205. PortRanges
Prev   Next

205. PortRanges

Checking and manipulation with port ranges (iptables).

205.1. Authors

  • Lukas Ocilka <locilka@suse.cz>

  • $id$

  • Module for handling port ranges.

205.2. Summary of Module Globals

List of Global Functions

  • CreateNewPortRange - Function creates a port range from min and max params. Max must be bigger than min. If something is wrong, it returns an empty string.

  • DividePortsAndPortRanges - Function divides list of ports to the map of ports and port ranges. If with_aliases is 'true' it also returns ports wit their port aliases. Port ranges are not affected with it.

  • FlattenServices - Function tries to flatten services into the minimal list. If ports are already mentioned inside port ranges, they are dropped.

  • IsPortRange - Function returns where the string parameter is a port range. Port ranges are defined by the syntax "min_port_number:max_port_number". Port range means that these maximum and minimum ports define the range of currency in Firewall. Ports defining the range are included in it. This function doesn't check whether the port range is valid or not.

  • IsValidPortRange - Checks whether the port range is valid.

  • PortIsInPortranges - Function returns where the port name or port number is included in the list of port ranges. Port ranges must be defined as a string with format "min_port_number:max_port_number".

  • RemovePortFromPortRanges - Function removes port number from all port ranges. Port must be in its numeric form.

List of Global Variables

  • max_port_number - Maximal number of port number, they are in the interval 1-65535 included. The very same value should appear in SuSEFirewall::max_port_number.

205.3. Global Functions

205.3.1. CreateNewPortRange

Function creates a port range from min and max params. Max must be bigger than min. If something is wrong, it returns an empty string.

Function parameters

  • integer min_pr

  • integer max_pr

Return value

  • string - new port range

205.3.2. DividePortsAndPortRanges

Function divides list of ports to the map of ports and port ranges. If with_aliases is 'true' it also returns ports wit their port aliases. Port ranges are not affected with it.

Function parameters

  • list <string> unsorted_ports

  • boolean with_aliases

Return value

  • map <string, list <string> > - <map <string, list <string> > > of divided ports

Returns $[
    "ports" : [ list of ports ],
    "port_ranges" : [ list of port ranges ],
 ]

205.3.3. FlattenServices

Function tries to flatten services into the minimal list. If ports are already mentioned inside port ranges, they are dropped.

Function parameters

  • list <string> old_list

  • string protocol

Return value

  • list <string> - of flattened services and port ranges

205.3.4. IsPortRange

Function returns where the string parameter is a port range. Port ranges are defined by the syntax "min_port_number:max_port_number". Port range means that these maximum and minimum ports define the range of currency in Firewall. Ports defining the range are included in it. This function doesn't check whether the port range is valid or not.

Function parameters

  • string check_this

Return value

  • boolean - whether the checked string is a port range or not

Example 78. 

     IsPortRange("34:38")      -> true
     IsPortRange("0:38")       -> true
     IsPortRange("port-range") -> false
     IsPortRange("19-22")      -> false


See also:

  • IsValidPortRange()

205.3.5. IsValidPortRange

Checks whether the port range is valid.

Function parameters

  • string port_range

Return value

  • boolean - if it is valid

Example 79. 

     IsValidPortRange("54:135") -> true  // valid
     IsValidPortRange("135:54") -> false // reverse order
     IsValidPortRange("0:135")  -> false // cannot be from 0
     IsValidPortRange("135")    -> false // cannot be one number
     IsValidPortRange("54-135") -> false // wrong separator


See also:

  • IsPortRange()

205.3.6. PortIsInPortranges

Function returns where the port name or port number is included in the list of port ranges. Port ranges must be defined as a string with format "min_port_number:max_port_number".

Function parameters

  • string port

  • list <string> port_ranges

Return value

  • boolean

Example 80. 

     PortIsInPortranges ("130",  ["100:150","10:30"]) -> true
     PortIsInPortranges ("30",   ["100:150","10:20"]) -> false
     PortIsInPortranges ("pop3", ["100:150","10:30"]) -> true
     PortIsInPortranges ("http", ["100:150","10:20"]) -> false


205.3.7. RemovePortFromPortRanges

Function removes port number from all port ranges. Port must be in its numeric form.

Function parameters

  • integer port_number

  • list <string> port_ranges

Return value

  • list <string> - of filtered port_ranges

Example 81. 

     RemovePortFromPortRanges(25, ["19-88", "152-160"]) -> ["19-24", "26-88", "152-160"]


See also:

  • PortAliases::GetPortNumber()

205.4. Global Variables

205.4.1. max_port_number

Maximal number of port number, they are in the interval 1-65535 included. The very same value should appear in SuSEFirewall::max_port_number.

205.5. Module Requirements

205.5.1. Module Imports

  • PortAliases

205.5.2. Module Includes

    Prev   Next
    204. PortAliases Home 206. PowerManagement