X-Git-Url: http://git.openwrt.org/?a=blobdiff_plain;f=includes.c;h=e2450a8da7e7c52d13bcff0852524b6696c325ed;hb=b59934331c4b9271ceb5e30b793a552618299d39;hp=40995ca49c5e4738f2c6be733da019068b84b1b3;hpb=bd574af529c0661c125336bdd9d0d1f2e09287c3;p=project%2Ffirewall3.git

diff --git a/includes.c b/includes.c
index 40995ca..e2450a8 100644
--- a/includes.c
+++ b/includes.c
@@ -20,9 +20,12 @@
 
 
 const struct fw3_option fw3_include_opts[] = {
+	FW3_OPT("enabled",             bool,           include,     enabled),
+
 	FW3_OPT("path",                string,         include,     path),
 	FW3_OPT("type",                include_type,   include,     type),
 	FW3_OPT("family",              family,         include,     family),
+	FW3_OPT("reload",              bool,           include,     reload),
 
 	{ }
 };
@@ -44,16 +47,21 @@ fw3_load_includes(struct fw3_state *state, struct uci_package *p)
 		if (strcmp(s->type, "include"))
 			continue;
 
-		include = malloc(sizeof(*include));
-
+		include = calloc(1, sizeof(*include));
 		if (!include)
 			continue;
 
-		memset(include, 0, sizeof(*include));
 		include->name = e->name;
+		include->enabled = true;
 
 		fw3_parse_options(include, fw3_include_opts, s);
 
+		if (!include->enabled)
+		{
+			fw3_free_include(include);
+			continue;
+		}
+
 		if (!include->path)
 		{
 			warn_elem(e, "must specify a path");
@@ -72,14 +80,11 @@ fw3_load_includes(struct fw3_state *state, struct uci_package *p)
 
 
 static void
-print_include(enum fw3_family family, struct fw3_include *include)
+print_include(struct fw3_include *include)
 {
 	FILE *f;
 	char line[1024];
 
-	if (!fw3_is_family(include, family))
-		return;
-
 	info(" * Loading include '%s'", include->path);
 
 	if (!(f = fopen(include->path, "r")))
@@ -95,13 +100,40 @@ print_include(enum fw3_family family, struct fw3_include *include)
 }
 
 void
-fw3_print_includes(enum fw3_family family, struct fw3_state *state)
+fw3_print_includes(struct fw3_state *state, enum fw3_family family, bool reload)
 {
 	struct fw3_include *include;
 
+	bool exec = false;
+	const char *restore = "iptables-restore";
+
+	if (family == FW3_FAMILY_V6)
+		restore = "ip6tables-restore";
+
 	list_for_each_entry(include, &state->includes, list)
-		if (include->type == FW3_INC_TYPE_RESTORE)
-			print_include(family, include);
+	{
+		if (reload && !include->reload)
+			continue;
+
+		if (include->type != FW3_INC_TYPE_RESTORE)
+			continue;
+
+		if (!fw3_is_family(include, family))
+			continue;
+
+		if (!exec)
+		{
+			exec = fw3_command_pipe(false, restore, "--noflush");
+
+			if (!exec)
+				return;
+		}
+
+		print_include(include);
+	}
+
+	if (exec)
+		fw3_command_close();
 }
 
 
@@ -134,11 +166,16 @@ run_include(struct fw3_include *include)
 }
 
 void
-fw3_run_includes(struct fw3_state *state)
+fw3_run_includes(struct fw3_state *state, bool reload)
 {
 	struct fw3_include *include;
 
 	list_for_each_entry(include, &state->includes, list)
+	{
+		if (reload && !include->reload)
+			continue;
+
 		if (include->type == FW3_INC_TYPE_SCRIPT)
 			run_include(include);
+	}
 }