[Firehol-support] Re: [Firehol-support] recommended bash configuration exception method

Costa Tsaousis costa at tsaousis.gr
Sat Feb 7 00:43:31 GMT 2004 

Hi Lauren,

just do:

error "some reason text for the reader"

This will present something like this (check the WHY part):

----------------------------------------------------------------
ERROR #: 1
WHAT   : Setting up rules for Passive FTP client
WHY    : some reason text for the reader
COMMAND: client ftp accept
SOURCE : line INIT of /etc/firehol/firehol.conf


You can control all the text in this error. Here is how:

1. setting WHAT:

set_work_function "what I am going to do now..."

2. setting COMMAND from the function name and arguments:

work_realcmd=(${FUNCNAME} "$@")

alternativelly, you can set this to anything you like.

So, doing this in your firehol.conf:

bad() {
   work_realcmd=(${FUNCNAME} "$@")
   set_work_function "Setting up the bad thing..."

   error "This is going to be too bad. I cannot do it!"
}

and then calling:

bad arg1 arg2 arg3

will show:

---------------------------------------------------------
ERROR #: 1
WHAT   : Setting up the bad thing...
WHY    : This is going to be too bad. I cannot do it!
COMMAND: bad arg1 arg2 arg3
SOURCE : line INIT of /etc/firehol/firehol.conf

and the previous firewall will be restored.

Unfortunatelly, there is no easy way for detecting the line number for
functions defined within firehol.conf. The line number of the last
processed firehol directive will be shown (even if this is within your
function).

Finally, you can control where your function is allowed to be called from,
by using require_work(). Here it is:

require_work set any

will require your function to be called within an interface or router.

require_work set interface

will require your function to be called within an interface.

require_work set router

will require your function to be called within a router.

require_work clear

will require you function to be called before an interface or router.

Use it like this:

bad() {
   work_realcmd=(${FUNCNAME} "$@")
   set_work_function "Setting up the bad thing..."

   require_work clear || \
      error "${FUNCNAME} should be used outside interfaces or routers."

   error "This is going to be too bad. I cannot do it!"
}


Regards,

Costa


> Hello,
> When writing a function in a firehol config file, what is the best way
> to 'throw an exception' when testing for invalid arguements?  I've read
> that 'exit' should not be used in a firehol config file, what is an
> alternative to stop processing?
> Thanks,
> Lauren Matheson

More information about the Firehol-support mailing list