X-Git-Url: http://git.archive.openwrt.org/?a=blobdiff_plain;f=main.c;h=58975882308aee80da2da69d67a0d617c0cc5b3f;hb=35d57952d708007f5a08a72421fe55e775e3fd0f;hp=fd6140a5f4b2ab2c001bcced16b92a4a68fbbfdc;hpb=b3c483a8cdeb2c537c3acf70f56865e5f30cfcfc;p=project%2Ffirewall3.git

diff --git a/main.c b/main.c
index fd6140a..5897588 100644
--- a/main.c
+++ b/main.c
@@ -214,13 +214,7 @@ stop(bool complete)
 	}
 
 	if (run_state)
-	{
-		if (fw3_command_pipe(false, "ipset", "-exist", "-"))
-		{
-			fw3_destroy_ipsets(run_state);
-			fw3_command_close();
-		}
-	}
+		fw3_destroy_ipsets(run_state);
 
 	if (complete && (ct = fopen("/proc/net/nf_conntrack", "w")) != NULL)
 	{
@@ -245,13 +239,7 @@ start(void)
 	struct fw3_ipt_handle *handle;
 
 	if (!print_family)
-	{
-		if (fw3_command_pipe(false, "ipset", "-exist", "-"))
-		{
-			fw3_create_ipsets(cfg_state);
-			fw3_command_close();
-		}
-	}
+		fw3_create_ipsets(cfg_state);
 
 	for (family = FW3_FAMILY_V4; family <= FW3_FAMILY_V6; family++)
 	{
@@ -294,7 +282,8 @@ start(void)
 				fw3_ipt_commit(handle);
 		}
 
-		//fw3_print_includes(cfg_state, family, false);
+		if (!print_family)
+			fw3_print_includes(cfg_state, family, false);
 
 		family_set(run_state, family, true);
 		family_set(cfg_state, family, true);
@@ -326,8 +315,10 @@ reload(void)
 	enum fw3_table table;
 	struct fw3_ipt_handle *handle;
 
-	if (!print_family && run_state)
-		fw3_hotplug_zones(run_state, false);
+	if (!run_state)
+		return start();
+
+	fw3_hotplug_zones(run_state, false);
 
 	for (family = FW3_FAMILY_V4; family <= FW3_FAMILY_V6; family++)
 	{
@@ -345,12 +336,8 @@ reload(void)
 			info(" * Clearing %s %s table",
 			     fw3_flag_names[family], fw3_flag_names[table]);
 
-			if (run_state)
-			{
-				fw3_flush_rules(handle, run_state, true);
-				fw3_flush_zones(handle, run_state, true);
-			}
-
+			fw3_flush_rules(handle, run_state, true);
+			fw3_flush_zones(handle, run_state, true);
 			fw3_ipt_commit(handle);
 		}
 
@@ -384,7 +371,7 @@ start:
 			fw3_ipt_commit(handle);
 		}
 
-		//fw3_print_includes(cfg_state, family, true);
+		fw3_print_includes(cfg_state, family, true);
 
 		family_set(run_state, family, true);
 		family_set(cfg_state, family, true);
@@ -395,13 +382,9 @@ start:
 	if (!rv)
 	{
 		fw3_set_defaults(cfg_state);
-
-		if (!print_family)
-		{
-			fw3_run_includes(cfg_state, true);
-			fw3_hotplug_zones(cfg_state, true);
-			fw3_write_statefile(cfg_state);
-		}
+		fw3_run_includes(cfg_state, true);
+		fw3_hotplug_zones(cfg_state, true);
+		fw3_write_statefile(cfg_state);
 	}
 
 	return rv;
@@ -464,6 +447,7 @@ usage(void)
 int main(int argc, char **argv)
 {
 	int ch, rv = 1;
+	enum fw3_family family = FW3_FAMILY_ANY;
 	struct fw3_defaults *defs = NULL;
 
 	while ((ch = getopt(argc, argv, "46dqh")) != -1)
@@ -471,11 +455,11 @@ int main(int argc, char **argv)
 		switch (ch)
 		{
 		case '4':
-			print_family = FW3_FAMILY_V4;
+			family = FW3_FAMILY_V4;
 			break;
 
 		case '6':
-			print_family = FW3_FAMILY_V6;
+			family = FW3_FAMILY_V6;
 			break;
 
 		case 'd':
@@ -504,14 +488,15 @@ int main(int argc, char **argv)
 
 	if (!strcmp(argv[optind], "print"))
 	{
-		if (print_family == FW3_FAMILY_ANY)
-			print_family = FW3_FAMILY_V4;
-		else if (print_family == FW3_FAMILY_V6 && defs->disable_ipv6)
+		if (family == FW3_FAMILY_ANY)
+			family = FW3_FAMILY_V4;
+		else if (family == FW3_FAMILY_V6 && defs->disable_ipv6)
 			warn("IPv6 rules globally disabled in configuration");
 
 		freopen("/dev/null", "w", stderr);
 
 		cfg_state->disable_ipsets = true;
+		print_family = family;
 		fw3_pr_debug = true;
 
 		rv = start();