Applied. Cheers,
Dejan On Thu, Jun 18, 2009 at 10:27:51AM +0200, Florian Haas wrote: > # HG changeset patch > # User Florian Haas <[email protected]> > # Date 1245313456 -7200 > # Node ID 5df5240e463e4e5ce2903312ba094957717d66dc > # Parent ee16ba77a95bd290d833ead3b1181297fe8e5f14 > portblock RA: fix invalid exit codes on monitor > > IptablesStatus() returns 1 ($OCF_ERR_GENERIC) whenever the iptables > rule is not configured. This breaks probes whenever a resource which > is expected to be stopped, is in fact stopped. > > Also, this patch removes a pointless function wrapper and uses > $OCF_RESOURCE_INSTANCE for the ha_pseudo_resource state file name. > > This is a fix of the fix I submitted yesterday. :) The original patch > still had a residual call to pseudo_resource. > > This updated patch also removes another obsolete comment. > > diff -r ee16ba77a95b -r 5df5240e463e resources/OCF/portblock > --- a/resources/OCF/portblock Thu Jun 18 10:24:16 2009 +0200 > +++ b/resources/OCF/portblock Thu Jun 18 10:24:16 2009 +0200 > @@ -23,7 +23,7 @@ > > usage() > { > - cat <<-!USAGE >&2 > + cat <<END >&2 > usage: $CMD {start|stop|status|monitor|meta-data|validate-all} > > $CMD is used to temporarily block ports using iptables. > @@ -53,7 +53,7 @@ > > NOTE: iptables is linux-specific... > > - !USAGE > +END > } > > meta_data() { > @@ -115,18 +115,6 @@ > # This is because we expect an "unblock" resource to come along > # and disable us -- but we're still in some sense active... > # > -# So, we track the state here using the pseudo_resource() function. > -# > -# The psuedo_resource function should be moved into the functions > -# available to resources so other resource scripts could use it... > -# > -# > - > -# pseudo_resource filename operation > -pseudo_resource() > -{ > - ha_pseudo_resource $* > -} > > #iptables_spec {udp|tcp} portno,portno > iptables_spec() > @@ -152,48 +140,54 @@ > SayActive() > { > echo "$CMD DROP rule for INPUT chain [$*] is running (OK)" > - return 0 > } > > SayConsideredActive() > { > echo "$CMD DROP rule for INPUT chain [$*] considered to be running (OK)" > - return 0 > } > > SayInactive() > { > echo "$CMD DROP rule for INPUT chain [$*] is inactive" > - return 1 > } > > #IptablesStatus {udp|tcp} portno,portno {block|unblock} > -IptablesStatus() > -{ > - activewords="$CMD $1 $2 is running (OK)" > - if > - chain_isactive "$1" "$2" > - then > - case $3 in > - block) SayActive $*;; > - *) SayInactive $*;; > - esac > - else > - case $3 in > - block) > - if > - pseudo_resource "$RSCNAME" status > - then > - SayConsideredActive $* > +IptablesStatus() { > + local rc > + rc=$OCF_ERR_GENERIC > + activewords="$CMD $1 $2 is running (OK)" > + if chain_isactive "$1" "$2"; then > + case $3 in > + block) > + SayActive $* > + rc=$OCF_SUCCESS > + ;; > + *) > + SayInactive $* > + rc=$OCF_NOT_RUNNING > + ;; > + esac > + else > + case $3 in > + block) > + if ha_pseudo_resource "${OCF_RESOURCE_INSTANCE}" status; then > + SayConsideredActive $* > + rc=$OCF_SUCCESS > else > - SayInactive $* > - fi;; > - > - *) SayActive $*;; > - esac > - fi > - > - return $? > + SayInactive $* > + rc=$OCF_NOT_RUNNING > + fi > + ;; > + > + *) > + SayActive $* > + rc=$OCF_SUCCESS > + ;; > + esac > + fi > + > + return $rc > } > > #IptablesBLOCK {udp|tcp} portno,portno > @@ -227,7 +221,7 @@ > #IptablesStart {udp|tcp} portno,portno {block|unblock} > IptablesStart() > { > - pseudo_resource "$RSCNAME" start > + ha_pseudo_resource "${OCF_RESOURCE_INSTANCE}" start > case $3 in > block) IptablesBLOCK "$@";; > unblock) IptablesUNBLOCK "$@";; > @@ -240,7 +234,7 @@ > #IptablesStop {udp|tcp} portno,portno {block|unblock} > IptablesStop() > { > - pseudo_resource "$RSCNAME" stop > + ha_pseudo_resource "${OCF_RESOURCE_INSTANCE}" stop > case $3 in > block) IptablesUNBLOCK "$@";; > unblock) IptablesBLOCK "$@";; > @@ -333,8 +327,6 @@ > portno=$OCF_RESKEY_portno > action=$OCF_RESKEY_action > > -RSCNAME=${CMD}_${protocol}_${portno}_${action} > - > case $1 in > start) > IptablesStart $protocol $portno $action > diff -r ee16ba77a95b -r 5df5240e463e resources/heartbeat/portblock.in > --- a/resources/heartbeat/portblock.in Thu Jun 18 10:24:16 2009 +0200 > +++ b/resources/heartbeat/portblock.in Thu Jun 18 10:24:16 2009 +0200 > @@ -27,7 +27,7 @@ > export OCF_RESKEY_action OCF_RESKEY_portno OCF_RESKEY_action > > OCF_TYPE=portblock > -OCF_RESOURCE_INSTANCE=${OCF_TYPE}_$1_$2 > +OCF_RESOURCE_INSTANCE=${OCF_TYPE}_$1_$2_$3 > export OCF_TYPE OCF_RESOURCE_INSTANCE > > ra_execocf $4 > _______________________________________________________ > Linux-HA-Dev: [email protected] > http://lists.linux-ha.org/mailman/listinfo/linux-ha-dev > Home Page: http://linux-ha.org/ _______________________________________________________ Linux-HA-Dev: [email protected] http://lists.linux-ha.org/mailman/listinfo/linux-ha-dev Home Page: http://linux-ha.org/
