zones: add interface/subnet bound LOG rules

[project/firewall3.git] / main.c

diff --git a/main.c b/main.c
index 241da62..1410fef 100644 (file)
--- a/main.c
+++ b/main.c
@@ -1,7 +1,7 @@
 /*
  * firewall3 - 3rd OpenWrt UCI firewall implementation
  *
- *   Copyright (C) 2013-2014 Jo-Philipp Wich <jow@openwrt.org>
+ *   Copyright (C) 2013-2014 Jo-Philipp Wich <jo@mein.io>
  *
  * Permission to use, copy, modify, and/or distribute this software for any
  * purpose with or without fee is hereby granted, provided that the above
@@ -30,6 +30,7 @@
 #include "includes.h"
 #include "ubus.h"
 #include "iptables.h"
+#include "helpers.h"
 
 
 static enum fw3_family print_family = FW3_FAMILY_ANY;
@@ -79,7 +80,7 @@ build_state(bool runtime)
        else
        {
                if (!fw3_ubus_connect())
-                       error("Failed to connect to ubus");
+                       warn("Failed to connect to ubus");
 
                if (uci_load(state->uci, "firewall", &p))
                {
@@ -101,13 +102,14 @@ build_state(bool runtime)
        fw3_ubus_rules(&b);
 
        fw3_load_defaults(state, p);
-       fw3_load_ipsets(state, p);
+       fw3_load_cthelpers(state, p);
+       fw3_load_ipsets(state, p, b.head);
        fw3_load_zones(state, p);
        fw3_load_rules(state, p, b.head);
-       fw3_load_redirects(state, p);
+       fw3_load_redirects(state, p, b.head);
        fw3_load_snats(state, p, b.head);
-       fw3_load_forwards(state, p);
-       fw3_load_includes(state, p);
+       fw3_load_forwards(state, p, b.head);
+       fw3_load_includes(state, p, b.head);
 
        return true;
 }
@@ -138,6 +140,9 @@ free_state(struct fw3_state *state)
        list_for_each_safe(cur, tmp, &state->includes)
                fw3_free_include((struct fw3_include *)cur);
 
+       list_for_each_safe(cur, tmp, &state->cthelpers)
+               fw3_free_cthelper((struct fw3_cthelper *)cur);
+
        uci_free_context(state->uci);
 
        free(state);