X-Git-Url: http://git.archive.openwrt.org/?a=blobdiff_plain;f=ipsets.c;h=713b34378dd0551c2a1860c120f10438610bd1cb;hb=8875f2d067b84a40731983fd495f3e0e4daa493b;hp=2c397b0853be025bff5532201573dbba9785166f;hpb=e791a6a39a4f06b33fedaefe03a42354f3a85b6d;p=project%2Ffirewall3.git diff --git a/ipsets.c b/ipsets.c index 2c397b0..713b343 100644 --- a/ipsets.c +++ b/ipsets.c @@ -91,15 +91,6 @@ check_types(struct uci_element *e, struct fw3_ipset *ipset) uint32_t typelist = 0; struct fw3_ipset_datatype *type; - const char *methods[] = { - "(bug)", - "bitmap", - "hash", - "list", - }; - - typelist = 0; - list_for_each_entry(type, &ipset->datatypes, list) { if (i >= 3) @@ -121,7 +112,7 @@ check_types(struct uci_element *e, struct fw3_ipset *ipset) ipset->method = ipset_types[i].method; warn_elem(e, "defines no storage method, assuming '%s'", - methods[ipset->method]); + fw3_ipset_method_names[ipset->method]); break; } @@ -216,6 +207,8 @@ fw3_alloc_ipset(void) INIT_LIST_HEAD(&ipset->datatypes); + ipset->enabled = true; + return ipset; } @@ -272,26 +265,8 @@ static void create_ipset(struct fw3_ipset *ipset, struct fw3_state *state) { bool first = true; - char s[INET6_ADDRSTRLEN]; struct fw3_ipset_datatype *type; - struct fw3_address *a; - - const char *methods[] = { - "(bug)", - "bitmap", - "hash", - "list", - }; - - const char *types[] = { - "(bug)", - "ip", - "port", - "mac", - "net", - "set", - }; if (ipset->external && *ipset->external) return; @@ -299,37 +274,17 @@ create_ipset(struct fw3_ipset *ipset, struct fw3_state *state) info(" * Creating ipset %s", ipset->name); first = true; - fw3_pr("create %s %s", ipset->name, methods[ipset->method]); + fw3_pr("create %s %s", ipset->name, fw3_ipset_method_names[ipset->method]); list_for_each_entry(type, &ipset->datatypes, list) { - fw3_pr("%c%s", first ? ':' : ',', types[type->type]); + fw3_pr("%c%s", first ? ':' : ',', fw3_ipset_type_names[type->type]); first = false; } if (ipset->iprange.set) { - a = &ipset->iprange; - - if (!a->range) - { - inet_ntop(a->family == FW3_FAMILY_V4 ? AF_INET : AF_INET6, - &a->address.v6, s, sizeof(s)); - - fw3_pr(" range %s/%u", s, a->mask); - } - else - { - inet_ntop(a->family == FW3_FAMILY_V4 ? AF_INET : AF_INET6, - &a->address.v6, s, sizeof(s)); - - fw3_pr(" range %s", s); - - inet_ntop(a->family == FW3_FAMILY_V4 ? AF_INET : AF_INET6, - &a->address2.v6, s, sizeof(s)); - - fw3_pr("-%s", s); - } + fw3_pr(" range %s", fw3_address_to_string(&ipset->iprange, false)); } else if (ipset->portrange.set) { @@ -353,8 +308,6 @@ create_ipset(struct fw3_ipset *ipset, struct fw3_state *state) fw3_pr(" hashsize %u", ipset->hashsize); fw3_pr("\n"); - - fw3_set_running(ipset, &state->running_ipsets); } void @@ -366,36 +319,29 @@ fw3_create_ipsets(struct fw3_state *state) return; list_for_each_entry(ipset, &state->ipsets, list) - if (!fw3_lookup_ipset(state, ipset->name, true)) - create_ipset(ipset, state); + create_ipset(ipset, state); fw3_pr("quit\n"); } void -fw3_destroy_ipsets(struct fw3_state *state, enum fw3_family family) +fw3_destroy_ipsets(struct fw3_state *state) { - struct fw3_ipset *s, *tmp; + struct fw3_ipset *s; - list_for_each_entry_safe(s, tmp, &state->running_ipsets, running_list) + list_for_each_entry(s, &state->ipsets, list) { - if (hasbit(s->running_flags, family)) - delbit(s->flags, family); - - if (fw3_no_family(s)) - { - info(" * Deleting ipset %s", s->name); + info(" * Deleting ipset %s", s->name); - fw3_pr("flush %s\n", s->name); - fw3_pr("destroy %s\n", s->name); - - fw3_set_running(s, NULL); - } + fw3_pr("flush %s\n", s->name); + fw3_pr("destroy %s\n", s->name); } + + fw3_pr("quit\n"); } struct fw3_ipset * -fw3_lookup_ipset(struct fw3_state *state, const char *name, bool running) +fw3_lookup_ipset(struct fw3_state *state, const char *name) { struct fw3_ipset *s; @@ -407,10 +353,7 @@ fw3_lookup_ipset(struct fw3_state *state, const char *name, bool running) if (strcmp(s->name, name)) continue; - if (!running || s->running_list.next) - return s; - - break; + return s; } return NULL;