Make nat reflection src address configurable by introducing a reflection_src paramete...
[project/firewall3.git] / options.c
index ff9a964..5c529b3 100644 (file)
--- a/options.c
+++ b/options.c
@@ -40,7 +40,7 @@ parse_enum(void *ptr, const char *val, const char **values, int min, int max)
 }
 
 
-const char *fw3_flag_names[FW3_DEFAULT_DROP_INVALID + 1] = {
+const char *fw3_flag_names[__FW3_FLAG_MAX] = {
        "filter",
        "nat",
        "mangle",
@@ -55,6 +55,10 @@ const char *fw3_flag_names[FW3_DEFAULT_DROP_INVALID + 1] = {
        "NOTRACK",
        "DNAT",
        "SNAT",
+
+       "ACCEPT",
+       "REJECT",
+       "DROP",
 };
 
 static const char *limit_units[] = {
@@ -93,6 +97,11 @@ static const char *include_types[] = {
        "restore",
 };
 
+static const char *reflection_sources[] = {
+       "internal",
+       "external",
+};
+
 
 bool
 fw3_parse_bool(void *ptr, const char *val)
@@ -128,8 +137,8 @@ fw3_parse_string(void *ptr, const char *val)
 bool
 fw3_parse_target(void *ptr, const char *val)
 {
-       return parse_enum(ptr, val, &fw3_flag_names[FW3_TARGET_ACCEPT],
-                         FW3_TARGET_ACCEPT, FW3_TARGET_SNAT);
+       return parse_enum(ptr, val, &fw3_flag_names[FW3_FLAG_ACCEPT],
+                         FW3_FLAG_ACCEPT, FW3_FLAG_SNAT);
 }
 
 bool
@@ -636,7 +645,7 @@ fw3_parse_monthdays(void *ptr, const char *val)
        if (!(s = strdup(val)))
                return false;
 
-       for (p = strtok((char *)val, " \t"); p; p = strtok(NULL, " \t"))
+       for (p = strtok(s, " \t"); p; p = strtok(NULL, " \t"))
        {
                d = strtoul(p, &p, 10);
 
@@ -660,12 +669,19 @@ fw3_parse_include_type(void *ptr, const char *val)
                          FW3_INC_TYPE_SCRIPT, FW3_INC_TYPE_RESTORE);
 }
 
+bool
+fw3_parse_reflection_source(void *ptr, const char *val)
+{
+       return parse_enum(ptr, val, reflection_sources,
+                         FW3_REFLECTION_INTERNAL, FW3_REFLECTION_EXTERNAL);
+}
+
 
 void
 fw3_parse_options(void *s, const struct fw3_option *opts,
                   struct uci_section *section)
 {
-       char *p;
+       char *p, *v;
        bool known;
        struct uci_element *e, *l;
        struct uci_option *o;
@@ -720,9 +736,15 @@ fw3_parse_options(void *s, const struct fw3_option *opts,
                        }
                        else
                        {
-                               if (!o->v.string)
+                               v = o->v.string;
+
+                               if (!v)
                                        continue;
 
+                               /* protocol "tcpudp" compatibility hack */
+                               if (opt->parse == fw3_parse_protocol && !strcmp(v, "tcpudp"))
+                                       v = strdup("tcp udp");
+
                                if (!opt->elem_size)
                                {
                                        if (!opt->parse((char *)s + opt->offset, o->v.string))
@@ -730,9 +752,7 @@ fw3_parse_options(void *s, const struct fw3_option *opts,
                                }
                                else
                                {
-                                       for (p = strtok(o->v.string, " \t");
-                                            p != NULL;
-                                            p = strtok(NULL, " \t"))
+                                       for (p = strtok(v, " \t"); p != NULL; p = strtok(NULL, " \t"))
                                        {
                                                item = malloc(opt->elem_size);
 
@@ -752,6 +772,9 @@ fw3_parse_options(void *s, const struct fw3_option *opts,
                                                list_add_tail(item, dest);
                                        }
                                }
+
+                               if (v != o->v.string)
+                                       free(v);
                        }
 
                        known = true;