_ROOT/%{_sysconfdir}/cron.d/ipfw.cron
%clean
rm -rf $RPM_BUILD_ROOT
#
-# $Id$
+# $Id: ipfwslice.spec 16174 2009-12-15 13:38:15Z marta $
#
# TODO:
# restart crond
# modprobe ipfw_mod.ko (depmod ?)
#
-%define url $URL: http://onelab1.iet.unipi.it/svn/trunk/ipfw-slice.spec $
+%define url $URL:$
# Marta Carbone <marta.carbone@iet.unipi.it>
# 2009 - Universita` di Pisa
# License is BSD.
-%define name ipfw-slice
+%define name ipfwslice
%define version 0.9
%define taglevel 7
-# $Id: planetlab-tags.mk 4496 2009-12-14 12:01:38Z luigi $
+# $Id:$
# These are good to build the ipfw modules from svn on kernels 2.6.22
linux-2.6-SVNBRANCH := 22
linux-2.6-SVNPATH := http://svn.planet-lab.org/svn/linux-2.6/tags/linux-2.6-22-39-1
-# $Id: planetlab.mk 4496 2009-12-14 12:01:38Z luigi $
+# $Id:$
# .mk file to build a module
kernel-MODULES := linux-2.6
kernel-SPEC := kernel-2.6.spec
#
# Marta Carbone <marta.carbone@iet.unipi.it>
# 2009 - Universita` di Pisa
+# $Id:$
#
# This is a sample hook file in charge to collect
# statistical information on netconfig usage. It dumps