projects / project / firewall3.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
make fw3_ubus_address take a list_head * argument instead of allocating & returning one
[project/firewall3.git] / main.c
diff --git a/main.c b/main.c
index c0180b2e8ba9b79b69caacd7515071af617c5734..455c049cbb6a5678e286b4d605cd6c4cc810b9ef 100644 (file)
--- a/main.c
+++ b/main.c
@@ -45,12 +45,10 @@ build_state(bool runtime)
        struct uci_package *p = NULL;
        FILE *sf;
 
-       state = malloc(sizeof(*state));
-
+       state = calloc(1, sizeof(*state));
        if (!state)
                error("Out of memory");
 
-       memset(state, 0, sizeof(*state));
        state->uci = uci_alloc_context();
 
        if (!state->uci)
@@ -98,12 +96,16 @@ build_state(bool runtime)
                cfg_state = state;
        }
 
+
+       struct blob_buf b = {NULL, NULL, 0, NULL};
+       fw3_ubus_rules(&b);
+
        fw3_load_defaults(state, p);
        fw3_load_ipsets(state, p);
        fw3_load_zones(state, p);
-       fw3_load_rules(state, p);
+       fw3_load_rules(state, p, b.head);
        fw3_load_redirects(state, p);
-       fw3_load_snats(state, p);
+       fw3_load_snats(state, p, b.head);
        fw3_load_forwards(state, p);
        fw3_load_includes(state, p);
 
@@ -374,6 +376,7 @@ start:
                        fw3_print_default_head_rules(handle, cfg_state, true);
                        fw3_print_rules(handle, cfg_state);
                        fw3_print_redirects(handle, cfg_state);
+                       fw3_print_snats(handle, cfg_state);
                        fw3_print_forwards(handle, cfg_state);
                        fw3_print_zone_rules(handle, cfg_state, true);
                        fw3_print_default_tail_rules(handle, cfg_state, true);
@@ -443,6 +446,35 @@ lookup_device(const char *dev)
        return 1;
 }
 
+static int
+lookup_zone(const char *zone, const char *device)
+{
+       struct fw3_zone *z;
+       struct fw3_device *d;
+
+       list_for_each_entry(z, &cfg_state->zones, list)
+       {
+               if (strcmp(z->name, zone))
+                       continue;
+
+               list_for_each_entry(d, &z->devices, list)
+               {
+                       if (device && strcmp(device, d->name))
+                               continue;
+
+                       printf("%s\n", d->name);
+
+                       if (device)
+                               return 0;
+               }
+
+               if (!device)
+                       return 0;
+       }
+
+       return 1;
+}
+
 static int
 usage(void)
 {
@@ -450,6 +482,7 @@ usage(void)
        fprintf(stderr, "fw3 [-q] {start|stop|flush|reload|restart}\n");
        fprintf(stderr, "fw3 [-q] network {net}\n");
        fprintf(stderr, "fw3 [-q] device {dev}\n");
+       fprintf(stderr, "fw3 [-q] zone {zone} [dev]\n");
 
        return 1;
 }
@@ -478,7 +511,7 @@ int main(int argc, char **argv)
                        break;
 
                case 'q':
-                       freopen("/dev/null", "w", stderr);
+                       if (freopen("/dev/null", "w", stderr)) {}
                        break;
 
                case 'h':
@@ -513,7 +546,7 @@ int main(int argc, char **argv)
 #endif
                }
 
-               freopen("/dev/null", "w", stderr);
+               if (freopen("/dev/null", "w", stderr)) {};
 
                cfg_state->disable_ipsets = true;
                print_family = family;
@@ -570,6 +603,10 @@ int main(int argc, char **argv)
        {
                rv = lookup_device(argv[optind + 1]);
        }
+       else if (!strcmp(argv[optind], "zone") && (optind + 1) < argc)
+       {
+               rv = lookup_zone(argv[optind + 1], argv[optind + 2]);
+       }
        else
        {
                rv = usage();
OpenWrt firewall configuration utility