From 927b7037cdf10ef237f4c832e07b1576cd5757ce Mon Sep 17 00:00:00 2001 From: nate Date: Sat, 31 Aug 1996 17:58:23 +0000 Subject: Because 'ipfw flush' is such a dangerous command (given that most firewalls are remote, and this command will kill the network connection to them), prompt the user for confirmation of this command. Also, add the '-f' flag which ignores the need for confirmation the command, and if there is no controlling tty (isatty(STDIN_FILENO) !=0) assume '-f'. If anyone is using ipfw flush in scripts it shouldn't affect them, but you may want to change the script to use a 'ipfw -f flush'. Reviewed by: alex --- sbin/ipfw/ipfw.8 | 7 ++++++- sbin/ipfw/ipfw.c | 43 ++++++++++++++++++++++++++++++++++++------- 2 files changed, 42 insertions(+), 8 deletions(-) (limited to 'sbin') diff --git a/sbin/ipfw/ipfw.8 b/sbin/ipfw/ipfw.8 index fc95cf0..2979cc0 100644 --- a/sbin/ipfw/ipfw.8 +++ b/sbin/ipfw/ipfw.8 @@ -19,7 +19,7 @@ delete .Ar number .Nm ipfw .Oo -.Fl atN +.Fl aftN .Oc list .Nm ipfw @@ -92,6 +92,11 @@ The following options are available: .It Fl a While listing, show counter values. This option is the only way to see accounting records. +.It Fl f +Don't ask for confirmation for commands that can cause problems if misused +(ie; flush). +.Ar Note , +if there is no tty associated with the process, this is implied. .It Fl t While listing, show last match timestamp. .It Fl N diff --git a/sbin/ipfw/ipfw.c b/sbin/ipfw/ipfw.c index b466bab..4114111 100644 --- a/sbin/ipfw/ipfw.c +++ b/sbin/ipfw/ipfw.c @@ -16,7 +16,7 @@ * * NEW command line interface for IP firewall facility * - * $Id: ipfw.c,v 1.31 1996/08/13 00:41:05 pst Exp $ + * $Id: ipfw.c,v 1.32 1996/08/13 19:43:24 pst Exp $ * */ @@ -43,6 +43,7 @@ int s; /* main RAW socket */ int do_resolv=0; /* Would try to resolv all */ int do_acct=0; /* Show packet/byte count */ int do_time=0; /* Show time stamps */ +int do_force=0; /* Don't ask for confirmation */ int mask_bits(m_ad) @@ -806,11 +807,17 @@ ipfw_main(ac,av) show_usage(NULL); } - while ((ch = getopt(ac, av ,"atN")) != EOF) + /* Set the force flag for non-interactive processes */ + do_force = !isatty(STDIN_FILENO); + + while ((ch = getopt(ac, av ,"aftN")) != EOF) switch(ch) { case 'a': do_acct=1; break; + case 'f': + do_force=1; + break; case 't': do_time=1; break; @@ -831,11 +838,33 @@ ipfw_main(ac,av) } else if (!strncmp(*av, "delete", strlen(*av))) { delete(ac,av); } else if (!strncmp(*av, "flush", strlen(*av))) { - if (setsockopt(s,IPPROTO_IP,IP_FW_FLUSH,NULL,0)<0) { - fprintf(stderr,"%s: setsockopt failed.\n",progname); - exit(1); - } - printf("Flushed all rules.\n"); + int do_flush = 0; + + if ( do_force ) + do_flush = 1; + else { + int c; + + /* Ask the user */ + printf("Are you sure? [yn] "); + do { + fflush(stdout); + c = toupper(getc(stdin)); + while (c != '\n' && getc(stdin) != '\n') + if (feof(stdin)) + return (0); + } while (c != 'Y' && c != 'N'); + printf("\n"); + if (c == 'Y') + do_flush = 1; + } + if ( do_flush ) { + if (setsockopt(s,IPPROTO_IP,IP_FW_FLUSH,NULL,0)<0) { + fprintf(stderr,"%s: setsockopt failed.\n",progname); + exit(1); + } + printf("Flushed all rules.\n"); + } } else if (!strncmp(*av, "zero", strlen(*av))) { zero(ac,av); } else if (!strncmp(*av, "print", strlen(*av))) { -- cgit v1.1