projects
/
project
/
firewall3.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
|
inline
| side by side (parent:
294f209
)
Wait for ipsets to appear before continuing
author
Jo-Philipp Wich
<jow@openwrt.org>
Fri, 17 May 2013 13:17:48 +0000
(15:17 +0200)
committer
Jo-Philipp Wich
<jow@openwrt.org>
Fri, 17 May 2013 13:23:00 +0000
(15:23 +0200)
ipsets.c
patch
|
blob
|
history
main.c
patch
|
blob
|
history
diff --git
a/ipsets.c
b/ipsets.c
index 955d4349875f279f4857c8accce788920de42b0b..e149b5baa6ef24d0a49d7b28f492d10174bcfb1e 100644
(file)
--- a/
ipsets.c
+++ b/
ipsets.c
@@
-281,9
+281,6
@@
create_ipset(struct fw3_ipset *ipset, struct fw3_state *state)
struct fw3_ipset_datatype *type;
struct fw3_ipset_datatype *type;
- if (ipset->external)
- return;
-
info(" * Creating ipset %s", ipset->name);
first = true;
info(" * Creating ipset %s", ipset->name);
first = true;
@@
-325,31
+322,80
@@
create_ipset(struct fw3_ipset *ipset, struct fw3_state *state)
void
fw3_create_ipsets(struct fw3_state *state)
{
void
fw3_create_ipsets(struct fw3_state *state)
{
+ int tries;
+ bool exec = false;
struct fw3_ipset *ipset;
if (state->disable_ipsets)
return;
struct fw3_ipset *ipset;
if (state->disable_ipsets)
return;
+ /* spawn ipsets */
list_for_each_entry(ipset, &state->ipsets, list)
list_for_each_entry(ipset, &state->ipsets, list)
+ {
+ if (ipset->external)
+ continue;
+
+ if (!exec)
+ {
+ exec = fw3_command_pipe(false, "ipset", "-exist", "-");
+
+ if (!exec)
+ return;
+ }
+
create_ipset(ipset, state);
create_ipset(ipset, state);
+ }
fw3_pr("quit\n");
fw3_pr("quit\n");
+ fw3_command_close();
+
+ /* wait for ipsets to appear */
+ list_for_each_entry(ipset, &state->ipsets, list)
+ {
+ if (ipset->external)
+ continue;
+
+ for (tries = 0; !fw3_check_ipset(ipset) && tries < 10; tries++)
+ usleep(50000);
+ }
}
void
fw3_destroy_ipsets(struct fw3_state *state)
{
}
void
fw3_destroy_ipsets(struct fw3_state *state)
{
- struct fw3_ipset *s;
+ int tries;
+ bool exec = false;
+ struct fw3_ipset *ipset;
- list_for_each_entry(s, &state->ipsets, list)
+ /* destroy ipsets */
+ list_for_each_entry(ipset, &state->ipsets, list)
{
{
- info(" * Deleting ipset %s", s->name);
+ if (!exec)
+ {
+ exec = fw3_command_pipe(false, "ipset", "-exist", "-");
+
+ if (!exec)
+ return;
+ }
- fw3_pr("flush %s\n", s->name);
- fw3_pr("destroy %s\n", s->name);
+ info(" * Deleting ipset %s", ipset->name);
+
+ fw3_pr("flush %s\n", ipset->name);
+ fw3_pr("destroy %s\n", ipset->name);
}
fw3_pr("quit\n");
}
fw3_pr("quit\n");
+ fw3_command_close();
+
+ /* wait for ipsets to disappear */
+ list_for_each_entry(ipset, &state->ipsets, list)
+ {
+ if (ipset->external)
+ continue;
+
+ for (tries = 0; fw3_check_ipset(ipset) && tries < 10; tries++)
+ usleep(50000);
+ }
}
struct fw3_ipset *
}
struct fw3_ipset *
diff --git
a/main.c
b/main.c
index 7a8969fae7a5683d4b3a75011dc7f3464bb6891c..8305f9f28330cf7e1d6884fad7ee4c9bf0440a1d 100644
(file)
--- a/
main.c
+++ b/
main.c
@@
-214,13
+214,7
@@
stop(bool complete)
}
if (run_state)
}
if (run_state)
- {
- if (fw3_command_pipe(false, "ipset", "-exist", "-"))
- {
- fw3_destroy_ipsets(run_state);
- fw3_command_close();
- }
- }
+ fw3_destroy_ipsets(run_state);
if (complete && (ct = fopen("/proc/net/nf_conntrack", "w")) != NULL)
{
if (complete && (ct = fopen("/proc/net/nf_conntrack", "w")) != NULL)
{
@@
-245,13
+239,7
@@
start(void)
struct fw3_ipt_handle *handle;
if (!print_family)
struct fw3_ipt_handle *handle;
if (!print_family)
- {
- if (fw3_command_pipe(false, "ipset", "-exist", "-"))
- {
- fw3_create_ipsets(cfg_state);
- fw3_command_close();
- }
- }
+ fw3_create_ipsets(cfg_state);
for (family = FW3_FAMILY_V4; family <= FW3_FAMILY_V6; family++)
{
for (family = FW3_FAMILY_V4; family <= FW3_FAMILY_V6; family++)
{