rework runtime state tracking

[project/firewall3.git] / utils.c

diff --git a/utils.c b/utils.c
index a5d0082..c9ca206 100644 (file)
--- a/utils.c
+++ b/utils.c
@@ -19,6 +19,10 @@
 #include "utils.h"
 #include "options.h"
 
+#include "zones.h"
+#include "ipsets.h"
+
+
 static int lock_fd = -1;
 static pid_t pipe_pid = -1;
 static FILE *pipe_fd = NULL;
@@ -332,20 +336,112 @@ fw3_unlock(void)
 }
 
 
-bool fw3_has_state(void)
+bool
+fw3_read_statefile(void *state)
 {
-       struct stat s;
-       return !stat(FW3_STATEFILE, &s);
+       FILE *sf;
+
+       int n, type;
+       char line[128];
+       const char *p, *name;
+
+       uint16_t flags[2];
+
+       struct fw3_state *s = state;
+       struct fw3_zone *zone;
+       struct fw3_ipset *ipset;
+
+       sf = fopen(FW3_STATEFILE, "r");
+
+       if (!sf)
+               return false;
+
+       while (fgets(line, sizeof(line), sf))
+       {
+               p = strtok(line, " \t\n");
+
+               if (!p)
+                       continue;
+
+               type = strtoul(p, NULL, 10);
+               name = strtok(NULL, " \t\n");
+
+               if (!name)
+                       continue;
+
+               for (n = 0, p = strtok(NULL, " \t\n");
+                    n < ARRAY_SIZE(flags) && p != NULL;
+                    n++, p = strtok(NULL, " \t\n"))
+               {
+                       flags[n] = strtoul(p, NULL, 10);
+               }
+
+               switch (type)
+               {
+               case FW3_TYPE_DEFAULTS:
+                       s->running_defaults.flags = flags[0];
+                       break;
+
+               case FW3_TYPE_ZONE:
+                       if (!(zone = fw3_lookup_zone(state, name, false)))
+                       {
+                               zone = fw3_alloc_zone();
+
+                               if (!zone)
+                                       continue;
+
+                               zone->name = strdup(name);
+                               list_add_tail(&zone->list, &s->zones);
+                       }
+
+                       zone->src_flags = flags[0];
+                       zone->dst_flags = flags[1];
+                       list_add_tail(&zone->running_list, &s->running_zones);
+                       break;
+
+               case FW3_TYPE_IPSET:
+                       if (!(ipset = fw3_lookup_ipset(state, name, false)))
+                       {
+                               ipset = fw3_alloc_ipset();
+
+                               if (!ipset)
+                                       continue;
+
+                               ipset->name = strdup(name);
+                               list_add_tail(&ipset->list, &s->ipsets);
+                       }
+
+                       ipset->flags = flags[0];
+                       list_add_tail(&ipset->running_list, &s->running_ipsets);
+                       break;
+               }
+       }
+
+       fclose(sf);
+
+       return true;
 }
 
-void fw3_write_state(void *state)
+void
+fw3_write_statefile(void *state)
 {
        FILE *sf;
-       int n, val;
        struct fw3_state *s = state;
+       struct fw3_defaults *d = &s->defaults;
        struct fw3_zone *z;
        struct fw3_ipset *i;
 
+       int mask = (1 << FW3_FAMILY_V4) | (1 << FW3_FAMILY_V6);
+
+       if (!(d->flags & mask))
+       {
+               if (unlink(FW3_STATEFILE))
+                       warn("Unable to remove state %s: %s",
+                            FW3_STATEFILE, strerror(errno));
+
+               return;
+       }
+
        sf = fopen(FW3_STATEFILE, "w");
 
        if (!sf)
@@ -354,34 +450,36 @@ void fw3_write_state(void *state)
                return;
        }
 
-       list_for_each_entry(z, &s->zones, list)
-       {
-               for (n = FW3_TARGET_ACCEPT, val = 0; n <= FW3_TARGET_SNAT; n++)
-                       if (z->has_src_target[n])
-                               val |= (1 << n);
-
-               fprintf(sf, "zone %s %u", z->name, val);
-
-               for (n = FW3_TARGET_ACCEPT, val = 0; n <= FW3_TARGET_SNAT; n++)
-                       if (z->has_dest_target[n])
-                               val |= (1 << n);
+       fprintf(sf, "%u - %u\n", FW3_TYPE_DEFAULTS, d->flags);
 
-               fprintf(sf, " %u\n", val);
+       list_for_each_entry(z, &s->running_zones, running_list)
+       {
+               fprintf(sf, "%u %s %u %u\n", FW3_TYPE_ZONE,
+                       z->name, z->src_flags, z->dst_flags);
        }
 
-       list_for_each_entry(i, &s->ipsets, list)
+       list_for_each_entry(i, &s->running_ipsets, running_list)
        {
-               if (i->external && *i->external)
-                       continue;
-
-               fprintf(sf, "ipset %s\n", i->name);
+               fprintf(sf, "%u %s %u\n", FW3_TYPE_IPSET, i->name, i->flags);
        }
 
        fclose(sf);
 }
 
-void fw3_remove_state(void)
+
+struct object_list_heads
 {
-       if (unlink(FW3_STATEFILE))
-               warn("Unable to remove state %s: %s", FW3_STATEFILE, strerror(errno));
+       struct list_head list;
+       struct list_head running_list;
+};
+
+void
+fw3_set_running(void *object, struct list_head *dest)
+{
+       struct object_list_heads *o = object;
+
+       if (dest && !o->running_list.next)
+               list_add_tail(&o->running_list, dest);
+       else if (!dest && o->running_list.next)
+               list_del(&o->running_list);
 }