projects / project / firewall3.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
zones: add interface/subnet bound LOG rules
[project/firewall3.git] / iptables.c
diff --git a/iptables.c b/iptables.c
index d848239..f8d4d46 100644 (file)
--- a/iptables.c
+++ b/iptables.c
@@ -1026,6 +1026,16 @@ fw3_ipt_rule_ipset(struct fw3_ipt_rule *r, struct fw3_setmatch *match)
 }
 
 void
+fw3_ipt_rule_helper(struct fw3_ipt_rule *r, struct fw3_cthelpermatch *match)
+{
+       if (!match || !match->set || !match->ptr)
+               return;
+
+       fw3_ipt_rule_addarg(r, false, "-m", "helper");
+       fw3_ipt_rule_addarg(r, match->invert, "--helper", match->ptr->name);
+}
+
+void
 fw3_ipt_rule_time(struct fw3_ipt_rule *r, struct fw3_time *time)
 {
        int i;
@@ -1413,7 +1423,7 @@ rule_mask(struct fw3_ipt_rule *r)
                        p += SZ(ip6t_entry_match) + m->match->size;
                }
 
-               memset(p, 0xFF, SZ(ip6t_entry_target) + (r->target) ? r->target->userspacesize : 0);
+               memset(p, 0xFF, SZ(ip6t_entry_target) + (r->target ? r->target->userspacesize : 0));
        }
        else
 #endif
@@ -1437,7 +1447,7 @@ rule_mask(struct fw3_ipt_rule *r)
                        p += SZ(ipt_entry_match) + m->match->size;
                }
 
-               memset(p, 0xFF, SZ(ipt_entry_target) + (r->target) ? r->target->userspacesize : 0);
+               memset(p, 0xFF, SZ(ipt_entry_target) + (r->target ? r->target->userspacesize : 0));
        }
 
        return mask;
OpenWrt firewall configuration utility