X-Git-Url: http://git.archive.openwrt.org/?p=project%2Ffirewall3.git;a=blobdiff_plain;f=ipsets.c;h=eb37d0a82e6a831462ca19bf4825640b07c2b02a;hp=a720172652bda0404b4e5bf647ba84313ff01d3a;hb=b64f6ca3d43dabc651b829fc7c71d95ed791aee2;hpb=6a736bbffb88c44aa5b4780e5a94519a0b4e5523 diff --git a/ipsets.c b/ipsets.c index a720172..eb37d0a 100644 --- a/ipsets.c +++ b/ipsets.c @@ -20,6 +20,8 @@ const struct fw3_option fw3_ipset_opts[] = { + FW3_OPT("enabled", bool, ipset, enabled), + FW3_OPT("name", string, ipset, name), FW3_OPT("family", family, ipset, family), @@ -214,6 +216,8 @@ fw3_alloc_ipset(void) INIT_LIST_HEAD(&ipset->datatypes); + ipset->enabled = true; + return ipset; } @@ -270,10 +274,8 @@ static void create_ipset(struct fw3_ipset *ipset, struct fw3_state *state) { bool first = true; - char s[INET6_ADDRSTRLEN]; struct fw3_ipset_datatype *type; - struct fw3_address *a; const char *methods[] = { "(bug)", @@ -294,7 +296,7 @@ create_ipset(struct fw3_ipset *ipset, struct fw3_state *state) if (ipset->external && *ipset->external) return; - info("Creating ipset %s", ipset->name); + info(" * Creating ipset %s", ipset->name); first = true; fw3_pr("create %s %s", ipset->name, methods[ipset->method]); @@ -307,27 +309,7 @@ create_ipset(struct fw3_ipset *ipset, struct fw3_state *state) if (ipset->iprange.set) { - a = &ipset->iprange; - - if (!a->range) - { - inet_ntop(a->family == FW3_FAMILY_V4 ? AF_INET : AF_INET6, - &a->address.v6, s, sizeof(s)); - - fw3_pr(" range %s/%u", s, a->mask); - } - else - { - inet_ntop(a->family == FW3_FAMILY_V4 ? AF_INET : AF_INET6, - &a->address.v6, s, sizeof(s)); - - fw3_pr(" range %s", s); - - inet_ntop(a->family == FW3_FAMILY_V4 ? AF_INET : AF_INET6, - &a->address2.v6, s, sizeof(s)); - - fw3_pr("-%s", s); - } + fw3_pr(" range %s", fw3_address_to_string(&ipset->iprange, false)); } else if (ipset->portrange.set) { @@ -351,8 +333,6 @@ create_ipset(struct fw3_ipset *ipset, struct fw3_state *state) fw3_pr(" hashsize %u", ipset->hashsize); fw3_pr("\n"); - - fw3_set_running(ipset, &state->running_ipsets); } void @@ -364,8 +344,7 @@ fw3_create_ipsets(struct fw3_state *state) return; list_for_each_entry(ipset, &state->ipsets, list) - if (!fw3_lookup_ipset(state, ipset->name, true)) - create_ipset(ipset, state); + create_ipset(ipset, state); fw3_pr("quit\n"); } @@ -373,31 +352,21 @@ fw3_create_ipsets(struct fw3_state *state) void fw3_destroy_ipsets(struct fw3_state *state) { - struct fw3_ipset *s, *tmp; - int mask = (1 << FW3_FAMILY_V4) | (1 << FW3_FAMILY_V6); + struct fw3_ipset *s; - list_for_each_entry_safe(s, tmp, &state->running_ipsets, running_list) + list_for_each_entry(s, &state->ipsets, list) { - if (!hasbit(state->defaults.flags, FW3_FAMILY_V4)) - delbit(s->flags, FW3_FAMILY_V4); - - if (!hasbit(state->defaults.flags, FW3_FAMILY_V6)) - delbit(s->flags, FW3_FAMILY_V6); - - if (!(s->flags & mask)) - { - info("Deleting ipset %s", s->name); + info(" * Deleting ipset %s", s->name); - fw3_pr("flush %s\n", s->name); - fw3_pr("destroy %s\n", s->name); - - fw3_set_running(s, NULL); - } + fw3_pr("flush %s\n", s->name); + fw3_pr("destroy %s\n", s->name); } + + fw3_pr("quit\n"); } struct fw3_ipset * -fw3_lookup_ipset(struct fw3_state *state, const char *name, bool running) +fw3_lookup_ipset(struct fw3_state *state, const char *name) { struct fw3_ipset *s; @@ -409,10 +378,7 @@ fw3_lookup_ipset(struct fw3_state *state, const char *name, bool running) if (strcmp(s->name, name)) continue; - if (!running || s->running_list.next) - return s; - - break; + return s; } return NULL;