From 2bd8b3545dceb97f56401b7ad2a327e08d520574 Mon Sep 17 00:00:00 2001 From: Hans Rosenfeld Date: Sun, 21 Feb 2016 18:17:04 +0100 Subject: 6881 SMF ipfilter tries to unload module in zones 6882 SMF ipfilter lacks a property for a IPv6 custom policy file 6884 SMF ipfilter tuple_get_port needs to remove backslashes Reviewed by: Cody Mello Approved by: Robert Mustacchi --- usr/src/cmd/svc/shell/ipf_include.sh | 20 ++++++++++++++++++-- 1 file changed, 18 insertions(+), 2 deletions(-) (limited to 'usr/src/cmd/svc') diff --git a/usr/src/cmd/svc/shell/ipf_include.sh b/usr/src/cmd/svc/shell/ipf_include.sh index bb41e2ac49..5082f2a9e0 100644 --- a/usr/src/cmd/svc/shell/ipf_include.sh +++ b/usr/src/cmd/svc/shell/ipf_include.sh @@ -458,7 +458,7 @@ append_new_nat_rules() # tuple_get_port() { - port_str=`echo "$1" | sed -e 's/ //g; s/.*://' 2>/dev/null` + port_str=`echo "$1" | sed -e 's/ //g; s/\\\//g; s/.*://' 2>/dev/null` [ -z "$port_str" ] && return 1 echo $port_str | grep "-" >/dev/null @@ -545,6 +545,22 @@ custom_set_symlink() ln -s $1 $IPFILCONF >/dev/null 2>&1 } +# +# Make IP6FILCONF, /var/tmp/ipf/ipf6.conf, a symlink to the input file argument. +# +custom_set_symlink_6() +{ + # + # Nothing to do if the input file doesn't exist. + # + [ ! -f "$1" ] && return 0 + + check_ipf_dir || return 1 + + rm $IP6FILCONF >/dev/null 2>&1 + ln -s $1 $IP6FILCONF >/dev/null 2>&1 +} + # # New file replaces original file if they have different content # @@ -883,7 +899,7 @@ create_global_rules() file6=`global_get_prop_value $FW_CONFIG_DEF_PG $CUSTOM_FILE_6_PROP` [ -n "$file" ] && custom_set_symlink $file - [ -n "$file6" ] && custom_set_symlink $file6 + [ -n "$file6" ] && custom_set_symlink_6 $file6 return 0 fi -- cgit v1.2.3