defs->tcp_window_scaling = true;
defs->custom_chains = true;
- defs->has_flag = (1 << FW3_DEFAULT_IPV4_LOADED);
+ defs->flags = (1 << FW3_DEFAULT_IPV4_LOADED);
uci_foreach_element(&p->sections, e)
{
check_policy(e, &defs->policy_forward, "forward");
if (!defs->disable_ipv6)
- setbit(defs->has_flag, FW3_DEFAULT_IPV6_LOADED);
+ setbit(defs->flags, FW3_DEFAULT_IPV6_LOADED);
if (defs->custom_chains)
- setbit(defs->has_flag, FW3_DEFAULT_CUSTOM_CHAINS);
+ setbit(defs->flags, FW3_DEFAULT_CUSTOM_CHAINS);
if (defs->syn_flood)
- setbit(defs->has_flag, FW3_DEFAULT_SYN_FLOOD);
+ setbit(defs->flags, FW3_DEFAULT_SYN_FLOOD);
}
}
fw3_pr(":OUTPUT %s [0:0]\n", policy[defs->policy_output]);
}
- print_chains(table, family, ":%s - [0:0]\n", defs->has_flag,
+ print_chains(table, family, ":%s - [0:0]\n", defs->flags,
default_chains, ARRAY_SIZE(default_chains));
}
if (forward->_dest)
{
- setbit(forward->_dest->has_dest_target, FW3_TARGET_ACCEPT);
+ setbit(forward->_dest->dst_flags, FW3_TARGET_ACCEPT);
if (forward->_src &&
(forward->_src->conntrack || forward->_dest->conntrack))
static bool
family_loaded(struct fw3_state *state, enum fw3_family family)
{
- return hasbit(state->defaults.has_flag, family_flag(family));
+ return hasbit(state->defaults.flags, family_flag(family));
}
static void
family_set(struct fw3_state *state, enum fw3_family family, bool set)
{
if (set)
- setbit(state->defaults.has_flag, family_flag(family));
+ setbit(state->defaults.flags, family_flag(family));
else
- delbit(state->defaults.has_flag, family_flag(family));
+ delbit(state->defaults.flags, family_flag(family));
}
static int
bool disable_ipv6;
- uint8_t has_flag;
+ uint8_t flags;
};
struct fw3_zone
bool custom_chains;
- uint8_t has_src_target;
- uint8_t has_dest_target;
+ uint8_t src_flags;
+ uint8_t dst_flags;
};
struct fw3_rule
warn_elem(e, "has no source specified");
else
{
- setbit(redir->_src->has_dest_target, redir->target);
+ setbit(redir->_src->dst_flags, redir->target);
redir->_src->conntrack = true;
valid = true;
}
if (redir->reflection && redir->_dest && redir->_src->masq)
{
- setbit(redir->_dest->has_dest_target, FW3_TARGET_ACCEPT);
- setbit(redir->_dest->has_dest_target, FW3_TARGET_DNAT);
- setbit(redir->_dest->has_dest_target, FW3_TARGET_SNAT);
+ setbit(redir->_dest->dst_flags, FW3_TARGET_ACCEPT);
+ setbit(redir->_dest->dst_flags, FW3_TARGET_DNAT);
+ setbit(redir->_dest->dst_flags, FW3_TARGET_SNAT);
}
}
else
warn_elem(e, "has no src_dip option specified");
else
{
- setbit(redir->_dest->has_dest_target, redir->target);
+ setbit(redir->_dest->dst_flags, redir->target);
redir->_dest->conntrack = true;
valid = true;
}
}
if (rule->_dest)
- setbit(rule->_dest->has_dest_target, rule->target);
+ setbit(rule->_dest->dst_flags, rule->target);
list_add_tail(&rule->list, &state->rules);
continue;
int mask = (1 << FW3_DEFAULT_IPV4_LOADED) | (1 << FW3_DEFAULT_IPV6_LOADED);
