From 81f79c3a021f4678a6ae865ffdb49a73acbf25a8 Mon Sep 17 00:00:00 2001 From: Mike Reeves Date: Thu, 22 Sep 2022 16:32:09 -0400 Subject: [PATCH] Firewall Changes --- salt/common/tools/sbin/so-common | 12 ++++++++++++ salt/common/tools/sbin/so-firewall | 17 +++++------------ 2 files changed, 17 insertions(+), 12 deletions(-) diff --git a/salt/common/tools/sbin/so-common b/salt/common/tools/sbin/so-common index c0b028130..44ca007ff 100755 --- a/salt/common/tools/sbin/so-common +++ b/salt/common/tools/sbin/so-common @@ -507,6 +507,18 @@ valid_hostname() { [[ $hostname =~ ^[a-zA-Z0-9\-]+$ ]] && [[ $hostname != 'localhost' ]] && return 0 || return 1 } +verify_ip4() { + local ip=$1 + # Is this an IP or CIDR? + if grep -qP "^[^/]+/[^/]+$" <<< $ip; then + # Looks like a CIDR + valid_ip4_cidr_mask "$ip" + else + # We know this is not a CIDR - Is it an IP? + valid_ip4 "$ip" + fi +} + valid_ip4() { local ip=$1 diff --git a/salt/common/tools/sbin/so-firewall b/salt/common/tools/sbin/so-firewall index e16cc1e2c..9da3bd32b 100755 --- a/salt/common/tools/sbin/so-firewall +++ b/salt/common/tools/sbin/so-firewall @@ -71,11 +71,11 @@ else exit 1 fi -# Are we dealing with an IP? -if valid_ip4 "$IP"; then - echo "$IP is valid" + # Are we dealing with an IP? +if verify_ip4 "$IP"; then + echo "$IP is a valid IP or CIDR" else - echo "$IP is not a valid IP Address" + echo "$IP is not a valid IP or CIDR" exit 1 fi @@ -90,14 +90,7 @@ if [ -f "$local_salt_dir/hostgroups/$ROLE" ]; then fi # If you have reached this part of your quest then let's add the IP -if [ -f "$local_salt_dir/hostgroups/$ROLE" ]; then - touch $local_salt_dir/hostgroups/$ROLE - echo "Adding $IP to the $ROLE role" - echo "$IP" > $local_salt_dir/hostgroups/$ROLE -else - echo "Adding $IP to the $ROLE role" - echo "$IP" >> $local_salt_dir/hostgroups/$ROLE -fi +echo "Adding $IP to the $ROLE role" # Check to see if we are applying this right away. if [ "$APPLY" = "true" ]; then