prosody-modules
f65c5927ee8e
mod_firewall/mod_firewall.lua
Software / code / prosody-modules
Comparison
mod_firewall/mod_firewall.lua @ 2574:f65c5927ee8e
mod_firewall: Factor out script loading
| author | Matthew Wild <mwild1@gmail.com> |
|---|---|
| date | Sat, 25 Feb 2017 15:46:27 +0000 |
| parent | 2573:24dbad147aef |
| child | 2578:6dbd07f9a868 |
comparison
equal
deleted
inserted
replaced
| 2573:24dbad147aef | 2574:f65c5927ee8e |
|---|---|
| 547 script_path = script_path:match("^module:(.+)$"); | 547 script_path = script_path:match("^module:(.+)$"); |
| 548 end | 548 end |
| 549 return resolve_relative_path(relative_to, script_path); | 549 return resolve_relative_path(relative_to, script_path); |
| 550 end | 550 end |
| 551 | 551 |
| 552 function load_script(script) | |
| 553 script = resolve_script_path(script); | |
| 554 local chain_functions, err = compile_firewall_rules(script) | |
| 555 | |
| 556 if not chain_functions then | |
| 557 module:log("error", "Error compiling %s: %s", script, err or "unknown error"); | |
| 558 else | |
| 559 for chain, handler_code in pairs(chain_functions) do | |
| 560 local new_handler, err = compile_handler(handler_code, "mod_firewall::"..chain); | |
| 561 if not new_handler then | |
| 562 module:log("error", "Compilation error for %s: %s", script, err); | |
| 563 else | |
| 564 local chain_definition = chains[chain]; | |
| 565 if chain_definition and chain_definition.type == "event" then | |
| 566 local handler = new_handler(chain_definition.pass_return); | |
| 567 for _, event_name in ipairs(chain_definition) do | |
| 568 module:hook(event_name, handler, chain_definition.priority); | |
| 569 end | |
| 570 elseif not chain:sub(1, 5) == "user/" then | |
| 571 module:log("warn", "Unknown chain %q", chain); | |
| 572 end | |
| 573 module:hook("firewall/chains/"..chain, new_handler(false)); | |
| 574 end | |
| 575 end | |
| 576 end | |
| 577 end | |
| 578 | |
| 552 function module.load() | 579 function module.load() |
| 553 if not prosody.arg then return end -- Don't run in prosodyctl | 580 if not prosody.arg then return end -- Don't run in prosodyctl |
| 554 active_definitions = {}; | 581 active_definitions = {}; |
| 555 local firewall_scripts = module:get_option_set("firewall_scripts", {}); | 582 local firewall_scripts = module:get_option_set("firewall_scripts", {}); |
| 556 for script in firewall_scripts do | 583 for script in firewall_scripts do |
| 557 script = resolve_script_path(script); | 584 load_script(script); |
| 558 local chain_functions, err = compile_firewall_rules(script) | |
| 559 | |
| 560 if not chain_functions then | |
| 561 module:log("error", "Error compiling %s: %s", script, err or "unknown error"); | |
| 562 else | |
| 563 for chain, handler_code in pairs(chain_functions) do | |
| 564 local new_handler, err = compile_handler(handler_code, "mod_firewall::"..chain); | |
| 565 if not new_handler then | |
| 566 module:log("error", "Compilation error for %s: %s", script, err); | |
| 567 else | |
| 568 local chain_definition = chains[chain]; | |
| 569 if chain_definition and chain_definition.type == "event" then | |
| 570 local handler = new_handler(chain_definition.pass_return); | |
| 571 for _, event_name in ipairs(chain_definition) do | |
| 572 module:hook(event_name, handler, chain_definition.priority); | |
| 573 end | |
| 574 elseif not chain:sub(1, 5) == "user/" then | |
| 575 module:log("warn", "Unknown chain %q", chain); | |
| 576 end | |
| 577 module:hook("firewall/chains/"..chain, new_handler(false)); | |
| 578 end | |
| 579 end | |
| 580 end | |
| 581 end | 585 end |
| 582 -- Replace contents of definitions table (shared) with active definitions | 586 -- Replace contents of definitions table (shared) with active definitions |
| 583 for k in it.keys(definitions) do definitions[k] = nil; end | 587 for k in it.keys(definitions) do definitions[k] = nil; end |
| 584 for k,v in pairs(active_definitions) do definitions[k] = v; end | 588 for k,v in pairs(active_definitions) do definitions[k] = v; end |
| 585 end | 589 end |
