projects
/
project
/
firewall3.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Simplify ipset external checks and optionally initialize ispet name from external...
[project/firewall3.git]
/
redirects.c
diff --git
a/redirects.c
b/redirects.c
index
7817e9b
..
3c0ffad
100644
(file)
--- a/
redirects.c
+++ b/
redirects.c
@@
-52,6
+52,8
@@
const struct fw3_option fw3_redirect_opts[] = {
FW3_OPT("weekdays", weekdays, redirect, time.weekdays),
FW3_OPT("monthdays", monthdays, redirect, time.monthdays),
FW3_OPT("weekdays", weekdays, redirect, time.weekdays),
FW3_OPT("monthdays", monthdays, redirect, time.monthdays),
+ FW3_OPT("mark", mark, redirect, mark),
+
FW3_OPT("reflection", bool, redirect, reflection),
FW3_OPT("reflection_src", reflection_source,
redirect, reflection_src),
FW3_OPT("reflection", bool, redirect, reflection),
FW3_OPT("reflection_src", reflection_source,
redirect, reflection_src),
@@
-155,14
+157,14
@@
fw3_load_redirects(struct fw3_state *state, struct uci_package *p)
continue;
}
else if (redir->src.set && !redir->src.any &&
continue;
}
else if (redir->src.set && !redir->src.any &&
- !(redir->_src = fw3_lookup_zone(state, redir->src.name
, false
)))
+ !(redir->_src = fw3_lookup_zone(state, redir->src.name)))
{
warn_elem(e, "refers to not existing zone '%s'", redir->src.name);
fw3_free_redirect(redir);
continue;
}
else if (redir->dest.set && !redir->dest.any &&
{
warn_elem(e, "refers to not existing zone '%s'", redir->src.name);
fw3_free_redirect(redir);
continue;
}
else if (redir->dest.set && !redir->dest.any &&
- !(redir->_dest = fw3_lookup_zone(state, redir->dest.name
, false
)))
+ !(redir->_dest = fw3_lookup_zone(state, redir->dest.name)))
{
warn_elem(e, "refers to not existing zone '%s'", redir->dest.name);
fw3_free_redirect(redir);
{
warn_elem(e, "refers to not existing zone '%s'", redir->dest.name);
fw3_free_redirect(redir);
@@
-175,7
+177,7
@@
fw3_load_redirects(struct fw3_state *state, struct uci_package *p)
continue;
}
else if (redir->ipset.set && !redir->ipset.any &&
continue;
}
else if (redir->ipset.set && !redir->ipset.any &&
- !(redir->_ipset = fw3_lookup_ipset(state, redir->ipset.name
, false
)))
+ !(redir->_ipset = fw3_lookup_ipset(state, redir->ipset.name)))
{
warn_elem(e, "refers to unknown ipset '%s'", redir->ipset.name);
fw3_free_redirect(redir);
{
warn_elem(e, "refers to unknown ipset '%s'", redir->ipset.name);
fw3_free_redirect(redir);
@@
-370,6
+372,14
@@
print_redirect(struct fw3_state *state, enum fw3_family family,
return;
}
return;
}
+ if (!fw3_check_ipset(redir->_ipset))
+ {
+ info(" ! Skipping due to missing ipset '%s'",
+ redir->_ipset->external ?
+ redir->_ipset->external : redir->_ipset->name);
+ return;
+ }
+
set(redir->_ipset->flags, family, family);
}
set(redir->_ipset->flags, family, family);
}
@@
-395,6
+405,7
@@
print_redirect(struct fw3_state *state, enum fw3_family family,
fw3_format_mac(mac);
fw3_format_time(&redir->time);
fw3_format_mac(mac);
fw3_format_time(&redir->time);
+ fw3_format_mark(&redir->mark);
fw3_format_extra(redir->extra);
fw3_format_comment(redir->name);
print_target_nat(redir);
fw3_format_extra(redir->extra);
fw3_format_comment(redir->name);
print_target_nat(redir);
@@
-408,6
+419,7
@@
print_redirect(struct fw3_state *state, enum fw3_family family,
fw3_format_sport_dport(&redir->port_src, &redir->port_redir);
fw3_format_mac(mac);
fw3_format_time(&redir->time);
fw3_format_sport_dport(&redir->port_src, &redir->port_redir);
fw3_format_mac(mac);
fw3_format_time(&redir->time);
+ fw3_format_mark(&redir->mark);
fw3_format_extra(redir->extra);
fw3_format_comment(redir->name);
print_target_filter(redir);
fw3_format_extra(redir->extra);
fw3_format_comment(redir->name);
print_target_filter(redir);