From 2ef4ab7bbd3bfb510495830fff64c34471106a05 Mon Sep 17 00:00:00 2001 From: Max Kellermann Date: Wed, 22 Mar 2017 12:46:58 +0100 Subject: [PATCH] sort domains and tables in --fast output Some people want the output in a deterministic order to be able to diff it. So here's that. Similar to commit 04855db07f250 https://github.com/MaxKellermann/ferm/issues/13 --- NEWS | 1 + src/ferm | 10 +++++++--- 2 files changed, 8 insertions(+), 3 deletions(-) diff --git a/NEWS b/NEWS index 093ef6f..f116bc5 100644 --- a/NEWS +++ b/NEWS @@ -12,6 +12,7 @@ v2.3.2 - not yet released * cgroup - updated netfilter modules: * recent: add mask, reap + - sort domains and tables in --fast output v2.3.1 - 5 Jan 2017 diff --git a/src/ferm b/src/ferm index e8247da..348cc8c 100755 --- a/src/ferm +++ b/src/ferm @@ -686,7 +686,8 @@ foreach my $cmd (@pre_hooks) { system($cmd) unless $option{noexec}; } -while (my ($domain, $domain_info) = each %domains) { +foreach my $domain (sort keys %domains) { + my $domain_info = $domains{$domain}; next unless $domain_info->{enabled}; my $s = $option{fast} && defined $domain_info->{tools}{'tables-restore'} @@ -711,7 +712,8 @@ if ($option{interactive}) { print LINES "echo 'ferm has applied the new firewall rules.'\n"; print LINES "echo 'Please press Ctrl-C to confirm.'\n"; print LINES "sleep $option{timeout}\n"; - while (my ($domain, $domain_info) = each %domains) { + foreach my $domain (sort keys %domains) { + my $domain_info = $domains{$domain}; my $restore = $domain_info->{tools}{'tables-restore'}; next unless defined $restore; print LINES "$restore <\$${domain}_tmp\n"; @@ -2606,7 +2608,9 @@ sub rules_to_save($) { # convert this into an iptables-save text my $result = "# Generated by ferm $VERSION on " . localtime() . "\n"; - while (my ($table, $table_info) = each %{$domain_info->{tables}}) { + foreach my $table (sort keys %{$domain_info->{tables}}) { + my $table_info = $domain_info->{tables}{$table}; + # select table $result .= '*' . $table . "\n"; -- 2.11.4.GIT