Also update paths in the config to where the live files are
(* -*- sml -*- *)
structure Firewall :> FIREWALL_CONFIG = struct
-val firewallRules = "/home/clinton/misc/hcoop/firewall/user.rules"
-val firewallDir = "/home/clinton/misc/hcoop/firewall/output"
-val firewallNodes = ["bog"]
+val firewallRules = "/afs/hcoop.net/etc/domtool/firewall/user.rules"
+val firewallDir = "/var/domtool/firewall/"
+val firewallNodes = ["navajos"]
val reload = "/usr/bin/sudo /usr/local/sbin/domtool-publish firewall"
/etc/init.d/apache2 reload
;;
firewall)
+ # Ideally this would check if the config worked first
+ # (ferm failing just uses the previous config at
+ # least). Does it need to chown/chmod the generated
+ # rules?
+ /bin/cp /var/domtool/firewall/{user_chains.conf,users_tcp_in.conf,users_tcp_out.conf} /etc/ferm/
/etc/init.d/ferm reload
;;
*)