GNUmakefile.in 3.51 KB
Newer Older
1
#
2
# Copyright (c) 2000-2014 University of Utah and the Flux Group.
3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21
# 
# {{{EMULAB-LICENSE
# 
# This file is part of the Emulab network testbed software.
# 
# This file is free software: you can redistribute it and/or modify it
# under the terms of the GNU Affero General Public License as published by
# the Free Software Foundation, either version 3 of the License, or (at
# your option) any later version.
# 
# This file is distributed in the hope that it will be useful, but WITHOUT
# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
# FITNESS FOR A PARTICULAR PURPOSE.  See the GNU Affero General Public
# License for more details.
# 
# You should have received a copy of the GNU Affero General Public License
# along with this file.  If not, see <http://www.gnu.org/licenses/>.
# 
# }}}
22 23 24 25 26 27 28
#

SRCDIR		= @srcdir@
TESTBED_SRCDIR	= @top_srcdir@
OBJDIR		= ..
SUBDIR		= firewall
TBDB		= @TBDBNAME@
29
MDOPTS		= --compact --skip-extended-insert --no-create-info --skip-set-charset
30 31

FW_SCRIPTS	= initfwvars.pl
32 33 34 35 36 37 38
FW_FILES	= open.sql closed.sql basic.sql elabinelab.sql \
		  iptables-vlan-open.sql iptables-vlan-closed.sql \
		  iptables-vlan-basic.sql iptables-vlan-elabinelab.sql \
		  iptables-domU-open.sql iptables-domU-closed.sql \
		  iptables-domU-basic.sql \
		  iptables-dom0-open.sql iptables-dom0-closed.sql \
		  iptables-dom0-basic.sql
39 40 41 42 43 44 45 46 47 48 49

include $(OBJDIR)/Makeconf

#
# Force dependencies on the scripts so that they will be rerun through
# configure if the .in file is changed.
# 
all: $(FW_SCRIPTS) $(FW_FILES)

include $(TESTBED_SRCDIR)/GNUmakerules

50
iptables-vlan-%.sql: genconfig-iptables.pl
51 52
	$(SRCDIR)/genconfig-iptables.pl -f $(SRCDIR)/iptables-fw-rules -M $* > $@

53 54 55 56 57 58
iptables-dom0-%.sql: genconfig-iptables.pl iptables-fw-dom0-rules
	$(SRCDIR)/genconfig-iptables.pl -t iptables-dom0 -f $(SRCDIR)/iptables-fw-dom0-rules -M $* > $@

iptables-domU-%.sql: genconfig-iptables.pl iptables-fw-domU-rules
	$(SRCDIR)/genconfig-iptables.pl -t iptables-domU -f $(SRCDIR)/iptables-fw-domU-rules -M $* > $@

59 60 61
%.sql: genconfig.pl
	$(SRCDIR)/genconfig.pl -f $(SRCDIR)/fw-rules -M $* > $@

62 63 64 65 66 67 68 69 70 71 72 73
insertvars: initfwvars.pl dumpoldvars
	chmod +x ./initfwvars.pl
	./initfwvars.pl

insertrules: $(FW_FILES) dumpoldrules
	cat $(FW_FILES) | mysql $(TBDB)
	echo 'FW rules updated in DB'

dumpold: dumpoldvars dumpoldrules

dumpoldvars:
	@if ! `mysqldump $(MDOPTS) -w "1 order by name" $(TBDB) default_firewall_vars >vars.old`; then \
74 75 76 77 78
		echo -n '*** default_firewall_vars table does not exist, '; \
		echo 'see sql/database-migrate.txt'; \
		exit 1; \
	fi

79
dumpoldrules:
80
	@if ! `mysqldump $(MDOPTS) -w "1 order by type,style,ruleno" $(TBDB) default_firewall_rules >rules.old`; then \
81 82 83 84
		echo -n '*** default_firewall_rules table does not exist, '; \
		echo 'see sql/database-migrate.txt'; \
		exit 1; \
	fi
85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111

dumpnew: dumpnewvars dumpnewrules

dumpnewvars: initfwvars.pl
	chmod +x ./initfwvars.pl
	initfwvars.pl -n >vars.new

dumpnewrules: $(FW_FILES)
	cat open.sql closed.sql basic.sql elabinelab.sql | \
	    grep -v 'DELETE FROM' >rules.new
	cat iptables-vlan-open.sql iptables-vlan-closed.sql \
	    iptables-vlan-basic.sql iptables-vlan-elabinelab.sql | \
	    grep -v 'DELETE FROM' >>rules.new
	cat iptables-dom0-open.sql iptables-dom0-closed.sql \
	    iptables-dom0-basic.sql | \
	    grep -v 'DELETE FROM' >>rules.new
	cat iptables-domU-open.sql iptables-domU-closed.sql \
	    iptables-domU-basic.sql | \
	    grep -v 'DELETE FROM' >>rules.new

dump: dumpvars dumprules
dumpvars: dumpoldvars dumpnewvars
dumprules: dumpoldrules dumpnewrules

clean:
	rm -f *.old *.new *.sql initfwvars.pl