Because 'ipfw flush' is such a dangerous command (given that most

firewalls are remote, and this command will kill the network connection to them), prompt the user for confirmation of this command. Also, add the '-f' flag which ignores the need for confirmation the command, and if there is no controlling tty (isatty(STDIN_FILENO) !=0) assume '-f'. If anyone is using ipfw flush in scripts it shouldn't affect them, but you may want to change the script to use a 'ipfw -f flush'. Reviewed by: alex
svn path=/head/; revision=17976
1996-08-31 17:58:23 +00:00 · 1996-08-31 17:58:23 +00:00 · 1285c95c4b · 2020-12-20 02:59:44 +00:00
commit 1285c95c4b
parent d98f2d7a6e
2 changed files with 42 additions and 8 deletions
--- a/sbin/ipfw/ipfw.8
+++ b/sbin/ipfw/ipfw.8
@ -19,7 +19,7 @@ delete
 .Ar number
 .Nm ipfw
 .Oo
-.Fl atN
+.Fl aftN
 .Oc
 list
 .Nm ipfw
@ -92,6 +92,11 @@ The following options are available:
 .It Fl a
 While listing, show counter values. This option is the only way to see
 accounting records.
+.It Fl f
+Don't ask for confirmation for commands that can cause problems if misused
+(ie; flush).
+.Ar Note ,
+if there is no tty associated with the process, this is implied.
 .It Fl t
 While listing, show last match timestamp.
 .It Fl N
--- a/sbin/ipfw/ipfw.c
+++ b/sbin/ipfw/ipfw.c
@ -16,7 +16,7 @@
 *
 * NEW command line interface for IP firewall facility
 *
- * $Id: ipfw.c,v 1.31 1996/08/13 00:41:05 pst Exp $
+ * $Id: ipfw.c,v 1.32 1996/08/13 19:43:24 pst Exp $
 *
 */

@ -43,6 +43,7 @@ int 		s;				/* main RAW socket 	   */
 int 		do_resolv=0;			/* Would try to resolv all */
 int		do_acct=0;			/* Show packet/byte count  */
 int		do_time=0;			/* Show time stamps        */
+int		do_force=0;			/* Don't ask for confirmation */

 int
 mask_bits(m_ad)
@ -806,11 +807,17 @@ ipfw_main(ac,av)
 		show_usage(NULL);
 	}

-	while ((ch = getopt(ac, av ,"atN")) != EOF)
+	/* Set the force flag for non-interactive processes */
+	do_force = !isatty(STDIN_FILENO);
+
+	while ((ch = getopt(ac, av ,"aftN")) != EOF)
 	switch(ch) {
 		case 'a':
 			do_acct=1;
 			break;
+		case 'f':
+			do_force=1;
+			break;
 		case 't':
 			do_time=1;
 			break;
@ -831,11 +838,33 @@ ipfw_main(ac,av)
 	} else if (!strncmp(*av, "delete", strlen(*av))) {
 		delete(ac,av);
 	} else if (!strncmp(*av, "flush", strlen(*av))) {
-		if (setsockopt(s,IPPROTO_IP,IP_FW_FLUSH,NULL,0)<0) {
-			fprintf(stderr,"%s: setsockopt failed.\n",progname);
-			exit(1);
-		} 
-		printf("Flushed all rules.\n");
+		int do_flush = 0;
+
+		if ( do_force )
+			do_flush = 1;
+		else {
+			int c;
+
+			/* Ask the user */
+			printf("Are you sure? [yn] ");
+			do {
+                    		fflush(stdout);
+				c = toupper(getc(stdin));
+				while (c != '\n' && getc(stdin) != '\n')
+					if (feof(stdin))
+						return (0);
+			} while (c != 'Y' && c != 'N');
+			printf("\n");
+			if (c == 'Y') 
+				do_flush = 1;
+		}
+		if ( do_flush ) {
+			if (setsockopt(s,IPPROTO_IP,IP_FW_FLUSH,NULL,0)<0) {
+				fprintf(stderr,"%s: setsockopt failed.\n",progname);
+				exit(1);
+			}
+			printf("Flushed all rules.\n");
+		}
 	} else if (!strncmp(*av, "zero", strlen(*av))) {
 		zero(ac,av);
 	} else if (!strncmp(*av, "print", strlen(*av))) {