- if (!(d->has_flag & mask))
+ if (!(d->flags & mask))
{
if (unlink(FW3_STATEFILE))
warn("Unable to remove state %s: %s",
return;
}
- fprintf(sf, "%u - %u\n", FW3_TYPE_DEFAULTS, d->has_flag);
+ fprintf(sf, "%u - %u\n", FW3_TYPE_DEFAULTS, d->flags);
list_for_each_entry(z, &s->zones, list)
{
fprintf(sf, "%u %s %u %u\n", FW3_TYPE_ZONE,
- z->name, z->has_src_target, z->has_dest_target);
+ z->name, z->src_flags, z->dst_flags);
}
list_for_each_entry(i, &s->ipsets, list)
if (zone->masq)
{
- setbit(zone->has_dest_target, FW3_TARGET_SNAT);
+ setbit(zone->dst_flags, FW3_TARGET_SNAT);
zone->conntrack = true;
}
- setbit(zone->has_src_target, zone->policy_input);
- setbit(zone->has_dest_target, zone->policy_output);
- setbit(zone->has_dest_target, zone->policy_forward);
+ setbit(zone->src_flags, zone->policy_input);
+ setbit(zone->dst_flags, zone->policy_output);
+ setbit(zone->dst_flags, zone->policy_forward);
list_add_tail(&zone->list, &state->zones);
}
return;
if (!zone->conntrack && !disable_notrack)
- setbit(zone->has_dest_target, FW3_TARGET_NOTRACK);
+ setbit(zone->dst_flags, FW3_TARGET_NOTRACK);
s = print_chains(table, family, ":%s - [0:0]\n", zone->name,
- zone->has_src_target, src_chains, ARRAY_SIZE(src_chains));
+ zone->src_flags, src_chains, ARRAY_SIZE(src_chains));
d = print_chains(table, family, ":%s - [0:0]\n", zone->name,
- zone->has_dest_target, dst_chains, ARRAY_SIZE(dst_chains));
+ zone->dst_flags, dst_chains, ARRAY_SIZE(dst_chains));
if (s || d)
info(" * Zone '%s'", zone->name);
{
for (t = FW3_TARGET_ACCEPT; t <= FW3_TARGET_DROP; t++)
{
- if (zone->has_src_target & (1 << t))
+ if (zone->src_flags & (1 << t))
{
fw3_pr("-A zone_%s_src_%s", zone->name, targets[t*2]);
fw3_format_in_out(dev, NULL);
fw3_pr(" -j %s\n", targets[t*2+1]);
}
- if (zone->has_dest_target & (1 << t))
+ if (zone->dst_flags & (1 << t))
{
fw3_pr("-A zone_%s_dest_%s", zone->name, targets[t*2]);
fw3_format_in_out(NULL, dev);
}
else if (table == FW3_TABLE_NAT)
{
- if (zone->has_dest_target & (1 << FW3_TARGET_DNAT))
+ if (zone->dst_flags & (1 << FW3_TARGET_DNAT))
{
fw3_pr("-A delegate_prerouting");
fw3_format_in_out(dev, NULL);
fw3_pr(" -j zone_%s_prerouting\n", zone->name);
}
- if (zone->has_dest_target & (1 << FW3_TARGET_SNAT))
+ if (zone->dst_flags & (1 << FW3_TARGET_SNAT))
{
fw3_pr("-A delegate_postrouting");
fw3_format_in_out(NULL, dev);
{
for (t = FW3_TARGET_REJECT; t <= FW3_TARGET_DROP; t++)
{
- if (zone->has_src_target & (1 << t))
+ if (zone->src_flags & (1 << t))
{
fw3_pr("-A zone_%s_src_%s", zone->name, targets[t]);
fw3_format_limit(&zone->log_limit);
targets[t], zone->name);
}
- if (zone->has_dest_target & (1 << t))
+ if (zone->dst_flags & (1 << t))
{
fw3_pr("-A zone_%s_dest_%s", zone->name, targets[t]);
fw3_format_limit(&zone->log_limit);
projects / oweals / firewall3.git / commitdiff