if (zone->masq)
{
- setbit(zone->flags[0], FW3_FLAG_SNAT);
+ fw3_setbit(zone->flags[0], FW3_FLAG_SNAT);
zone->conntrack = true;
}
if (zone->custom_chains)
{
- setbit(zone->flags[0], FW3_FLAG_SNAT);
- setbit(zone->flags[0], FW3_FLAG_DNAT);
+ fw3_setbit(zone->flags[0], FW3_FLAG_SNAT);
+ fw3_setbit(zone->flags[0], FW3_FLAG_DNAT);
}
- setbit(zone->flags[0], fw3_to_src_target(zone->policy_input));
- setbit(zone->flags[0], zone->policy_forward);
- setbit(zone->flags[0], zone->policy_output);
+ fw3_setbit(zone->flags[0], fw3_to_src_target(zone->policy_input));
+ fw3_setbit(zone->flags[0], zone->policy_forward);
+ fw3_setbit(zone->flags[0], zone->policy_output);
- setbit(zone->flags[1], fw3_to_src_target(zone->policy_input));
- setbit(zone->flags[1], zone->policy_forward);
- setbit(zone->flags[1], zone->policy_output);
+ fw3_setbit(zone->flags[1], fw3_to_src_target(zone->policy_input));
+ fw3_setbit(zone->flags[1], zone->policy_forward);
+ fw3_setbit(zone->flags[1], zone->policy_output);
list_add_tail(&zone->list, &state->zones);
}
continue;
if (c->flag &&
- !hasbit(zone->flags[handle->family == FW3_FAMILY_V6], c->flag))
+ !fw3_hasbit(zone->flags[handle->family == FW3_FAMILY_V6], c->flag))
continue;
fw3_ipt_create_chain(handle, c->format, zone->name);
fw3_ipt_rule_extra(r, zone->extra_src);
if (t == FW3_FLAG_ACCEPT && !state->defaults.drop_invalid)
- fw3_ipt_rule_extra(r, "-m conntrack --ctstate NEW");
+ fw3_ipt_rule_extra(r,
+ "-m conntrack --ctstate NEW,UNTRACKED");
fw3_ipt_rule_replace(r, "zone_%s_src_%s", zone->name,
fw3_flag_names[t]);
fw3_ipt_rule_extra(r, zone->extra_dest);
if (t == FW3_FLAG_ACCEPT && !state->defaults.drop_invalid)
- fw3_ipt_rule_extra(r, "-m conntrack --ctstate NEW");
+ fw3_ipt_rule_extra(r,
+ "-m conntrack --ctstate NEW,UNTRACKED");
fw3_ipt_rule_replace(r, "zone_%s_dest_%s", zone->name,
fw3_flag_names[t]);
list_for_each_entry(z, &state->zones, list)
{
- if (add != hasbit(z->flags[0], FW3_FLAG_HOTPLUG))
+ if (add != fw3_hasbit(z->flags[0], FW3_FLAG_HOTPLUG))
{
list_for_each_entry(d, &z->devices, list)
fw3_hotplug(add, z, d);
if (add)
- setbit(z->flags[0], FW3_FLAG_HOTPLUG);
+ fw3_setbit(z->flags[0], FW3_FLAG_HOTPLUG);
else
- delbit(z->flags[0], FW3_FLAG_HOTPLUG);
+ fw3_delbit(z->flags[0], FW3_FLAG_HOTPLUG);
}
}
}