1 files changed, 66 insertions, 21 deletions

diff --git a/includes.c b/includes.c
index a2b37a3..8639210 100644
--- a/includes.c
+++ b/includes.c
@@ -30,52 +30,97 @@ const struct fw3_option fw3_include_opts[] = {
 	{ }
 };
 
+static bool
+check_include(struct fw3_state *state, struct fw3_include *include, struct uci_element *e)
+{
+	if (!include->enabled)
+		return false;
+
+	if (!include->path)
+	{
+		warn_section("include", include, e, "must specify a path");
+		return false;
+	}
+
+	if (include->type == FW3_INC_TYPE_RESTORE && !include->family)
+		warn_section("include", include, e, "does not specify a family, include will get"
+				"loaded with both iptables-restore and ip6tables-restore!");
+
+	return true;
+}
+
+static struct fw3_include *
+fw3_alloc_include(struct fw3_state *state)
+{
+	struct fw3_include *include;
+
+	include = calloc(1, sizeof(*include));
+	if (!include)
+		return NULL;
+
+	include->enabled = true;
+
+	list_add_tail(&include->list, &state->includes);
+
+	return include;
+}
 
 void
-fw3_load_includes(struct fw3_state *state, struct uci_package *p)
+fw3_load_includes(struct fw3_state *state, struct uci_package *p,
+		struct blob_attr *a)
 {
 	struct uci_section *s;
 	struct uci_element *e;
 	struct fw3_include *include;
+	struct blob_attr *entry;
+	unsigned rem;
 
 	INIT_LIST_HEAD(&state->includes);
 
-	uci_foreach_element(&p->sections, e)
+	blob_for_each_attr(entry, a, rem)
 	{
-		s = uci_to_section(e);
+		const char *type;
+		const char *name = "ubus include";
 
-		if (strcmp(s->type, "include"))
+		if (!fw3_attr_parse_name_type(entry, &name, &type))
 			continue;
 
-		include = calloc(1, sizeof(*include));
-		if (!include)
+		if (strcmp(type, "script") && strcmp(type, "restore"))
 			continue;
 
-		include->name = e->name;
-		include->enabled = true;
-
-		if (!fw3_parse_options(include, fw3_include_opts, s))
-			warn_elem(e, "has invalid options");
+		include = fw3_alloc_include(state);
+		if (!include)
+			continue;
 
-		if (!include->enabled)
+		if (!fw3_parse_blob_options(include, fw3_include_opts, entry, name))
 		{
+			warn_section("include", include, NULL, "skipped due to invalid options");
 			fw3_free_include(include);
 			continue;
 		}
 
-		if (!include->path)
-		{
-			warn_elem(e, "must specify a path");
+		if (!check_include(state, include, NULL))
 			fw3_free_include(include);
+	}
+
+	uci_foreach_element(&p->sections, e)
+	{
+		s = uci_to_section(e);
+
+		if (strcmp(s->type, "include"))
+			continue;
+
+		include = fw3_alloc_include(state);
+		if (!include)
 			continue;
-		}
 
-		if (include->type == FW3_INC_TYPE_RESTORE && !include->family)
-			warn_elem(e, "does not specify a family, include will get loaded "
-			             "with both iptables-restore and ip6tables-restore!");
+		include->name = e->name;
 
-		list_add_tail(&include->list, &state->includes);
-		continue;
+		if (!fw3_parse_options(include, fw3_include_opts, s))
+			warn_elem(e, "has invalid options");
+
+		if (!check_include(state, include, e))
+			fw3_free_include(include);
 	}
 }