X-Git-Url: http://git.archive.openwrt.org/?p=project%2Ffirewall3.git;a=blobdiff_plain;f=ipsets.c;fp=ipsets.c;h=e149b5baa6ef24d0a49d7b28f492d10174bcfb1e;hp=955d4349875f279f4857c8accce788920de42b0b;hb=28df94a5e01fe3309eb664cae419a6fd4e5eab40;hpb=294f209f64dca84d1c4dd801a1f7e615e39f0726

diff --git a/ipsets.c b/ipsets.c
index 955d434..e149b5b 100644
--- a/ipsets.c
+++ b/ipsets.c
@@ -281,9 +281,6 @@ create_ipset(struct fw3_ipset *ipset, struct fw3_state *state)
 
 	struct fw3_ipset_datatype *type;
 
-	if (ipset->external)
-		return;
-
 	info(" * Creating ipset %s", ipset->name);
 
 	first = true;
@@ -325,31 +322,80 @@ create_ipset(struct fw3_ipset *ipset, struct fw3_state *state)
 void
 fw3_create_ipsets(struct fw3_state *state)
 {
+	int tries;
+	bool exec = false;
 	struct fw3_ipset *ipset;
 
 	if (state->disable_ipsets)
 		return;
 
+	/* spawn ipsets */
 	list_for_each_entry(ipset, &state->ipsets, list)
+	{
+		if (ipset->external)
+			continue;
+
+		if (!exec)
+		{
+			exec = fw3_command_pipe(false, "ipset", "-exist", "-");
+
+			if (!exec)
+				return;
+		}
+
 		create_ipset(ipset, state);
+	}
 
 	fw3_pr("quit\n");
+	fw3_command_close();
+
+	/* wait for ipsets to appear */
+	list_for_each_entry(ipset, &state->ipsets, list)
+	{
+		if (ipset->external)
+			continue;
+
+		for (tries = 0; !fw3_check_ipset(ipset) && tries < 10; tries++)
+			usleep(50000);
+	}
 }
 
 void
 fw3_destroy_ipsets(struct fw3_state *state)
 {
-	struct fw3_ipset *s;
+	int tries;
+	bool exec = false;
+	struct fw3_ipset *ipset;
 
-	list_for_each_entry(s, &state->ipsets, list)
+	/* destroy ipsets */
+	list_for_each_entry(ipset, &state->ipsets, list)
 	{
-		info(" * Deleting ipset %s", s->name);
+		if (!exec)
+		{
+			exec = fw3_command_pipe(false, "ipset", "-exist", "-");
+
+			if (!exec)
+				return;
+		}
 
-		fw3_pr("flush %s\n", s->name);
-		fw3_pr("destroy %s\n", s->name);
+		info(" * Deleting ipset %s", ipset->name);
+
+		fw3_pr("flush %s\n", ipset->name);
+		fw3_pr("destroy %s\n", ipset->name);
 	}
 
 	fw3_pr("quit\n");
+	fw3_command_close();
+
+	/* wait for ipsets to disappear */
+	list_for_each_entry(ipset, &state->ipsets, list)
+	{
+		if (ipset->external)
+			continue;
+
+		for (tries = 0; fw3_check_ipset(ipset) && tries < 10; tries++)
+			usleep(50000);
+	}
 }
 
 struct fw3_ipset *