From 11f84a9f7ba8f061db13853d641b4dfb497ddc5c Mon Sep 17 00:00:00 2001
From: Jeremy Lecour <jlecour@evolix.fr>
Date: Wed, 8 Apr 2020 18:35:09 +0200
Subject: [PATCH] Emit a warning if no firewall file is configured

---
 lib/bkctld-firewall | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/lib/bkctld-firewall b/lib/bkctld-firewall
index 4db229d..c4f2a09 100755
--- a/lib/bkctld-firewall
+++ b/lib/bkctld-firewall
@@ -23,13 +23,18 @@ iptables_input_accept() {
 }
 
 if [ -n "${FIREWALL_RULES}" ]; then
+    # remove existing rules for this jail
     [ -f "${FIREWALL_RULES}" ] && sed -i "/#${jail_name}$/d" "${FIREWALL_RULES}"
     if [ -d "${jail_path}" ]; then
         port=$("${LIBDIR}/bkctld-port" "${jail_name}")
+        # Add a rule for each IP
         for ip in $("${LIBDIR}/bkctld-ip" "${jail_name}"); do
             iptables_input_accept "${jail_name}" "${port}" "${ip}" >> "${FIREWALL_RULES}"
         done
+        # Restart the firewall
         [ -f /etc/init.d/minifirewall ] && /etc/init.d/minifirewall restart >/dev/null
     fi
     notice "${jail_name}: firewall rules have been updated."
+else
+    warning "${jail_name}: skipping firewall update, FIREWALL_RULES variable is empty."
 fi