From 294f209f64dca84d1c4dd801a1f7e615e39f0726 Mon Sep 17 00:00:00 2001 From: Jo-Philipp Wich Date: Thu, 16 May 2013 22:34:49 +0200 Subject: [PATCH] Restore iptables-save include functionality --- includes.c | 30 ++++++++++++++++++++++++------ main.c | 5 +++-- 2 files changed, 27 insertions(+), 8 deletions(-) diff --git a/includes.c b/includes.c index 23cfda0..42d5b7a 100644 --- a/includes.c +++ b/includes.c @@ -83,14 +83,11 @@ fw3_load_includes(struct fw3_state *state, struct uci_package *p) static void -print_include(struct fw3_include *include, enum fw3_family family) +print_include(struct fw3_include *include) { FILE *f; char line[1024]; - if (!fw3_is_family(include, family)) - return; - info(" * Loading include '%s'", include->path); if (!(f = fopen(include->path, "r"))) @@ -110,14 +107,35 @@ fw3_print_includes(struct fw3_state *state, enum fw3_family family, bool reload) { struct fw3_include *include; + bool exec = false; + const char *restore = "iptables-restore"; + + if (family == FW3_FAMILY_V6) + restore = "ip6tables-restore"; + list_for_each_entry(include, &state->includes, list) { if (reload && !include->reload) continue; - if (include->type == FW3_INC_TYPE_RESTORE) - print_include(include, family); + if (include->type != FW3_INC_TYPE_RESTORE) + continue; + + if (!fw3_is_family(include, family)) + continue; + + if (!exec) + { + exec = fw3_command_pipe(false, restore, "--noflush"); + + if (!exec) + return; + } + + print_include(include); } + + fw3_command_close(); } diff --git a/main.c b/main.c index fd6140a..7a8969f 100644 --- a/main.c +++ b/main.c @@ -294,7 +294,8 @@ start(void) fw3_ipt_commit(handle); } - //fw3_print_includes(cfg_state, family, false); + if (!print_family) + fw3_print_includes(cfg_state, family, false); family_set(run_state, family, true); family_set(cfg_state, family, true); @@ -384,7 +385,7 @@ start: fw3_ipt_commit(handle); } - //fw3_print_includes(cfg_state, family, true); + fw3_print_includes(cfg_state, family, true); family_set(run_state, family, true); family_set(cfg_state, family, true); -- 2.30.2