X-Git-Url: http://git.archive.openwrt.org/?p=project%2Ffirewall3.git;a=blobdiff_plain;f=main.c;h=3c2b4eb1e6e4ea645c977bb98ec9a987c0518fea;hp=09baca9579e96e1c944080c55dff531f3c9026ca;hb=ff9d5e13c9150c62fe698e4bc5541e6f92b241d0;hpb=54c0625e83a5ddf77e1753885c96f488ba38f78a

diff --git a/main.c b/main.c
index 09baca9..3c2b4eb 100644
--- a/main.c
+++ b/main.c
@@ -135,7 +135,7 @@ restore_pipe(enum fw3_family family, bool silent)
 static bool
 family_running(struct fw3_state *state, enum fw3_family family)
 {
-	return hasbit(state->defaults.running_flags, family);
+	return has(state->defaults.flags, family, family);
 }
 
 static bool
@@ -144,19 +144,13 @@ family_used(enum fw3_family family)
 	return (use_family == FW3_FAMILY_ANY) || (use_family == family);
 }
 
-static bool
-family_loaded(struct fw3_state *state, enum fw3_family family)
-{
-	return hasbit(state->defaults.flags, family);
-}
-
 static void
 family_set(struct fw3_state *state, enum fw3_family family, bool set)
 {
 	if (set)
-		setbit(state->defaults.flags, family);
+		set(state->defaults.flags, family, family);
 	else
-		delbit(state->defaults.flags, family);
+		del(state->defaults.flags, family, family);
 }
 
 static int
@@ -167,7 +161,6 @@ stop(struct fw3_state *state, bool complete, bool reload)
 	int rv = 1;
 	enum fw3_family family;
 	enum fw3_table table;
-	enum fw3_target policy = reload ? FW3_TARGET_DROP : FW3_TARGET_ACCEPT;
 
 	if (!complete && !state->statefile)
 	{
@@ -178,6 +171,9 @@ stop(struct fw3_state *state, bool complete, bool reload)
 		return rv;
 	}
 
+	if (!print_rules)
+		fw3_hotplug_zones(false, state);
+
 	for (family = FW3_FAMILY_V4; family <= FW3_FAMILY_V6; family++)
 	{
 		if (!complete && !family_running(state, family))
@@ -186,15 +182,13 @@ stop(struct fw3_state *state, bool complete, bool reload)
 		if (!family_used(family) || !restore_pipe(family, true))
 			continue;
 
-		info("Removing %s rules ...", fw3_flag_names[family]);
-
 		for (table = FW3_TABLE_FILTER; table <= FW3_TABLE_RAW; table++)
 		{
 			if (!fw3_has_table(family == FW3_FAMILY_V6, fw3_flag_names[table]))
 				continue;
 
-			info(" * %sing %s table",
-			     complete ? "Flush" : "Clear", fw3_flag_names[table]);
+			info(" * %sing %s %s table", complete ? "Flush" : "Clear",
+			     fw3_flag_names[family], fw3_flag_names[table]);
 
 			fw3_pr("*%s\n", fw3_flag_names[table]);
 
@@ -205,11 +199,11 @@ stop(struct fw3_state *state, bool complete, bool reload)
 			else
 			{
 				/* pass 1 */
-				fw3_flush_rules(table, family, false, state, policy);
+				fw3_flush_rules(table, family, false, reload, state);
 				fw3_flush_zones(table, family, false, reload, state);
 
 				/* pass 2 */
-				fw3_flush_rules(table, family, true, state, policy);
+				fw3_flush_rules(table, family, true, reload, state);
 				fw3_flush_zones(table, family, true, reload, state);
 			}
 
@@ -234,7 +228,7 @@ stop(struct fw3_state *state, bool complete, bool reload)
 
 	if (complete && (ct = fopen("/proc/net/nf_conntrack", "w")) != NULL)
 	{
-		info("Flushing conntrack table ...");
+		info(" * Flushing conntrack table ...");
 
 		fwrite("f\n", 2, 1, ct);
 		fclose(ct);
@@ -255,8 +249,6 @@ start(struct fw3_state *state, bool reload)
 
 	if (!print_rules && !reload)
 	{
-		fw3_set_defaults(state);
-
 		if (fw3_command_pipe(false, "ipset", "-exist", "-"))
 		{
 			fw3_create_ipsets(state);
@@ -278,27 +270,26 @@ start(struct fw3_state *state, bool reload)
 			continue;
 		}
 
-		if (!family_loaded(state, family) || !restore_pipe(family, false))
+		if (!restore_pipe(family, false))
 			continue;
 
-		info("Constructing %s rules ...", fw3_flag_names[family]);
-
 		for (table = FW3_TABLE_FILTER; table <= FW3_TABLE_RAW; table++)
 		{
 			if (!fw3_has_table(family == FW3_FAMILY_V6, fw3_flag_names[table]))
 				continue;
 
-			info(" * Populating %s table", fw3_flag_names[table]);
+			info(" * Populating %s %s table",
+			     fw3_flag_names[family], fw3_flag_names[table]);
 
 			fw3_pr("*%s\n", fw3_flag_names[table]);
-			fw3_print_default_chains(table, family, state);
-			fw3_print_zone_chains(table, family, state);
-			fw3_print_default_head_rules(table, family, state);
+			fw3_print_default_chains(table, family, reload, state);
+			fw3_print_zone_chains(table, family, reload, state);
+			fw3_print_default_head_rules(table, family, reload, state);
 			fw3_print_rules(table, family, state);
 			fw3_print_redirects(table, family, state);
 			fw3_print_forwards(table, family, state);
-			fw3_print_zone_rules(table, family, state);
-			fw3_print_default_tail_rules(table, family, state);
+			fw3_print_zone_rules(table, family, reload, state);
+			fw3_print_default_tail_rules(table, family, reload, state);
 			fw3_pr("COMMIT\n");
 		}
 
@@ -311,11 +302,19 @@ start(struct fw3_state *state, bool reload)
 		rv = 0;
 	}
 
-	if (!reload && !print_rules)
-		fw3_run_includes(state);
+	if (!rv)
+	{
+		fw3_set_defaults(state);
 
-	if (!rv && !print_rules)
-		fw3_write_statefile(state);
+		if (!print_rules)
+		{
+			if (!reload)
+				fw3_run_includes(state);
+
+			fw3_hotplug_zones(true, state);
+			fw3_write_statefile(state);
+		}
+	}
 
 	return rv;
 }