if (!b)
{
warn_elem(e, "requires unavailable target extension %s, disabling", target);
+ *available = false;
}
- *available = b;
}
static void
struct uci_element *e;
struct fw3_defaults *defs = &state->defaults;
- bool flow_offload_avaliable = false;
bool seen = false;
defs->tcp_reject_code = FW3_REJECT_CODE_TCP_RESET;
continue;
}
+ seen = true;
+
if(!fw3_parse_options(&state->defaults, fw3_flag_opts, s))
warn_elem(e, "has invalid options");
check_any_reject_code(e, &defs->any_reject_code);
/* exists in both ipv4 and ipv6, if at all, so only check ipv4 */
- check_target(e, &flow_offload_avaliable, "FLOWOFFLOAD", false);
-
- if (!flow_offload_avaliable)
- defs->flow_offloading = false;
+ check_target(e, &defs->flow_offloading, "FLOWOFFLOAD", false);
}
}
if (defs->syn_flood)
{
- r = fw3_ipt_rule_create(handle, &tcp, NULL, NULL, NULL, NULL);
- fw3_ipt_rule_extra(r, "--syn");
+ r = fw3_ipt_rule_create(handle, NULL, NULL, NULL, NULL, NULL);
fw3_ipt_rule_limit(r, &defs->syn_flood_rate);
fw3_ipt_rule_target(r, "RETURN");
fw3_ipt_rule_append(r, "syn_flood");
projects / project / firewall3.git / blobdiff