only emit zone flush commands if the zone is active for the current family

author Jo-Philipp Wich <jow@openwrt.org>

Wed, 20 Feb 2013 10:50:02 +0000 (11:50 +0100)

committer Jo-Philipp Wich <jow@openwrt.org>

Wed, 20 Feb 2013 15:35:29 +0000 (16:35 +0100)
author Jo-Philipp Wich <jow@openwrt.org>
Wed, 20 Feb 2013 10:50:02 +0000 (11:50 +0100)
committer Jo-Philipp Wich <jow@openwrt.org>
Wed, 20 Feb 2013 15:35:29 +0000 (16:35 +0100)
diff --git a/zones.c b/zones.c

index edd875ad8b1ee7f5131524f304f282bd9728eb0c..9595c37a2f44fe3f630d821719515a7b12761c0f 100644 (file)
--- a/zones.c
+++ b/zones.c
@@ -224,6 +224,8 @@ print_zone_chain(enum fw3_table table, enum fw3_family family,
         if (!fw3_is_family(zone, family))
                 return;
  
+       setbit(zone->dst_flags, family);
+
         if (!zone->conntrack && !disable_notrack)
                 setbit(zone->dst_flags, FW3_TARGET_NOTRACK);
  
@@ -464,6 +466,9 @@ fw3_flush_zones(enum fw3_table table, enum fw3_family family,
                 if (e->type != FW3_TYPE_ZONE)
                         continue;
  
+               if (!hasbit(e->flags[1], family))
+                       continue;
+
                 print_chains(table, family, pass2 ? "-X %s\n" : "-F %s\n",
                              e->name, e->flags[0], src_chains, ARRAY_SIZE(src_chains));
author	Jo-Philipp Wich <jow@openwrt.org>
	Wed, 20 Feb 2013 10:50:02 +0000 (11:50 +0100)
committer	Jo-Philipp Wich <jow@openwrt.org>
	Wed, 20 Feb 2013 15:35:29 +0000 (16:35 +0100)