X-Git-Url: http://git.archive.openwrt.org/?p=project%2Ffirewall3.git;a=blobdiff_plain;f=ipsets.c;h=5e0d61f9c3f956c23c542b533fdda8884e31b70f;hp=ab86133c31be3756a9e751a4e4e2e514dc5119e2;hb=bb6873d86322a66bc01fc4195512ba5d2c78bddb;hpb=0004ef54410c9993eced6f518923af2d9da6c482

diff --git a/ipsets.c b/ipsets.c
index ab86133..5e0d61f 100644
--- a/ipsets.c
+++ b/ipsets.c
@@ -266,7 +266,7 @@ create_ipset(struct fw3_ipset *ipset)
 	if (ipset->external && *ipset->external)
 		return;
 
-	info(" * %s", ipset->name);
+	info("Creating ipset %s", ipset->name);
 
 	first = true;
 	fw3_pr("create %s %s", ipset->name, methods[ipset->method]);
@@ -328,37 +328,69 @@ create_ipset(struct fw3_ipset *ipset)
 	fw3_pr("\n");
 }
 
+static bool
+ipset_loaded(struct list_head *statefile, const char *name)
+{
+	struct fw3_statefile_entry *e;
+	int mask = (1 << FW3_FAMILY_V4) | (1 << FW3_FAMILY_V6);
+
+	if (!statefile)
+		return false;
+
+	list_for_each_entry(e, statefile, list)
+	{
+		if (e->type != FW3_TYPE_IPSET)
+			continue;
+
+		if (!strcmp(e->name, name) && (e->flags[0] & mask))
+			return true;
+	}
+
+	return false;
+}
+
 void
-fw3_create_ipsets(struct fw3_state *state)
+fw3_create_ipsets(struct fw3_state *state, struct list_head *statefile)
 {
 	struct fw3_ipset *ipset;
 
 	if (state->disable_ipsets)
 		return;
 
-	info("Initializing ipsets ...");
-
 	list_for_each_entry(ipset, &state->ipsets, list)
-		create_ipset(ipset);
+		if (!ipset_loaded(statefile, ipset->name))
+			create_ipset(ipset);
 
 	fw3_pr("quit\n");
 }
 
 void
-fw3_destroy_ipsets(struct list_head *statefile)
+fw3_destroy_ipsets(struct fw3_state *state, struct list_head *statefile)
 {
+	struct fw3_ipset *s;
 	struct fw3_statefile_entry *e;
+	int mask = (1 << FW3_FAMILY_V4) | (1 << FW3_FAMILY_V6);
+
+	if (!statefile)
+		return;
 
-	if (statefile)
+	list_for_each_entry(e, statefile, list)
 	{
-		info("Destroying ipsets ...");
+		if (e->type != FW3_TYPE_IPSET)
+			continue;
 
-		list_for_each_entry(e, statefile, list)
-		{
-			if (e->type != FW3_TYPE_IPSET)
-				continue;
+		if (!hasbit(state->defaults.flags, FW3_FAMILY_V4))
+			delbit(e->flags[0], FW3_FAMILY_V4);
+
+		if (!hasbit(state->defaults.flags, FW3_FAMILY_V6))
+			delbit(e->flags[0], FW3_FAMILY_V6);
 
-			info(" * %s", e->name);
+		if ((s = fw3_lookup_ipset(state, e->name)) != NULL)
+			s->flags = e->flags[0];
+
+		if (!(e->flags[0] & mask))
+		{
+			info("Deleting ipset %s", e->name);
 
 			fw3_pr("flush %s\n", e->name);
 			fw3_pr("destroy %s\n", e->name);