}
setbit(zone->flags[0], fw3_to_src_target(zone->policy_input));
+ setbit(zone->flags[0], fw3_to_src_target(zone->policy_forward));
setbit(zone->flags[0], zone->policy_output);
- setbit(zone->flags[0], zone->policy_forward);
setbit(zone->flags[1], fw3_to_src_target(zone->policy_input));
+ setbit(zone->flags[1], fw3_to_src_target(zone->policy_forward));
setbit(zone->flags[1], zone->policy_output);
- setbit(zone->flags[1], zone->policy_forward);
list_add_tail(&zone->list, &state->zones);
}
fw3_ipt_rule_append(r, "zone_%s_input", zone->name);
r = fw3_ipt_rule_new(handle);
- fw3_ipt_rule_target(r, "zone_%s_dest_%s", zone->name,
+ fw3_ipt_rule_target(r, "zone_%s_src_%s", zone->name,
fw3_flag_names[zone->policy_forward]);
fw3_ipt_rule_append(r, "zone_%s_forward", zone->name);
continue;
snprintf(chain, sizeof(chain), c->format, z->name);
- fw3_ipt_delete_rules(handle, chain);
+ fw3_ipt_flush_chain(handle, chain);
+
+ /* keep certain basic chains that do not depend on any settings to
+ avoid purging unrelated user rules pointing to them */
+ if (reload && !c->flag)
+ continue;
+
fw3_ipt_delete_chain(handle, chain);
}
projects / project / firewall3.git / blobdiff