michael/webmin
1
0
Fork 0
mirror of https://github.com/webmin/webmin.git synced 2026-05-06 15:20:29 +01:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity

Fix to drop another footgun with configurable rules file

Browse Source
This commit is contained in:
Ilia Ross
2026-05-03 18:05:59 +02:00
parent 2bcf00b50d
commit e65c88e7ef
3 changed files with 13 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
nftables/config.info
View File

@@ -1,4 +1,4 @@
line0=Configurable global options,11
nft_cmd=Full path to nft command,0
perpage=Number of rules to display per page,3,Default (50)
view_condition=Display condition in rules list?,1,1-Yes,0-No
view_comment=Display comment in rules list?,1,1-Yes,0-No
@@ -6,6 +6,3 @@ before_cmd=Command to run before changing rules,3,None
after_cmd=Command to run after changing rules,3,None
before_apply_cmd=Command to run before applying configuration,3,None
after_apply_cmd=Command to run after applying configuration,3,None
line2=nftables configuration,11
nft_cmd=Full path to nft command,0
save_file=File to save/edit nftables rules,3,Use operating system or Webmin default

3
nftables/install_check.pl
View File

@@ -16,8 +16,7 @@ sub is_installed
my ($mode) = @_;
return 0 if (&check_nftables());
if ($mode) {
my $file = $config{'save_file'} ||
"$module_config_directory/rules.conf";
my $file = nftables_rules_file();
return 1 if (!-s $file);
return 2;
}

16
nftables/nftables-lib.pl
View File

@@ -174,13 +174,19 @@ return undef if (get_nft_command());
return text('index_ecommand', "<tt>nft</tt>");
}
# nftables_rules_file()
# Returns the Webmin-managed nftables rules file
sub nftables_rules_file
{
return "$module_config_directory/rules.conf";
}
# get_nftables_config_files()
# Returns files that can be manually edited by this module
sub get_nftables_config_files
{
my @files;
my $file = $config{'save_file'} || "$module_config_directory/rules.conf";
push(@files, $file) if ($file && $file !~ /\|\s*$/);
push(@files, nftables_rules_file());
foreach my $sysfile ("/etc/nftables.conf", "/etc/sysconfig/nftables.conf") {
push(@files, $sysfile) if (-f $sysfile);
@@ -225,7 +231,7 @@ sub get_nftables_save
{
my ($file) = @_;
if (!$file) {
$file = $config{'save_file'} || "$module_config_directory/rules.conf";
$file = nftables_rules_file();
}
return ( ) if (!$file);
return ( ) if ($file !~ /\|\s*$/ && !-r $file);
@@ -1480,7 +1486,7 @@ sub write_configuration
{
my (@tables) = @_;
my $out = dump_nftables_save(@tables);
my $file = $config{'save_file'} || "$module_config_directory/rules.conf";
my $file = nftables_rules_file();
open_lock_tempfile(my $fh, ">$file");
print_tempfile($fh, $out);
@@ -1543,7 +1549,7 @@ return;
sub apply_restore
{
my ($file) = @_;
$file ||= $config{'save_file'} || "$module_config_directory/rules.conf";
$file ||= nftables_rules_file();
my $cmd = get_nft_command();
return text('index_ecommand', "<tt>nft</tt>") if (!$cmd);