functions.m4: New function for arranging that an ipset exists.

[firewall] / functions.m4

diff --git a/functions.m4 b/functions.m4
index fd24364..05decbf 100644 (file)
--- a/functions.m4
+++ b/functions.m4
@@ -89,6 +89,19 @@ clearchain () {
   done
 }
 
+## makeset SET TYPE [PARAMS]
+##
+## Ensure that the named ipset exists.  Don't clear it.
+makeset () {
+  set -e
+  name=$1; shift
+  if ipset -nL | grep -q "^Name: $name$"; then
+    :
+  else
+    ipset -N "$name" "$@"
+  fi
+}
+
 ## errorchain CHAIN ACTION ARGS ...
 ##
 ## Make a chain which logs a message and then invokes some other action,