introduce support for ip ranges

[project/firewall3.git] / options.h

diff --git a/options.h b/options.h
index ea5082d..f62f0de 100644 (file)
--- a/options.h
+++ b/options.h
@@ -79,6 +79,9 @@ enum fw3_default
        FW3_DEFAULT_DROP_INVALID  = 15,
 };
 
+extern const char *fw3_flag_names[FW3_DEFAULT_DROP_INVALID + 1];
+
+
 enum fw3_limit_unit
 {
        FW3_LIMIT_UNIT_SECOND = 0,
@@ -127,6 +130,7 @@ struct fw3_address
        struct list_head list;
 
        bool set;
+       bool range;
        bool invert;
        enum fw3_family family;
        int mask;
@@ -135,6 +139,11 @@ struct fw3_address
                struct in6_addr v6;
                struct ether_addr mac;
        } address;
+       union {
+               struct in_addr v4;
+               struct in6_addr v6;
+               struct ether_addr mac;
+       } address2;
 };
 
 struct fw3_mac
@@ -216,6 +225,7 @@ struct fw3_defaults
 struct fw3_zone
 {
        struct list_head list;
+       struct list_head running_list;
 
        const char *name;
 
@@ -337,6 +347,7 @@ struct fw3_forward
 struct fw3_ipset
 {
        struct list_head list;
+       struct list_head running_list;
 
        const char *name;
        enum fw3_family family;
@@ -368,7 +379,12 @@ struct fw3_state
        struct list_head forwards;
        struct list_head ipsets;
 
+       struct fw3_defaults running_defaults;
+       struct list_head running_zones;
+       struct list_head running_ipsets;
+
        bool disable_ipsets;
+       bool statefile;
 };
 
 
@@ -403,7 +419,7 @@ bool fw3_parse_protocol(void *ptr, const char *val);
 bool fw3_parse_ipset_method(void *ptr, const char *val);
 bool fw3_parse_ipset_datatype(void *ptr, const char *val);
 
-void fw3_parse_options(void *s, struct fw3_option *opts, int n,
+void fw3_parse_options(void *s, const struct fw3_option *opts,
                        struct uci_section *section);
 
 void fw3_format_in_out(struct fw3_device *in, struct fw3_device *out);