wgctl/commands/activity/show.sh
Nuno Duque Nunes a559b73e8e feat: new flag::define syntax, flag::set_constraint
- flag::define: variadic constraint args (key:value) instead of bracket string
- flag::_parse_constraints_from_args: replaces flag::_parse_and_cache
- flag::set_constraint: Option B syntax for post-definition constraints
- choices separator: comma (choices:split,full) — no quoting needed
- guard against empty _CURRENT_COMMAND in exclusive groups lookup
- migrate all commands to new constraint syntax
- add helpful error for unknown constraint args
2026-05-31 00:16:55 +00:00

71 lines
No EOL
2.9 KiB
Bash

#!/usr/bin/env bash
# commands/activity/show.sh
function cmd::activity::show::on_load() {
command::mixin json_output [section="Output"]
help::section "Filters"
flag::define --peer value "Filter by peer name" label:name section:Filters
flag::define --type value "Filter by device type" label:type section:Filters
flag::define --service value "Filter by service" label:service section:Filters
flag::define --ip value "Filter by destination IP" label:ip section:Filters
flag::define --hours value "Hours to look back" default:24 type:int min:0 section:Filters
flag::define --exclude-service[] "Exclude service from output" label:service section:Filters
flag::define --include-service[] "Override excluded service" label:service section:Filters
help::section "Display"
flag::define --accept bool "Show only accepted traffic" section:Display
flag::define --drop bool "Show only firewall drops" section:Display
flag::define --external bool "Show only external traffic" section:Display
flag::define --ports bool "Show raw IP:port annotations" section:Display
flag::exclusive --accept --drop
}
function cmd::activity::show::run() {
flag::parse "$@" || return 1
local filter_peer; filter_peer=$(flag::value --peer)
local filter_service; filter_service=$(flag::value --service)
local filter_ip; filter_ip=$(flag::value --ip)
local filter_type; filter_type=$(flag::value --type)
local hours; hours=$(flag::value --hours)
local accept_only=false drop_only=false external_only=false show_ports=false
flag::bool --accept && accept_only=true
flag::bool --drop && drop_only=true
flag::bool --external && external_only=true
flag::bool --ports && show_ports=true
# Build exclusion list — remove any --include-service entries
local -a exclude_services=() include_services=()
while IFS= read -r svc; do
[[ -n "$svc" ]] && exclude_services+=("$svc")
done < <(flag::array --exclude-service)
while IFS= read -r svc; do
[[ -n "$svc" ]] && include_services+=("$svc")
done < <(flag::array --include-service)
local -a final_excludes=()
for svc in "${exclude_services[@]:-}"; do
local included=false
for inc in "${include_services[@]:-}"; do
[[ "$svc" == "$inc" ]] && included=true && break
done
$included || final_excludes+=("$svc")
done
local exclude_str=""
[[ ${#final_excludes[@]} -gt 0 ]] && \
exclude_str=$(IFS=' '; echo "${final_excludes[*]}")
if command::json; then
cmd::activity::_output_json "$hours"
return 0
fi
cmd::activity::_impl \
"$filter_peer" "$filter_service" "$filter_ip" "$filter_type" \
"$hours" "$accept_only" "$drop_only" "$external_only" \
"$show_ports" "$exclude_str"
}