BastilleBSD/bastille
2
0
Fork 0
Code Pull Requests Actions Packages Releases Activity

adding a couple vnet exceptions for ip4.addr checks

Browse Source
This commit is contained in:
Christer Edwards
2021-01-01 09:23:26 -07:00
parent 4136f8fff4
commit 83a83e087e
2 changed files with 11 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
usr/local/share/bastille/rdr.sh
View File

@@ -58,10 +58,12 @@ if [ -z "${JAIL_NAME}" ]; then
fi fi
# Check jail ip4 address valid # Check jail ip4 address valid
if [ "$(bastille config $TARGET get vnet)" != 'enabled' ]; then
JAIL_IP=$(jls -j "${TARGET}" ip4.addr 2>/dev/null) JAIL_IP=$(jls -j "${TARGET}" ip4.addr 2>/dev/null)
if [ -z "${JAIL_IP}" -o "${JAIL_IP}" = "-" ]; then if [ -z "${JAIL_IP}" -o "${JAIL_IP}" = "-" ]; then
error_exit "Jail IP not found: ${TARGET}" error_exit "Jail IP not found: ${TARGET}"
fi fi
fi
# Check rdr-anchor is setup in pf.conf # Check rdr-anchor is setup in pf.conf
if ! (pfctl -sn | grep rdr-anchor | grep 'rdr/\*' >/dev/null); then if ! (pfctl -sn | grep rdr-anchor | grep 'rdr/\*' >/dev/null); then

2
usr/local/share/bastille/template.sh
View File

@@ -226,11 +226,13 @@ for _jail in ${JAILS}; do
## jail-specific variables. ## jail-specific variables.
bastille_jail_path=$(jls -j "${_jail}" path) bastille_jail_path=$(jls -j "${_jail}" path)
if [ "$(bastille config $TARGET get vnet)" != 'enabled' ]; then
_jail_ip=$(jls -j "${_jail}" ip4.addr 2>/dev/null) _jail_ip=$(jls -j "${_jail}" ip4.addr 2>/dev/null)
if [ -z "${_jail_ip}" -o "${_jail_ip}" = "-" ]; then if [ -z "${_jail_ip}" -o "${_jail_ip}" = "-" ]; then
error_notify "Jail IP not found: ${_jail}" error_notify "Jail IP not found: ${_jail}"
_jail_ip='' # In case it was -. -- cwells _jail_ip='' # In case it was -. -- cwells
fi fi
fi
## TARGET ## TARGET
if [ -s "${bastille_template}/TARGET" ]; then if [ -s "${bastille_template}/TARGET" ]; then