1
Development and Code Review / Removing Alias, deinstall hook?
« on: February 24, 2022, 09:43:11 am »
Hello!
In my crowdsec plugin, still unpublished, I create my stuff in plugins.inc.d/crowdsec.inc, then I call "configctl filter reload" at the time of installation. Not sure it's the best way, but it seems to work as I want.
My question is: can I remove the Alias objects when my plugin is uninstalled? I see some
Is there a plugin that does a similar clean up?
Thanks
In my crowdsec plugin, still unpublished, I create my stuff in plugins.inc.d/crowdsec.inc, then I call "configctl filter reload" at the time of installation. Not sure it's the best way, but it seems to work as I want.
My question is: can I remove the Alias objects when my plugin is uninstalled? I see some
+POST_DEINSTALL.postscripts but should I call my php code from there? It's fine if the Alias is removed and recreated when the plugin is upgraded.
Is there a plugin that does a similar clean up?
Thanks
[...]
function add_alias_if_not_exist($name, $description, $proto) {
$model = new OPNsense\Firewall\Alias();
foreach ($model->aliases->alias->iterateItems() as $alias) {
if ((string)$alias->name == $name) {
return;
}
}
$new_alias = $model->aliases->alias->Add();
$new_alias->name = $name;
$new_alias->description = $description;
$new_alias->proto = $proto;
$new_alias->type = 'external';
$model->serializeToConfig();
Config::getInstance()->save();
}
function crowdsec_firewall(\OPNsense\Firewall\Plugin $fw)
{
if (!bouncer_enabled()) {
return;
}
add_alias_if_not_exist('crowdsec_blacklists', 'CrowdSec (IPv4)', 'IPv4');
$fw->registerFilterRule(
1, /* priority */
array(
'ipprotocol' => 'inet',
'descr' => 'CrowdSec (IPv4)',
'from' => '$crowdsec_blacklists', # $ to reference an alias
'type' => 'block',
'quick' => true
),
null
);
add_alias_if_not_exist('crowdsec6_blacklists', 'CrowdSec (IPv6)', 'IPv6');
$fw->registerFilterRule(
1, /* priority */
array(
'ipprotocol' => 'inet6',
'descr' => 'CrowdSec (IPv6)',
'from' => '$crowdsec6_blacklists', # $ to reference an alias
'type' => 'block',
'quick' => true
),
null
);
}
[...]