/*
* firewall3 - 3rd OpenWrt UCI firewall implementation
*
- * Copyright (C) 2013 Jo-Philipp Wich <jow@openwrt.org>
+ * Copyright (C) 2013 Jo-Philipp Wich <jo@mein.io>
*
* Permission to use, copy, modify, and/or distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
if (strcmp(s->type, "forwarding"))
continue;
- forward = malloc(sizeof(*forward));
-
+ forward = calloc(1, sizeof(*forward));
if (!forward)
continue;
- memset(forward, 0, sizeof(*forward));
-
forward->enabled = true;
- fw3_parse_options(forward, fw3_forward_opts, s);
+ if (!fw3_parse_options(forward, fw3_forward_opts, s))
+ warn_elem(e, "has invalid options");
if (!forward->enabled)
{
continue;
}
+ list_add_tail(&forward->list, &state->forwards);
+ continue;
+ }
+
+ list_for_each_entry(forward, &state->forwards, list)
+ {
/* NB: forward family... */
if (forward->_dest)
{
- setbit(forward->_dest->flags[0], FW3_FLAG_ACCEPT);
- setbit(forward->_dest->flags[1], FW3_FLAG_ACCEPT);
-
- if (forward->_src &&
- (forward->_src->conntrack || forward->_dest->conntrack))
- {
- forward->_src->conntrack = forward->_dest->conntrack = true;
- }
+ fw3_setbit(forward->_dest->flags[0], FW3_FLAG_ACCEPT);
+ fw3_setbit(forward->_dest->flags[1], FW3_FLAG_ACCEPT);
}
-
- list_add_tail(&forward->list, &state->forwards);
- continue;
}
}
append_chain(struct fw3_ipt_rule *r, struct fw3_forward *forward)
{
if (forward->src.any || !forward->src.set)
- fw3_ipt_rule_append(r, "delegate_forward");
+ fw3_ipt_rule_append(r, "FORWARD");
else
fw3_ipt_rule_append(r, "zone_%s_forward", forward->src.name);
}
projects / project / firewall3.git / blobdiff