Track used networks and devices in state file

[project/firewall3.git] / options.h

diff --git a/options.h b/options.h
index 96afcd2..1838a01 100644 (file)
--- a/options.h
+++ b/options.h
@@ -63,22 +63,26 @@ enum fw3_family
 
 enum fw3_target
 {
-       FW3_TARGET_UNSPEC  = 0,
-       FW3_TARGET_ACCEPT  = 6,
-       FW3_TARGET_REJECT  = 7,
-       FW3_TARGET_DROP    = 8,
-       FW3_TARGET_NOTRACK = 9,
-       FW3_TARGET_DNAT    = 10,
-       FW3_TARGET_SNAT    = 11,
+       FW3_TARGET_UNSPEC        = 0,
+       FW3_TARGET_ACCEPT        = 6,
+       FW3_TARGET_REJECT        = 7,
+       FW3_TARGET_DROP          = 8,
+       FW3_TARGET_NOTRACK       = 9,
+       FW3_TARGET_DNAT          = 10,
+       FW3_TARGET_SNAT          = 11,
+       FW3_TARGET_SRC_ACCEPT    = 12,
+       FW3_TARGET_SRC_REJECT    = 13,
+       FW3_TARGET_SRC_DROP      = 14,
+       FW3_TARGET_CUSTOM_CHAINS = 15,
 };
 
 enum fw3_default
 {
        FW3_DEFAULT_UNSPEC        = 0,
-       FW3_DEFAULT_CUSTOM_CHAINS = 12,
-       FW3_DEFAULT_SYN_FLOOD     = 13,
-       FW3_DEFAULT_MTU_FIX       = 14,
-       FW3_DEFAULT_DROP_INVALID  = 15,
+       FW3_DEFAULT_CUSTOM_CHAINS = 16,
+       FW3_DEFAULT_SYN_FLOOD     = 17,
+       FW3_DEFAULT_MTU_FIX       = 18,
+       FW3_DEFAULT_DROP_INVALID  = 19,
 };
 
 extern const char *fw3_flag_names[FW3_DEFAULT_DROP_INVALID + 1];
@@ -131,6 +135,7 @@ struct fw3_device
        bool any;
        bool invert;
        char name[32];
+       struct fw3_device *network;
 };
 
 struct fw3_address
@@ -169,7 +174,7 @@ struct fw3_protocol
 
        bool any;
        bool invert;
-       uint16_t protocol;
+       uint32_t protocol;
 };
 
 struct fw3_port
@@ -237,7 +242,7 @@ struct fw3_defaults
 
        bool disable_ipv6;
 
-       uint16_t flags;
+       uint32_t flags[2];
 };
 
 struct fw3_zone
@@ -245,6 +250,7 @@ struct fw3_zone
        struct list_head list;
        struct list_head running_list;
 
+       bool enabled;
        const char *name;
 
        enum fw3_family family;
@@ -257,6 +263,9 @@ struct fw3_zone
        struct list_head devices;
        struct list_head subnets;
 
+       struct list_head running_networks;
+       struct list_head running_devices;
+
        const char *extra_src;
        const char *extra_dest;
 
@@ -272,14 +281,14 @@ struct fw3_zone
 
        bool custom_chains;
 
-       uint16_t src_flags;
-       uint16_t dst_flags;
+       uint32_t flags[2];
 };
 
 struct fw3_rule
 {
        struct list_head list;
 
+       bool enabled;
        const char *name;
 
        enum fw3_family family;
@@ -316,6 +325,7 @@ struct fw3_redirect
 {
        struct list_head list;
 
+       bool enabled;
        const char *name;
 
        enum fw3_family family;
@@ -354,6 +364,7 @@ struct fw3_forward
 {
        struct list_head list;
 
+       bool enabled;
        const char *name;
 
        enum fw3_family family;
@@ -370,6 +381,7 @@ struct fw3_ipset
        struct list_head list;
        struct list_head running_list;
 
+       bool enabled;
        const char *name;
        enum fw3_family family;
 
@@ -387,7 +399,7 @@ struct fw3_ipset
 
        const char *external;
 
-       uint16_t flags;
+       uint32_t flags[2];
 };
 
 struct fw3_include
@@ -395,6 +407,7 @@ struct fw3_include
        struct list_head list;
        struct list_head running_list;
 
+       bool enabled;
        const char *name;
        enum fw3_family family;
 
@@ -413,7 +426,6 @@ struct fw3_state
        struct list_head ipsets;
        struct list_head includes;
 
-       struct fw3_defaults running_defaults;
        struct list_head running_zones;
        struct list_head running_ipsets;