signal(SIGPIPE, SIG_IGN);
pipe_pid = pid;
close(pfds[0]);
+ fcntl(pfds[1], F_SETFD, fcntl(pfds[1], F_GETFD) | FD_CLOEXEC);
}
pipe_fd = fdopen(pfds[1], "w");
zone->name = strdup(name);
list_add_tail(&zone->list, &s->zones);
+
+ setbit(flags[0], FW3_FLAG_DELETED);
}
zone->flags[0] = flags[0];
ipset->name = strdup(name);
list_add_tail(&ipset->list, &s->ipsets);
+
+ setbit(flags[0], FW3_FLAG_DELETED);
}
ipset->flags[0] = flags[0];
list_for_each_entry(z, &s->running_zones, running_list)
{
+ if (hasbit(z->flags[0], FW3_FLAG_DELETED))
+ continue;
+
if (fw3_no_table(z->flags[0]) && fw3_no_table(z->flags[1]))
continue;
list_for_each_entry(i, &s->running_ipsets, running_list)
{
+ if (hasbit(z->flags[0], FW3_FLAG_DELETED))
+ continue;
+
if (!fw3_no_family(i->flags[0]) || !fw3_no_family(i->flags[1]))
{
fprintf(sf, "%x %s %x %x\n",
return rv;
}
+
+
+bool
+fw3_hotplug(bool add, void *zone, void *device)
+{
+ struct fw3_zone *z = zone;
+ struct fw3_device *d = device;
+
+ if (!d->network)
+ return false;
+
+ switch (fork())
+ {
+ case -1:
+ warn("Unable to fork(): %s\n", strerror(errno));
+ return false;
+
+ case 0:
+ break;
+
+ default:
+ return true;
+ }
+
+ close(0);
+ close(1);
+ close(2);
+ chdir("/");
+
+ clearenv();
+ setenv("ACTION", add ? "add" : "remove", 1);
+ setenv("ZONE", z->name, 1);
+ setenv("INTERFACE", d->network->name, 1);
+ setenv("DEVICE", d->name, 1);
+
+ execl(FW3_HOTPLUG, FW3_HOTPLUG, "firewall", NULL);
+
+ /* unreached */
+ return false;
+}
projects / project / firewall3.git / blobdiff