Fwctl::Services::udp_pkt - Fwctl module to hande unidirectional UDP packets.

Fwctl documentation Contained in the Fwctl distribution.

Index

Code Index:

NAME

Top

Fwctl::Services::udp_pkt - Fwctl module to hande unidirectional UDP packets.

SYNOPSIS

Top

    accept   udp_pkt -src ROUTER -dst LOGGER --local_port 514 --port 514

DESCRIPTION

Top

This module will add rules to the firewall for unidrectional UDP traffic.

OPTIONS

Top

In addition to the standard options, it accepts the following ones.

--local_port

This is the source port of the udp packet.

--port

This is the destination port of the udp packet.

AUTHOR

Top

Francis J. Lacoste <francis.lacoste@iNsu.COM>

COPYRIGHT

Top

Copyright (c) 1999,2000 iNsu Innovations Inc. All rights reserved.

This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.

SEE ALSO

Top

fwctl(8) Fwctl(3) Fwctl::RuleSet(3)

Fwctl documentation Contained in the Fwctl distribution. 
#
#    udp_pkt.pm - Fwctl modules that will add rules to let through one udp packets.
#
#    This file is part of Fwctl.
#
#    Author: Francis J. Lacoste <francis.lacoste@iNsu.COM>
#
#    Copyright (c) 1999,2000 iNsu Innovations Inc.
#
#    This program is free software; you can redistribute it and/or modify
#    it under the terms of the GNU General Public License as published by
#    the Free Software Foundation; either version 2 of the License, or
#    (at your option) any later version.
#
package Fwctl::Services::udp_pkt;

use strict;

use Fwctl::RuleSet qw(:ip_rulesets :masq);
use IPChains;

sub new {
  my $proto = shift;
  my $class = ref $proto || $proto;
  bless {}, $class;
}

sub prototypes {
  my ($self,$target,$options) = @_;

  my $local_port = $options->{local_port} || "1024:65535";
  my $port	 = $options->{port}       || "1:65535";

  # Build prototype rule
  (
   IPChains->new(
		 Rule	    => $target,
		 Prot	    => 'udp',
		 SourcePort => $local_port,
		 DestPort   => $port,
		 %{$options->{ipchains}},
		),
  );
}

sub block_rules {
  my $self = shift;
  my ( $target, $src, $src_if, $dst, $dst_if, $options ) = @_;


  my ($fw) = $self->prototypes( $target, $options );
  block_ip_ruleset( $fw, $src, $src_if, $dst, $dst_if );
}

sub accept_rules {
  my $self = shift;
  my ( $target, $src, $src_if, $dst, $dst_if, $options ) = @_;

  my ($fw) = $self->prototypes( $target, $options );

  my $masq = defined $options->{portfw} ? PORTFW :
    $options->{masq} ? MASQ : NOMASQ;
  accept_ip_ruleset( $fw, $src, $src_if, $dst, $dst_if,
		     $masq, $options->{portfw} );
}

sub account_rules {
  my $self = shift;
  my ( $target, $src, $src_if, $dst, $dst_if, $options ) = @_;

  my ($fw) = $self->prototypes( $target, $options );

  my $masq = defined $options->{portfw} ? PORTFW :
    $options->{masq} ? MASQ : NOMASQ;

  acct_ip_ruleset( $fw, $src, $src_if, $dst, $dst_if, $masq );
}

sub valid_options {
  my  $self = shift;
  ( "local_port=s", "port=s" );
}

1;