FW3_LIST("network", device, zone, networks),
FW3_LIST("device", device, zone, devices),
- FW3_LIST("subnet", address, zone, subnets),
+ FW3_LIST("subnet", network, zone, subnets),
FW3_OPT("input", target, zone, policy_input),
FW3_OPT("forward", target, zone, policy_forward),
FW3_OPT("output", target, zone, policy_output),
FW3_OPT("masq", bool, zone, masq),
- FW3_LIST("masq_src", address, zone, masq_src),
- FW3_LIST("masq_dest", address, zone, masq_dest),
+ FW3_LIST("masq_src", network, zone, masq_src),
+ FW3_LIST("masq_dest", network, zone, masq_dest),
FW3_OPT("extra", string, zone, extra_src),
FW3_OPT("extra_src", string, zone, extra_src),
FW3_OPT("log", bool, zone, log),
FW3_OPT("log_limit", limit, zone, log_limit),
+ FW3_OPT("__flags_v4", int, zone, flags[0]),
+ FW3_OPT("__flags_v6", int, zone, flags[1]),
+
{ }
};
INIT_LIST_HEAD(&zone->masq_src);
INIT_LIST_HEAD(&zone->masq_dest);
- INIT_LIST_HEAD(&zone->running_networks);
- INIT_LIST_HEAD(&zone->running_devices);
-
zone->enabled = true;
zone->custom_chains = true;
zone->log_limit.rate = 10;
if (c || r)
{
info(" * Zone '%s'", zone->name);
- fw3_set_running(zone, &state->running_zones);
set(zone->flags, family, table);
}
fw3_foreach(msrc, &zone->masq_src)
fw3_foreach(mdest, &zone->masq_dest)
{
- fw3_pr("-A zone_%s_postrouting ", zone->name);
+ if (!fw3_is_family(msrc, family) ||
+ !fw3_is_family(mdest, family))
+ continue;
+
+ fw3_pr("-A zone_%s_postrouting", zone->name);
fw3_format_src_dest(msrc, mdest);
- fw3_pr("-j MASQUERADE\n");
+ fw3_pr(" -j MASQUERADE\n");
}
}
break;
if (reload)
delbit(custom_mask, FW3_FLAG_CUSTOM_CHAINS);
- list_for_each_entry_safe(z, tmp, &state->running_zones, running_list)
+ list_for_each_entry_safe(z, tmp, &state->zones, list)
{
if (!has(z->flags, family, table))
continue;
if (add)
{
- list_for_each_entry(z, &state->running_zones, running_list)
+ list_for_each_entry(z, &state->zones, list)
{
if (!hasbit(z->flags[0], FW3_FLAG_HOTPLUG))
{
}
else
{
- list_for_each_entry(z, &state->running_zones, running_list)
+ list_for_each_entry(z, &state->zones, list)
{
if (hasbit(z->flags[0], FW3_FLAG_HOTPLUG))
{
- list_for_each_entry(d, &z->running_devices, list)
+ list_for_each_entry(d, &z->devices, list)
fw3_hotplug(add, z, d);
delbit(z->flags[0], FW3_FLAG_HOTPLUG);
}
struct fw3_zone *
-fw3_lookup_zone(struct fw3_state *state, const char *name, bool running)
+fw3_lookup_zone(struct fw3_state *state, const char *name)
{
struct fw3_zone *z;
if (strcmp(z->name, name))
continue;
- if (!running || z->running_list.next)
- return z;
-
- break;
+ return z;
}
return NULL;
{
struct fw3_device *dev, *tmp;
- list_for_each_entry_safe(dev, tmp, &zone->running_devices, list)
+ list_for_each_entry_safe(dev, tmp, &zone->devices, list)
{
list_del(&dev->list);
free(dev);
}
- list_for_each_entry_safe(dev, tmp, &zone->running_networks, list)
+ list_for_each_entry_safe(dev, tmp, &zone->networks, list)
{
list_del(&dev->list);
free(dev);