/*
* firewall3 - 3rd OpenWrt UCI firewall implementation
*
- * Copyright (C) 2013 Jo-Philipp Wich <jow@openwrt.org>
+ * Copyright (C) 2013 Jo-Philipp Wich <jo@mein.io>
*
* Permission to use, copy, modify, and/or distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
FW3_OPT("path", string, include, path),
FW3_OPT("type", include_type, include, type),
FW3_OPT("family", family, include, family),
+ FW3_OPT("reload", bool, include, reload),
{ }
};
if (strcmp(s->type, "include"))
continue;
- include = malloc(sizeof(*include));
-
+ include = calloc(1, sizeof(*include));
if (!include)
continue;
- memset(include, 0, sizeof(*include));
-
include->name = e->name;
include->enabled = true;
static void
-print_include(enum fw3_family family, struct fw3_include *include)
+print_include(struct fw3_include *include)
{
FILE *f;
char line[1024];
- if (!fw3_is_family(include, family))
- return;
-
info(" * Loading include '%s'", include->path);
if (!(f = fopen(include->path, "r")))
}
void
-fw3_print_includes(enum fw3_family family, struct fw3_state *state)
+fw3_print_includes(struct fw3_state *state, enum fw3_family family, bool reload)
{
struct fw3_include *include;
+ bool exec = false;
+ const char *restore = "iptables-restore";
+
+ if (family == FW3_FAMILY_V6)
+ restore = "ip6tables-restore";
+
list_for_each_entry(include, &state->includes, list)
- if (include->type == FW3_INC_TYPE_RESTORE)
- print_include(family, include);
+ {
+ if (reload && !include->reload)
+ continue;
+
+ if (include->type != FW3_INC_TYPE_RESTORE)
+ continue;
+
+ if (!fw3_is_family(include, family))
+ continue;
+
+ if (!exec)
+ {
+ exec = fw3_command_pipe(false, restore, "--noflush");
+
+ if (!exec)
+ return;
+ }
+
+ print_include(include);
+ }
+
+ if (exec)
+ fw3_command_close();
}
}
void
-fw3_run_includes(struct fw3_state *state)
+fw3_run_includes(struct fw3_state *state, bool reload)
{
struct fw3_include *include;
list_for_each_entry(include, &state->includes, list)
+ {
+ if (reload && !include->reload)
+ continue;
+
if (include->type == FW3_INC_TYPE_SCRIPT)
run_include(include);
+ }
}