#! /bin/bash # ### BEGIN INIT INFO # Provides: ipset # Required-Start: $local_fs $network $remote_fs $syslog # Required-Stop: $local_fs $network $remote_fs $syslog # Default-Start: 2 3 4 5 # Default-Stop: 0 1 6 # Short-Description: start and stop the ipset lists # Description: start and stop the ipset lists ### END INIT INFO if [ -r "/lib/lsb/init-functions" ]; then . /lib/lsb/init-functions else log_success_msg() { echo "$@" } log_warning_msg() { echo "$@" >&2 } log_failure_msg() { echo "$@" >&2 } fi IPSET='/sbin/ipset' IPSET_DIR='/etc/ipset.d' # if the ip configuration utility isn't around we can't function. [ -x ${IPSET} ] || exit 1 stop_ipset() { ls -x -1 "${IPSET_DIR}/"*.conf | while read IPSET_FILE; do ipset_name=`grep -P "^create\s+(\S+)\s+" "${IPSET_FILE}" | awk '{ print $2 }' | sed 's/_new//'` [ -z "${ipset_name}" ] && continue echo -n $"Destroy ${ipset_name} ipset" ${IPSET} destroy ${ipset_name} >/dev/null 2>&1 echo done return 0 } start_ipset() { ls -x -1 "${IPSET_DIR}/"*.conf | while read IPSET_FILE; do ipset_name=`grep -P "^create\s+(\S+)\s+" "${IPSET_FILE}" | awk '{ print $2 }' | sed 's/_new//'` if [ ! -e "${IPSET_DIR}/${ipset_name}.ipset" ]; then cat "${IPSET_FILE}" | sed 's/_new//' >"${IPSET_DIR}/${ipset_name}.ipset" fi echo -n $"Load ${ipset_name} ipset" ${IPSET} restore -file "${IPSET_DIR}/${ipset_name}.ipset" >/dev/null 2>&1 echo done return 0 } save_ipset() { ls -x -1 "${IPSET_DIR}/"*.conf | while read IPSET_FILE; do ipset_name=`grep -P "^create\s+(\S+)\s+" "${IPSET_FILE}" | awk '{ print $2 }' | sed 's/_new//'` [ -z "${ipset_name}" ] && continue echo -n $"Save ${ipset_name} ipset" ${IPSET} save ${ipset_name} -file "${IPSET_DIR}/${ipset_name}.ipset" >/dev/null 2>&1 echo done return 0 } # See how we were called. case "$1" in start) start_ipset RET=$? ;; stop) stop_ipset RET=$? ;; save) save_ipset RET=$? ;; restart|reload) stop_ipset start_ipset RET=$? ;; *) echo $"Usage: $0 {start|stop|restart|reload}" exit 1 esac exit ${RET}