From: Jo-Philipp Wich Date: Tue, 19 Mar 2013 15:00:51 +0000 (+0100) Subject: Properly handle deleted zones and ipsets on restarts X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=71d9d828691cefcac19201079473e600ffa596c9;p=oweals%2Ffirewall3.git Properly handle deleted zones and ipsets on restarts --- diff --git a/ipsets.c b/ipsets.c index 48aaa9c..af03ddc 100644 --- a/ipsets.c +++ b/ipsets.c @@ -366,8 +366,9 @@ fw3_create_ipsets(struct fw3_state *state) return; list_for_each_entry(ipset, &state->ipsets, list) - if (!fw3_lookup_ipset(state, ipset->name, true)) - create_ipset(ipset, state); + if (!hasbit(ipset->flags[0], FW3_FLAG_DELETED)) + if (!fw3_lookup_ipset(state, ipset->name, true)) + create_ipset(ipset, state); fw3_pr("quit\n"); } diff --git a/options.h b/options.h index 3656a98..dd86d05 100644 --- a/options.h +++ b/options.h @@ -78,6 +78,7 @@ enum fw3_flag FW3_FLAG_MTU_FIX = 17, FW3_FLAG_DROP_INVALID = 18, FW3_FLAG_HOTPLUG = 19, + FW3_FLAG_DELETED = 20, __FW3_FLAG_MAX }; diff --git a/utils.c b/utils.c index dbc713c..e7a2215 100644 --- a/utils.c +++ b/utils.c @@ -409,6 +409,8 @@ fw3_read_statefile(void *state) zone->name = strdup(name); list_add_tail(&zone->list, &s->zones); + + setbit(flags[0], FW3_FLAG_DELETED); } zone->flags[0] = flags[0]; @@ -426,6 +428,8 @@ fw3_read_statefile(void *state) ipset->name = strdup(name); list_add_tail(&ipset->list, &s->ipsets); + + setbit(flags[0], FW3_FLAG_DELETED); } ipset->flags[0] = flags[0]; @@ -494,6 +498,9 @@ fw3_write_statefile(void *state) list_for_each_entry(z, &s->running_zones, running_list) { + if (hasbit(z->flags[0], FW3_FLAG_DELETED)) + continue; + if (fw3_no_table(z->flags[0]) && fw3_no_table(z->flags[1])) continue; @@ -512,6 +519,9 @@ fw3_write_statefile(void *state) list_for_each_entry(i, &s->running_ipsets, running_list) { + if (hasbit(z->flags[0], FW3_FLAG_DELETED)) + continue; + if (!fw3_no_family(i->flags[0]) || !fw3_no_family(i->flags[1])) { fprintf(sf, "%x %s %x %x\n", diff --git a/zones.c b/zones.c index a269629..a9a559e 100644 --- a/zones.c +++ b/zones.c @@ -488,7 +488,8 @@ fw3_print_zone_chains(struct fw3_state *state, enum fw3_family family, struct fw3_zone *zone; list_for_each_entry(zone, &state->zones, list) - print_zone_chain(state, family, table, reload, zone); + if (!hasbit(zone->flags[0], FW3_FLAG_DELETED)) + print_zone_chain(state, family, table, reload, zone); } void @@ -498,7 +499,8 @@ fw3_print_zone_rules(struct fw3_state *state, enum fw3_family family, struct fw3_zone *zone; list_for_each_entry(zone, &state->zones, list) - print_zone_rule(state, family, table, reload, zone); + if (!hasbit(zone->flags[0], FW3_FLAG_DELETED)) + print_zone_rule(state, family, table, reload, zone); } void