X-Git-Url: http://git.archive.openwrt.org/?a=blobdiff_plain;f=main.c;h=d94d0e9e71555aa615993fb0e6ce856be17258b6;hb=23741a3279981c5e0ce3ca9e00e368d4f0b142b6;hp=65afacd161f2d55b7520f6dc5dbfbe5d7a7c4775;hpb=1ccbcc2642e5cfeed375cf56130ab6ecaad35052;p=project%2Ffirewall3.git diff --git a/main.c b/main.c index 65afacd..d94d0e9 100644 --- a/main.c +++ b/main.c @@ -32,19 +32,6 @@ static bool print_rules = false; static enum fw3_family use_family = FW3_FAMILY_ANY; -static const char *families[] = { - "(bug)", - "IPv4", - "IPv6", -}; - -static const char *tables[] = { - "filter", - "nat", - "mangle", - "raw", -}; - static struct fw3_state * build_state(void) @@ -113,27 +100,22 @@ free_state(struct fw3_state *state) static bool restore_pipe(enum fw3_family family, bool silent) { - const char *cmd[] = { - "(bug)", - "iptables-restore", - "ip6tables-restore", - }; + const char *cmd; + + cmd = (family == FW3_FAMILY_V4) ? "iptables-restore" : "ip6tables-restore"; if (print_rules) return fw3_stdout_pipe(); - if (!fw3_command_pipe(silent, cmd[family], "--lenient", "--noflush")) + if (!fw3_command_pipe(silent, cmd, "--lenient", "--noflush")) { - warn("Unable to execute %s", cmd[family]); + warn("Unable to execute %s", cmd); return false; } return true; } -#define family_flag(f) \ - (f == FW3_FAMILY_V4 ? FW3_DEFAULT_IPV4_LOADED : FW3_DEFAULT_IPV6_LOADED) - static bool family_running(struct list_head *statefile, enum fw3_family family) { @@ -146,7 +128,7 @@ family_running(struct list_head *statefile, enum fw3_family family) if (e->type != FW3_TYPE_DEFAULTS) continue; - return hasbit(e->flags[0], family_flag(family)); + return hasbit(e->flags[0], family); } } @@ -162,16 +144,16 @@ family_used(enum fw3_family family) static bool family_loaded(struct fw3_state *state, enum fw3_family family) { - return hasbit(state->defaults.flags, family_flag(family)); + return hasbit(state->defaults.flags, family); } static void family_set(struct fw3_state *state, enum fw3_family family, bool set) { if (set) - setbit(state->defaults.flags, family_flag(family)); + setbit(state->defaults.flags, family); else - delbit(state->defaults.flags, family_flag(family)); + delbit(state->defaults.flags, family); } static int @@ -200,17 +182,17 @@ stop(struct fw3_state *state, bool complete, bool restart) if (!family_used(family) || !restore_pipe(family, true)) continue; - info("Removing %s rules ...", families[family]); + info("Removing %s rules ...", fw3_flag_names[family]); for (table = FW3_TABLE_FILTER; table <= FW3_TABLE_RAW; table++) { - if (!fw3_has_table(family == FW3_FAMILY_V6, tables[table])) + if (!fw3_has_table(family == FW3_FAMILY_V6, fw3_flag_names[table])) continue; info(" * %sing %s table", - complete ? "Flush" : "Clear", tables[table]); + complete ? "Flush" : "Clear", fw3_flag_names[table]); - fw3_pr("*%s\n", tables[table]); + fw3_pr("*%s\n", fw3_flag_names[table]); if (complete) { @@ -283,21 +265,21 @@ start(struct fw3_state *state, bool restart) { warn("The %s firewall appears to be started already. " "If it is indeed empty, remove the %s file and retry.", - families[family], FW3_STATEFILE); + fw3_flag_names[family], FW3_STATEFILE); continue; } - info("Constructing %s rules ...", families[family]); + info("Constructing %s rules ...", fw3_flag_names[family]); for (table = FW3_TABLE_FILTER; table <= FW3_TABLE_RAW; table++) { - if (!fw3_has_table(family == FW3_FAMILY_V6, tables[table])) + if (!fw3_has_table(family == FW3_FAMILY_V6, fw3_flag_names[table])) continue; - info(" * Populating %s table", tables[table]); + info(" * Populating %s table", fw3_flag_names[table]); - fw3_pr("*%s\n", tables[table]); + fw3_pr("*%s\n", fw3_flag_names[table]); fw3_print_default_chains(table, family, state); fw3_print_zone_chains(table, family, state); fw3_print_default_head_rules(table, family, state);