scip/jaildk
1
0
Fork 0
mirror of https://codeberg.org/scip/jaildk.git synced 2025-12-17 04:31:02 +01:00
Code Issues Packages Projects Releases Wiki Activity

only generate pf ruleset if in start or restart mode

Browse Source
This commit is contained in:
Thomas von Dein
2021-07-02 19:46:56 +02:00
parent 7e5c2ad591
commit 830ca86afe
1 changed files with 86 additions and 78 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
jaildk
View File

@@ -303,6 +303,12 @@ jaildk_rc_pf() {
load-jail-config $jail load-jail-config $jail
# TODO:
# - put this into a separate function
# - clean up if generation of pf-ruleset.conf fails somehow
# - make a syntax check of the generated rules, if possible
case $mode in
start|restart)
if test -n "$rules" -o -n "$maps"; then if test -n "$rules" -o -n "$maps"; then
# generate a pf.conf based on config variables # generate a pf.conf based on config variables
echo "# generated pf ruleset for jail, generated on ` date`" > $ruleset echo "# generated pf ruleset for jail, generated on ` date`" > $ruleset
@@ -389,6 +395,8 @@ jaildk_rc_pf() {
fi fi
done done
fi fi
;;
esac
if test -s $ruleset; then if test -s $ruleset; then
anchor="$jail/jaildk" anchor="$jail/jaildk"