Mercurial > prosody-modules

comparison mod_firewall/actions.lib.lua @ 2558:2b533a7b5236

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
mod_firewall: Make PASS bubble up through all chains, and add DEFAULT and RETURN
author Matthew Wild <mwild1@gmail.com>
date Fri, 24 Feb 2017 09:38:20 +0000
parents 9392f45b0364
children fda47e2135e5
comparison
equal deleted inserted replaced
2557:56db2ab3b853 2558:2b533a7b5236
48 end 48 end
49 return table.concat(code, ""); 49 return table.concat(code, "");
50 end 50 end
51 51
52 function action_handlers.PASS() 52 function action_handlers.PASS()
53 return "do return end" 53 return "do return pass_return end"
54 end 54 end
55 55
56 function action_handlers.DROP() 56 function action_handlers.DROP()
57 return "do return true end"; 57 return "do return true end";
58 end
59
60 function action_handlers.DEFAULT()
61 return "do return false end";
62 end
63
64 function action_handlers.RETURN()
65 return "do return end"
58 end 66 end
59 67
60 function action_handlers.STRIP(tag_desc) 68 function action_handlers.STRIP(tag_desc)
61 local code = {}; 69 local code = {};
62 local name, xmlns = tag_desc:match("^(%S+) (.+)$"); 70 local name, xmlns = tag_desc:match("^(%S+) (.+)$");
183 function action_handlers.JUMP_EVENT(name) 191 function action_handlers.JUMP_EVENT(name)
184 return ("do return fire_event(%q, event); end"):format(name); 192 return ("do return fire_event(%q, event); end"):format(name);
185 end 193 end
186 194
187 function action_handlers.JUMP_CHAIN(name) 195 function action_handlers.JUMP_CHAIN(name)
188 return ("if fire_event(%q, event) then return true; end"):format("firewall/chains/"..name); 196 return ([[do
197 local ret = fire_event(%q, event);
198 log('debug', 'chain \"%%s\" returned %%s', %q, tostring(ret));
199 if ret ~= nil then
200 if ret == false then
201 return pass_return;
202 end
203 return ret;
204 end
205 end]]):format("firewall/chains/"..name, name);
189 end 206 end
190 207
191 function action_handlers.MARK_ORIGIN(name) 208 function action_handlers.MARK_ORIGIN(name)
192 return [[session.firewall_marked_]]..idsafe(name)..[[ = current_timestamp;]], { "timestamp" }; 209 return [[session.firewall_marked_]]..idsafe(name)..[[ = current_timestamp;]], { "timestamp" };
193 end 210 end