diff options
author | David Teigland <teigland@redhat.com> | 2009-06-05 16:34:06 -0500 |
---|---|---|
committer | David Teigland <teigland@redhat.com> | 2009-06-05 16:34:06 -0500 |
commit | 162ad93715eb6b268bb1c8832559f95b654acc27 (patch) | |
tree | 107e02ca40e338c31da37f84cecf86c78a3132e0 | |
parent | 44d232131bcf34014e8cb743a436227ab6ae5334 (diff) | |
download | dct-stuff-162ad93715eb6b268bb1c8832559f95b654acc27.tar.gz dct-stuff-162ad93715eb6b268bb1c8832559f95b654acc27.tar.xz dct-stuff-162ad93715eb6b268bb1c8832559f95b654acc27.zip |
cpgx: option to just run iptables
it can just be convenient
-IA runs the iptables -A command
-ID runs the iptables -D command
Signed-off-by: David Teigland <teigland@redhat.com>
-rw-r--r-- | cpgx/cpgx.c | 30 |
1 files changed, 28 insertions, 2 deletions
diff --git a/cpgx/cpgx.c b/cpgx/cpgx.c index 8313d7a..398c715 100644 --- a/cpgx/cpgx.c +++ b/cpgx/cpgx.c @@ -146,6 +146,7 @@ static int opt_exit = 1; static int opt_die = 0; static int iterations_sec = 0; static int timeout_sec = 0; +static int run_iptables = 0; static int continue_after_error = 0; static int opt_print_event = 1; static int opt_print_debug = 1; @@ -1653,10 +1654,13 @@ void print_usage(void) DEFAULT_SYNC_MAX); printf(" -t <sec> timeout after no dispatch for this many seconds, default 0 (never)\n"); printf(" -i <sec> run for this many seconds, default 0 (forever)\n"); - printf(" -j join (per -d) by running \"%s\", not cman_tool\n", exec_name); + printf(" -j join cluster by running \"%s\", not cman_tool\n", exec_name); + printf(" (used by -d restart after killing %s\n", exec_name); printf(" -a <addr> IP address used for %s communication\n", exec_name); printf(" (implies that iptables should be used with -d)\n"); printf(" -p <port> udp port used for %s communication\n", exec_name); + printf(" -I [A|D] run iptables Append or Delete to block/unblock %s communication\n", exec_name); + printf(" (use with -a and optionally -p)\n"); printf(" -c continue after error\n"); printf(" -V print version\n"); printf("\n"); @@ -1666,6 +1670,7 @@ void print_usage(void) printf(" <time> D: <debug string> (stdout)\n"); printf("\n"); printf("Notes:\n"); + printf(" - when cpgx is started the node must be a cluster member\n"); printf(" - to prevent history from periodically restarting from 0,\n" " keep one node from leaving/exiting/dieing with -l0 -e0 -d0\n"); printf(" - 8 nodes max, nodeids beteen 1 and 255\n"); @@ -1680,7 +1685,7 @@ int main(int argc, char **argv) int optchar; while (cont) { - optchar = getopt(argc, argv, "H:D:l:e:d:s:t:i:ja:p:chV"); + optchar = getopt(argc, argv, "H:D:l:e:d:s:t:i:ja:p:I:chV"); switch (optchar) { case 'H': @@ -1727,6 +1732,13 @@ int main(int argc, char **argv) exec_port = atoi(optarg); break; + case 'I': + if (!strncmp(optarg, "A", 1)) + run_iptables = 1; + else if (!strncmp(optarg, "D", 1)) + run_iptables = 2; + break; + case 'c': continue_after_error = 1; break; @@ -1754,6 +1766,20 @@ int main(int argc, char **argv) "iptables -D OUTPUT -s %s -p udp --dport %d -j DROP", exec_addr, exec_port); } + if (run_iptables && !exec_addr[0]) { + fprintf(stderr, "-I requires local IP address with -a\n"); + exit(EXIT_FAILURE); + } + if (run_iptables == 1) { + printf("%s\n", iptables_a); + system(iptables_a); + exit(EXIT_SUCCESS); + } + if (run_iptables == 2) { + printf("%s\n", iptables_d); + system(iptables_d); + exit(EXIT_SUCCESS); + } parent_begin = time(NULL); |