diff options
| author | Jo-Philipp Wich <jow@openwrt.org> | 2013-03-10 18:17:21 +0100 |
|---|---|---|
| committer | Jo-Philipp Wich <jow@openwrt.org> | 2013-03-10 19:19:26 +0100 |
| commit | 9d72f0ecb589960bfe21751fbef470116c041a3d (patch) | |
| tree | 60e010eceffa32a40441ce052e9777a127fdfa5e /options.h | |
| parent | b2b2e69b19a20a46f3db6d717a899248fa24628c (diff) | |
| download | firewall3-9d72f0ecb589960bfe21751fbef470116c041a3d.tar.gz | |
Properly handle per zone user chain rules by fixing multiple logic errors
* Track running zone state in separate bit fields
* Track IPv4 and IPv6 custom chain state separately
* Extend flag bitfields to 32 bit
Diffstat (limited to 'options.h')
| -rw-r--r-- | options.h | 24 |
1 files changed, 14 insertions, 10 deletions
@@ -70,16 +70,17 @@ enum fw3_target FW3_TARGET_NOTRACK = 9, FW3_TARGET_DNAT = 10, FW3_TARGET_SNAT = 11, - FW3_TARGET_CUSTOM_CHAINS = 12, /* alias to FW3_DEFAULT_CUSTOM_CHAINS */ + FW3_TARGET_CUSTOM_CNS_V4 = 12, + FW3_TARGET_CUSTOM_CNS_V6 = 13, }; enum fw3_default { FW3_DEFAULT_UNSPEC = 0, - FW3_DEFAULT_CUSTOM_CHAINS = 12, - FW3_DEFAULT_SYN_FLOOD = 13, - FW3_DEFAULT_MTU_FIX = 14, - FW3_DEFAULT_DROP_INVALID = 15, + FW3_DEFAULT_CUSTOM_CHAINS = 14, + FW3_DEFAULT_SYN_FLOOD = 15, + FW3_DEFAULT_MTU_FIX = 16, + FW3_DEFAULT_DROP_INVALID = 17, }; extern const char *fw3_flag_names[FW3_DEFAULT_DROP_INVALID + 1]; @@ -170,7 +171,7 @@ struct fw3_protocol bool any; bool invert; - uint16_t protocol; + uint32_t protocol; }; struct fw3_port @@ -238,7 +239,7 @@ struct fw3_defaults bool disable_ipv6; - uint16_t flags; + uint32_t flags; }; struct fw3_zone @@ -274,8 +275,11 @@ struct fw3_zone bool custom_chains; - uint16_t src_flags; - uint16_t dst_flags; + uint32_t src_flags; + uint32_t dst_flags; + + uint32_t running_src_flags; + uint32_t running_dst_flags; }; struct fw3_rule @@ -393,7 +397,7 @@ struct fw3_ipset const char *external; - uint16_t flags; + uint32_t flags; }; struct fw3_include |