#include "rules.h"
-static struct fw3_option rule_opts[] = {
+const struct fw3_option fw3_rule_opts[] = {
FW3_OPT("name", string, rule, name),
FW3_OPT("family", family, rule, family),
FW3_OPT("limit_burst", int, rule, limit.burst),
FW3_OPT("target", target, rule, target),
+
+ { }
};
INIT_LIST_HEAD(&rule->icmp_type);
- fw3_parse_options(rule, rule_opts, ARRAY_SIZE(rule_opts), s);
+ fw3_parse_options(rule, fw3_rule_opts, s);
if (rule->src.invert || rule->dest.invert)
{
continue;
}
else if (rule->src.set && !rule->src.any &&
- !(rule->_src = fw3_lookup_zone(state, rule->src.name)))
+ !(rule->_src = fw3_lookup_zone(state, rule->src.name, false)))
{
warn_elem(e, "refers to not existing zone '%s'", rule->src.name);
fw3_free_rule(rule);
continue;
}
else if (rule->dest.set && !rule->dest.any &&
- !(rule->_dest = fw3_lookup_zone(state, rule->dest.name)))
+ !(rule->_dest = fw3_lookup_zone(state, rule->dest.name, false)))
{
warn_elem(e, "refers to not existing zone '%s'", rule->dest.name);
fw3_free_rule(rule);
continue;
}
else if (rule->ipset.set && !rule->ipset.any &&
- !(rule->_ipset = fw3_lookup_ipset(state, rule->ipset.name)))
+ !(rule->_ipset = fw3_lookup_ipset(state, rule->ipset.name, false)))
{
warn_elem(e, "refers to unknown ipset '%s'", rule->ipset.name);
fw3_free_rule(rule);
list_for_each_entry(rule, &state->rules, list)
expand_rule(table, family, rule, num++);
}
-
-void
-fw3_free_rule(struct fw3_rule *rule)
-{
- fw3_free_list(&rule->proto);
-
- fw3_free_list(&rule->ip_src);
- fw3_free_list(&rule->mac_src);
- fw3_free_list(&rule->port_dest);
-
- fw3_free_list(&rule->ip_dest);
- fw3_free_list(&rule->port_dest);
-
- fw3_free_list(&rule->icmp_type);
-
- free(rule);
-}
projects / project / firewall3.git / blobdiff