projects / project / firewall3.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 4e1011d)
destroy ipsets on explicit stop and flush, but not on restart
authorJo-Philipp Wich <jow@openwrt.org>
Sun, 17 Feb 2013 20:52:55 +0000 (21:52 +0100)
committerJo-Philipp Wich <jow@openwrt.org>
Sun, 17 Feb 2013 20:55:39 +0000 (21:55 +0100)
main.c patch | blob | history

diff --git a/main.c b/main.c
index a260d7d..79324a4 100644 (file)
--- a/main.c
+++ b/main.c
@@ -160,15 +160,19 @@ stop(struct fw3_state *state, bool complete)
                fw3_command_close();
        }
 
                fw3_command_close();
        }
 
-       if (complete && fw3_command_pipe(false, "ipset", "-exist", "-"))
-       {
-               fw3_destroy_ipsets(state);
-               fw3_command_close();
-       }
-
        return 0;
 }
 
        return 0;
 }
 
+static void
+destroy_ipsets(struct fw3_state *state)
+{
+       if (!fw3_command_pipe(false, "ipset", "-exist", "-"))
+               return;
+
+       fw3_destroy_ipsets(state);
+       fw3_command_close();
+}
+
 static int
 start(struct fw3_state *state)
 {
 static int
 start(struct fw3_state *state)
 {
@@ -352,12 +356,17 @@ int main(int argc, char **argv)
                }
 
                rv = stop(state, false);
                }
 
                rv = stop(state, false);
+
+               destroy_ipsets(state);
+
                fw3_remove_state();
        }
        else if (!strcmp(argv[optind], "flush"))
        {
                rv = stop(state, true);
 
                fw3_remove_state();
        }
        else if (!strcmp(argv[optind], "flush"))
        {
                rv = stop(state, true);
 
+               destroy_ipsets(state);
+
                if (fw3_has_state())
                        fw3_remove_state();
        }
                if (fw3_has_state())
                        fw3_remove_state();
        }
OpenWrt firewall configuration utility