fwbuilder-common 5.1.0-4 / usr / share / fwbuilder-5.1.0.3599 / configlets / bsd / update_pfsync

## -*- mode: shell-script; -*- 
##
## To be able to make changes to the part of configuration created
## from this configlet you need to copy this file to the directory
## fwbuilder/configlets/bsd/ in your home directory and modify it.
## Double "##" comments are removed during processing but single "#"
## comments are be retained and appear in the generated script. Empty
## lines are removed as well.  
##
## Configlets support simple macro language with these constructs:
## {{$var}} is variable expansion
## {{if var}} is conditional operator.
##
############ PFSYNC interfaces ############################################
##


## This function synchronizes pfsync interfaces between fwbuilder objects
## and actual configuration of the firewall machine. Pfsync interfaces not
## listed as arguments will be deleted and those in the arguments will be
## created if missing.
##
## This function only executes "ifconfig pfsync0 create" or "ifconfig pfsync0 destroy"
## commands. Other parameters of pfsync interfaces should be set up separately
## (see configlet pfsync_interface for that)
##
## sync_pfsync_interfaces pfsync0 pfsync1
##
## May be there can be only one pfsync interface ? The function in this configlet
## does not depend on this assumption.

sync_pfsync_interfaces() {
    $IFCONFIG {{if openbsd}}-A{{endif}} | awk -v IGNORED="$*" \
        'BEGIN {
           split(IGNORED,ignored_arr);
           for (a in ignored_arr) {ii=ignored_arr[a]":"; ignored_dict[ii]=1;}
         }
         ($1 ~ /^pfsync[0-9]/ && !($1 in ignored_dict)) {print $1;}' | sed 's/://' |\
         while read intf; do
            echo "# Deleting pfsync interface $intf"
             $FWBDEBUG $IFCONFIG $intf destroy
         done

    for intf in $*; do
        $IFCONFIG $intf >/dev/null 2>&1 || {
            echo "# Creating pfsync interface $intf"
            $FWBDEBUG $IFCONFIG $intf create
        }
    done
}