projects
/
project
/
firewall3.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
firewall3: fix left shift on 64 bit systems in fw3_bitlen2netmask
[project/firewall3.git]
/
forwards.c
diff --git
a/forwards.c
b/forwards.c
index
babf5e8
..
e27e4ee
100644
(file)
--- a/
forwards.c
+++ b/
forwards.c
@@
-48,13
+48,10
@@
fw3_load_forwards(struct fw3_state *state, struct uci_package *p)
if (strcmp(s->type, "forwarding"))
continue;
if (strcmp(s->type, "forwarding"))
continue;
- forward = malloc(sizeof(*forward));
-
+ forward = calloc(1, sizeof(*forward));
if (!forward)
continue;
if (!forward)
continue;
- memset(forward, 0, sizeof(*forward));
-
forward->enabled = true;
fw3_parse_options(forward, fw3_forward_opts, s);
forward->enabled = true;
fw3_parse_options(forward, fw3_forward_opts, s);
@@
-72,23
+69,25
@@
fw3_load_forwards(struct fw3_state *state, struct uci_package *p)
continue;
}
else if (forward->src.set && !forward->src.any &&
continue;
}
else if (forward->src.set && !forward->src.any &&
- !(forward->_src = fw3_lookup_zone(state, forward->src.name
, false
)))
+ !(forward->_src = fw3_lookup_zone(state, forward->src.name)))
{
warn_elem(e, "refers to not existing zone '%s'", forward->src.name);
fw3_free_forward(forward);
continue;
}
else if (forward->dest.set && !forward->dest.any &&
{
warn_elem(e, "refers to not existing zone '%s'", forward->src.name);
fw3_free_forward(forward);
continue;
}
else if (forward->dest.set && !forward->dest.any &&
- !(forward->_dest = fw3_lookup_zone(state, forward->dest.name
, false
)))
+ !(forward->_dest = fw3_lookup_zone(state, forward->dest.name)))
{
warn_elem(e, "refers to not existing zone '%s'", forward->dest.name);
fw3_free_forward(forward);
continue;
}
{
warn_elem(e, "refers to not existing zone '%s'", forward->dest.name);
fw3_free_forward(forward);
continue;
}
+ /* NB: forward family... */
if (forward->_dest)
{
if (forward->_dest)
{
- setbit(forward->_dest->flags, FW3_TARGET_ACCEPT);
+ setbit(forward->_dest->flags[0], FW3_FLAG_ACCEPT);
+ setbit(forward->_dest->flags[1], FW3_FLAG_ACCEPT);
if (forward->_src &&
(forward->_src->conntrack || forward->_dest->conntrack))
if (forward->_src &&
(forward->_src->conntrack || forward->_dest->conntrack))
@@
-104,32
+103,32
@@
fw3_load_forwards(struct fw3_state *state, struct uci_package *p)
static void
static void
-
print_chain(
struct fw3_forward *forward)
+
append_chain(struct fw3_ipt_rule *r,
struct fw3_forward *forward)
{
if (forward->src.any || !forward->src.set)
{
if (forward->src.any || !forward->src.set)
- fw3_
pr("-A
delegate_forward");
+ fw3_
ipt_rule_append(r, "
delegate_forward");
else
else
- fw3_
pr("-A
zone_%s_forward", forward->src.name);
+ fw3_
ipt_rule_append(r, "
zone_%s_forward", forward->src.name);
}
}
-static void
print_target(
struct fw3_forward *forward)
+static void
set_target(struct fw3_ipt_rule *r,
struct fw3_forward *forward)
{
if (forward->dest.any || !forward->dest.set)
{
if (forward->dest.any || !forward->dest.set)
- fw3_
pr(" -j ACCEPT\n
");
+ fw3_
ipt_rule_target(r, "ACCEPT
");
else
else
- fw3_
pr(" -j zone_%s_dest_ACCEPT\n
", forward->dest.name);
+ fw3_
ipt_rule_target(r, "zone_%s_dest_ACCEPT
", forward->dest.name);
}
static void
}
static void
-print_forward(enum fw3_table table, enum fw3_family family,
- struct fw3_forward *forward)
+print_forward(struct fw3_ipt_handle *handle, struct fw3_forward *forward)
{
const char *s, *d;
{
const char *s, *d;
+ struct fw3_ipt_rule *r;
- if (table != FW3_TABLE_FILTER)
+ if (
handle->
table != FW3_TABLE_FILTER)
return;
return;
- if (!fw3_is_family(forward, family))
+ if (!fw3_is_family(forward,
handle->
family))
return;
s = forward->_src ? forward->_src->name : "*";
return;
s = forward->_src ? forward->_src->name : "*";
@@
-137,24
+136,24
@@
print_forward(enum fw3_table table, enum fw3_family family,
info(" * Forward '%s' -> '%s'", s, d);
info(" * Forward '%s' -> '%s'", s, d);
- if (!fw3_is_family(forward->_src, family) ||
- !fw3_is_family(forward->_dest, family))
+ if (!fw3_is_family(forward->_src,
handle->
family) ||
+ !fw3_is_family(forward->_dest,
handle->
family))
{
info(" ! Skipping due to different family of zone");
return;
}
{
info(" ! Skipping due to different family of zone");
return;
}
- print_chain(forward);
- fw3_format_comment("forwarding ", s, "->", d);
- print_target(forward);
+ r = fw3_ipt_rule_new(handle);
+ fw3_ipt_rule_comment(r, "forwarding %s -> %s", s, d);
+ set_target(r, forward);
+ append_chain(r, forward);
}
void
}
void
-fw3_print_forwards(enum fw3_table table, enum fw3_family family,
- struct fw3_state *state)
+fw3_print_forwards(struct fw3_ipt_handle *handle, struct fw3_state *state)
{
struct fw3_forward *forward;
list_for_each_entry(forward, &state->forwards, list)
{
struct fw3_forward *forward;
list_for_each_entry(forward, &state->forwards, list)
- print_forward(
table, family
, forward);
+ print_forward(
handle
, forward);
}
}