X-Git-Url: http://git.archive.openwrt.org/?p=project%2Ffirewall3.git;a=blobdiff_plain;f=zones.c;h=2ddd7b44443f3b2714e19ffb2f8b8b29320700d2;hp=6ab3d12176e49c6c7a85dc8f4050280ed2bc538a;hb=b59934331c4b9271ceb5e30b793a552618299d39;hpb=92281eb747b56e748b7c3d754055919c23befdd4

diff --git a/zones.c b/zones.c
index 6ab3d12..2ddd7b4 100644
--- a/zones.c
+++ b/zones.c
@@ -83,6 +83,8 @@ const struct fw3_option fw3_zone_opts[] = {
 	FW3_OPT("__flags_v4",          int,      zone,     flags[0]),
 	FW3_OPT("__flags_v6",          int,      zone,     flags[1]),
 
+	FW3_LIST("__addrs",            address,  zone,     old_addrs),
+
 	{ }
 };
 
@@ -138,6 +140,8 @@ fw3_alloc_zone(void)
 	INIT_LIST_HEAD(&zone->masq_src);
 	INIT_LIST_HEAD(&zone->masq_dest);
 
+	INIT_LIST_HEAD(&zone->old_addrs);
+
 	zone->enabled = true;
 	zone->custom_chains = true;
 	zone->log_limit.rate = 10;
@@ -223,11 +227,11 @@ fw3_load_zones(struct fw3_state *state, struct uci_package *p)
 		}
 
 		setbit(zone->flags[0], fw3_to_src_target(zone->policy_input));
-		setbit(zone->flags[0], fw3_to_src_target(zone->policy_forward));
+		setbit(zone->flags[0], zone->policy_forward);
 		setbit(zone->flags[0], zone->policy_output);
 
 		setbit(zone->flags[1], fw3_to_src_target(zone->policy_input));
-		setbit(zone->flags[1], fw3_to_src_target(zone->policy_forward));
+		setbit(zone->flags[1], zone->policy_forward);
 		setbit(zone->flags[1], zone->policy_output);
 
 		list_add_tail(&zone->list, &state->zones);
@@ -491,7 +495,7 @@ print_zone_rule(struct fw3_ipt_handle *handle, struct fw3_state *state,
 		fw3_ipt_rule_append(r, "zone_%s_input", zone->name);
 
 		r = fw3_ipt_rule_new(handle);
-		fw3_ipt_rule_target(r, "zone_%s_src_%s", zone->name,
+		fw3_ipt_rule_target(r, "zone_%s_dest_%s", zone->name,
 		                     fw3_flag_names[zone->policy_forward]);
 		fw3_ipt_rule_append(r, "zone_%s_forward", zone->name);
 
@@ -674,10 +678,10 @@ fw3_lookup_zone(struct fw3_state *state, const char *name)
 }
 
 struct list_head *
-fw3_resolve_zone_addresses(struct fw3_zone *zone)
+fw3_resolve_zone_addresses(struct fw3_zone *zone, struct fw3_address *addr)
 {
 	struct fw3_device *net;
-	struct fw3_address *addr, *tmp;
+	struct fw3_address *cur, *tmp;
 	struct list_head *all;
 
 	all = calloc(1, sizeof(*all));
@@ -686,18 +690,31 @@ fw3_resolve_zone_addresses(struct fw3_zone *zone)
 
 	INIT_LIST_HEAD(all);
 
-	list_for_each_entry(net, &zone->networks, list)
-		fw3_ubus_address(all, net->name);
-
-	list_for_each_entry(addr, &zone->subnets, list)
+	if (addr && addr->set)
 	{
 		tmp = malloc(sizeof(*tmp));
 
-		if (!tmp)
-			continue;
+		if (tmp)
+		{
+			*tmp = *addr;
+			list_add_tail(&tmp->list, all);
+		}
+	}
+	else
+	{
+		list_for_each_entry(net, &zone->networks, list)
+			fw3_ubus_address(all, net->name);
+
+		list_for_each_entry(cur, &zone->subnets, list)
+		{
+			tmp = malloc(sizeof(*tmp));
+
+			if (!tmp)
+				continue;
 
-		memcpy(tmp, addr, sizeof(*tmp));
-		list_add_tail(&tmp->list, all);
+			*tmp = *cur;
+			list_add_tail(&tmp->list, all);
+		}
 	}
 
 	return all;