C(V4, NAT, SNAT, "zone_%s_postrouting"),
C(V4, NAT, DNAT, "zone_%s_prerouting"),
-
- C(ANY, RAW, NOTRACK, "zone_%s_notrack"),
};
-static struct fw3_option zone_opts[] = {
+const struct fw3_option fw3_zone_opts[] = {
+ FW3_OPT("enabled", bool, zone, enabled),
+
FW3_OPT("name", string, zone, name),
FW3_OPT("family", family, zone, family),
FW3_OPT("log", bool, zone, log),
FW3_OPT("log_limit", limit, zone, log_limit),
+
+ { }
};
INIT_LIST_HEAD(&zone->masq_src);
INIT_LIST_HEAD(&zone->masq_dest);
+ zone->enabled = true;
zone->log_limit.rate = 10;
return zone;
if (!zone)
continue;
- fw3_parse_options(zone, zone_opts, ARRAY_SIZE(zone_opts), s);
+ fw3_parse_options(zone, fw3_zone_opts, s);
+
+ if (!zone->enabled)
+ {
+ fw3_free_zone(zone);
+ continue;
+ }
if (!zone->extra_dest)
zone->extra_dest = zone->extra_src;
return NULL;
}
-
-void
-fw3_free_zone(struct fw3_zone *zone)
-{
- fw3_free_list(&zone->networks);
- fw3_free_list(&zone->devices);
- fw3_free_list(&zone->subnets);
-
- fw3_free_list(&zone->masq_src);
- fw3_free_list(&zone->masq_dest);
-
- free(zone);
-}
projects / project / firewall3.git / blobdiff