hostmngr: read access control schedule from schedules

* The Schedule object is deprecated in 2.18 and ScheduleRef is introduced,
update script to generate rules accordingly.
* Some shell script improvements.

hostmngr/files/scripts/hosts_acl.sh

@@ -114,16 +114,16 @@ ip_rule_east_zone() {
 
 add_access_rule() {
 	local rule="$1"
-	echo "iptables -w -A hosts_forward ${rule}" >> $ACL_FILE
-	echo "ip6tables -w -A hosts_forward ${rule}" >> $ACL_FILE
+	echo "iptables -w -A hosts_forward ${rule}" >> "$ACL_FILE"
+	echo "ip6tables -w -A hosts_forward ${rule}" >> "$ACL_FILE"
 }
 
 handle_day_list() {
 	local value=$1
 
-	val=$(echo $value | cut -c 1-3)
-	next_day_val=$(get_next_day $val)
-	prev_day_val=$(get_previous_day $val)
+	val=$(echo "$value" | cut -c 1-3)
+	next_day_val=$(get_next_day "$val")
+	prev_day_val=$(get_previous_day "$val")
 	if [ -z $day ]; then
 		day="$val"
 		next_days="$next_day_val"
@@ -137,8 +137,6 @@ handle_day_list() {
 
 handle_schedule() {
 	local schd_section="$1"
-	local ac_section="$2"
-	local acs_id
 	local start_time
 	local duration
 
@@ -148,11 +146,7 @@ handle_schedule() {
 	next_days=""
 	prev_days=""
 
-	config_get acs_id "$schd_section" "dm_parent"
-
-	if [ "$acs_id" != "$ac_section" ]; then
-		return # schedule not for this access control section
-	fi
+	config_load schedules
 
 	local is_enabled
 	config_get is_enabled "$schd_section" "enable" 0
@@ -166,7 +160,7 @@ handle_schedule() {
 
 	IFS=" "
 	for d in $day_config; do
-		handle_day_list $d
+		handle_day_list "$d"
 	done
 
 	config_get start_time "$schd_section" "start_time" "00:00"
@@ -174,8 +168,8 @@ handle_schedule() {
 
 	zone=$(date +%z | cut -c 1)
 	local_start_time=$start_time
-	hh=$(echo $local_start_time | awk -F: '{ print $1 }')
-	mm=$(echo $local_start_time | awk -F: '{ print $2 }')
+	hh=$(echo "$local_start_time" | awk -F: '{ print $1 }')
+	mm=$(echo "$local_start_time" | awk -F: '{ print $2 }')
 	hh_s=`expr $hh \* 3600`
 	mm_s=`expr $mm \* 60`
 	ss=$(( hh_s + mm_s ))
@@ -197,12 +191,12 @@ handle_schedule() {
 
 	utc_start_time=$(date -u -d @$(date "+%s" -d "$local_start_time") +%H:%M)
 	utc_stop_time=$(date -u -d @$(date "+%s" -d "$local_stop_time") +%H:%M)
-	utc_start_hh=$(echo $utc_start_time | awk -F: '{ print $1 }')
-	utc_stop_hh=$(echo $utc_stop_time | awk -F: '{ print $1 }')
+	utc_start_hh=$(echo "$utc_start_time" | awk -F: '{ print $1 }')
+	utc_stop_hh=$(echo "$utc_stop_time" | awk -F: '{ print $1 }')
 	if [ "$zone" == "-" ]; then
-		ip_rule_west_zone $utc_start_hh $utc_stop_hh $local_start_hh $local_stop_hh $utc_start_time $utc_stop_time
+		ip_rule_west_zone "$utc_start_hh" "$utc_stop_hh" "$local_start_hh" "$local_stop_hh" "$utc_start_time" "$utc_stop_time"
 	else
-		ip_rule_east_zone $utc_start_hh $utc_stop_hh $local_start_hh $local_stop_hh $utc_start_time $utc_stop_time
+		ip_rule_east_zone "$utc_start_hh" "$utc_stop_hh" "$local_start_hh" "$local_stop_hh" "$utc_start_time" "$utc_stop_time"
 	fi
 
 	IP_RULE="$IP_RULE -j ACCEPT"
@@ -258,7 +252,7 @@ handle_access_control() {
 	schedule_added="0"
 	# check if schedule is defined for this access_control instance
 	# and if yes, create rule accordingly
-	config_foreach handle_schedule  ac_schedule "$ac_section"
+	config_list_foreach "$ac_section" access_control_schedule handle_schedule
 
 	# for access rule to work, need to have default drop rule as last rule
 	if [ "$schedule_added" == "1" ]; then