Qubes/core-agent-linux
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

network: fix handling newline in firewall rules

Browse Source 
Since the rules are no more directly handed to echo -e, sed needs to
handle all escape sequences used in rules (newline only, but in
different notations).
This commit is contained in:
Marek Marczykowski-Górecki 2015-02-11 14:14:27 +01:00
parent b40c791914
commit 4dbd9e205c
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
network/qubes-firewall
View File

@ -36,11 +36,11 @@ while true; do
RULES=$(qubesdb-read $XENSTORE_IPTABLES_HEADER)
IPTABLES_SAVE=$(iptables-save | sed '/^\*filter/,/^COMMIT/d')
OUT=$(printf '%s\n%s\n' "$RULES" "$IPTABLES_SAVE" | sed 's/\\n/\n/g' | iptables-restore 2>&1 || true)
OUT=$(printf '%s\n%s\n' "$RULES" "$IPTABLES_SAVE" | sed 's/\\n\|\\x0a/\n/g' | iptables-restore 2>&1 || true)
for i in $(qubesdb-list -f /qubes-iptables-domainrules) ; do
RULES=$(qubesdb-read "$i")
ERRS=$(printf '%s\n' "$RULES" | sed 's/\\n/\n/g' | /sbin/iptables-restore -n 2>&1 || true)
ERRS=$(printf '%s\n' "$RULES" | sed 's/\\n\|\\x0a/\n/g' | /sbin/iptables-restore -n 2>&1 || true)
if [ -n "$ERRS" ]; then
echo "Failed applying rules for $i: $ERRS" >&2
OUT="$OUT$ERRS"