From c4b9c253df7cb1347dc5cf63846fb52d641e8ca6 Mon Sep 17 00:00:00 2001 From: Jo-Philipp Wich Date: Sun, 17 Feb 2013 21:52:55 +0100 Subject: [PATCH] destroy ipsets on explicit stop and flush, but not on restart --- main.c | 21 +++++++++++++++------ 1 file changed, 15 insertions(+), 6 deletions(-) diff --git a/main.c b/main.c index a260d7d..79324a4 100644 --- a/main.c +++ b/main.c @@ -160,15 +160,19 @@ stop(struct fw3_state *state, bool complete) fw3_command_close(); } - if (complete && fw3_command_pipe(false, "ipset", "-exist", "-")) - { - fw3_destroy_ipsets(state); - fw3_command_close(); - } - return 0; } +static void +destroy_ipsets(struct fw3_state *state) +{ + if (!fw3_command_pipe(false, "ipset", "-exist", "-")) + return; + + fw3_destroy_ipsets(state); + fw3_command_close(); +} + static int start(struct fw3_state *state) { @@ -352,12 +356,17 @@ int main(int argc, char **argv) } rv = stop(state, false); + + destroy_ipsets(state); + fw3_remove_state(); } else if (!strcmp(argv[optind], "flush")) { rv = stop(state, true); + destroy_ipsets(state); + if (fw3_has_state()) fw3_remove_state(); } -- 2.25.1