diff options
author | Tomás Touceda <chiiph@leap.se> | 2014-06-04 16:14:42 -0300 |
---|---|---|
committer | Tomás Touceda <chiiph@leap.se> | 2014-06-04 16:14:42 -0300 |
commit | 82e1c4b1e3e5dd49b6e868732451a744ba37ba59 (patch) | |
tree | e16fadc6286fedf1e2ddcd0d4f173a37e7226011 /pkg/linux/bitmask-root | |
parent | 5210383ece1dcc4e2150dd1c08cc0ba4106f3b1f (diff) | |
parent | aba3ea21d83e6e073baf01643b68832530a6f4d0 (diff) |
Merge remote-tracking branch 'refs/remotes/kali/feature/add-fw-down-button' into develop
Diffstat (limited to 'pkg/linux/bitmask-root')
-rwxr-xr-x | pkg/linux/bitmask-root | 26 |
1 files changed, 18 insertions, 8 deletions
diff --git a/pkg/linux/bitmask-root b/pkg/linux/bitmask-root index 82e8799f..d1bf656e 100755 --- a/pkg/linux/bitmask-root +++ b/pkg/linux/bitmask-root @@ -22,14 +22,15 @@ It should only be called by the Bitmask application. USAGE: bitmask-root firewall stop - bitmask-root firewall start GATEWAY1 GATEWAY2 ... + bitmask-root firewall start [restart] GATEWAY1 GATEWAY2 ... bitmask-root openvpn stop bitmask-root openvpn start CONFIG1 CONFIG1 ... All actions return exit code 0 for success, non-zero otherwise. The `openvpn start` action is special: it calls exec on openvpn and replaces -the current process. +the current process. If the `restart` parameter is passed, the firewall will +not be teared down in the case of an error during launch. """ # TODO should be tested with python3, which can be the default on some distro. from __future__ import print_function @@ -38,12 +39,12 @@ import os import re import signal import socket +import syslog import subprocess import sys import time import traceback - cmdcheck = subprocess.check_output ## @@ -129,6 +130,8 @@ if DEBUG: logger.setLevel(logging.DEBUG) logger.addHandler(ch) +syslog.openlog(SCRIPT) + ## ## UTILITY ## @@ -413,6 +416,7 @@ def bail(msg=None, exception=None): """ if msg is not None: print("%s: %s" % (SCRIPT, msg)) + syslog.syslog(syslog.LOG_ERR, msg) if exception is not None: traceback.print_exc() exit(1) @@ -614,7 +618,7 @@ def get_default_device(): """ routes = subprocess.check_output([IP, "route", "show"]) match = re.search("^default .*dev ([^\s]*) .*$", routes, flags=re.M) - if match.groups(): + if match and match.groups(): return match.group(1) else: bail("Could not find default device") @@ -629,7 +633,7 @@ def get_local_network_ipv4(device): """ addresses = cmdcheck([IP, "-o", "address", "show", "dev", device]) match = re.search("^.*inet ([^ ]*) .*$", addresses, flags=re.M) - if match.groups(): + if match and match.groups(): return match.group(1) else: return None @@ -644,7 +648,7 @@ def get_local_network_ipv6(device): """ addresses = cmdcheck([IP, "-o", "address", "show", "dev", device]) match = re.search("^.*inet6 ([^ ]*) .*$", addresses, flags=re.M) - if match.groups(): + if match and match.groups(): return match.group(1) else: return None @@ -819,6 +823,11 @@ def main(): command = "_".join(sys.argv[1:3]) args = sys.argv[3:] + is_restart = False + if args and args[0] == "restart": + is_restart = True + args.remove('restart') + if command == "openvpn_start": openvpn_start(args) @@ -830,8 +839,9 @@ def main(): firewall_start(args) nameserver_setter.start(NAMESERVER) except Exception as ex: - nameserver_restorer.start() - firewall_stop() + if not is_restart: + nameserver_restorer.start() + firewall_stop() bail("ERROR: could not start firewall", ex) elif command == "firewall_stop": |