From 50979cc9c3805a72145440299b5c78e1be25c473 Mon Sep 17 00:00:00 2001 From: Wenli Looi Date: Wed, 9 Jun 2021 21:51:06 -0700 Subject: firewall3: remove unnecessary fw3_has_table Given that firewall3 already skips the table when fw3_ipt_open fails, there is no need for fw3_has_table. Furthermore, /proc/net/ip_tables_names is not reliable under linux containers (e.g. Docker/LXC/LXD). This patch will remove the need for existing hacks required for OpenWrt to run on those platforms. Reviewed-by: Rui Salvaterra Tested-by: Rui Salvaterra Tested-by: Ansuel Smith Signed-off-by: Wenli Looi --- main.c | 15 --------------- utils.c | 9 --------- utils.h | 2 -- 3 files changed, 26 deletions(-) diff --git a/main.c b/main.c index 9afeb70..5985e73 100644 --- a/main.c +++ b/main.c @@ -195,9 +195,6 @@ stop(bool complete) for (table = FW3_TABLE_FILTER; table <= FW3_TABLE_RAW; table++) { - if (!fw3_has_table(family == FW3_FAMILY_V6, fw3_flag_names[table])) - continue; - if (!(handle = fw3_ipt_open(family, table))) continue; @@ -279,9 +276,6 @@ start(void) for (table = FW3_TABLE_FILTER; table <= FW3_TABLE_RAW; table++) { - if (!fw3_has_table(family == FW3_FAMILY_V6, fw3_flag_names[table])) - continue; - if (!(handle = fw3_ipt_open(family, table))) continue; @@ -350,9 +344,6 @@ reload(void) for (table = FW3_TABLE_FILTER; table <= FW3_TABLE_RAW; table++) { - if (!fw3_has_table(family == FW3_FAMILY_V6, fw3_flag_names[table])) - continue; - if (!(handle = fw3_ipt_open(family, table))) continue; @@ -379,9 +370,6 @@ start: for (table = FW3_TABLE_FILTER; table <= FW3_TABLE_RAW; table++) { - if (!fw3_has_table(family == FW3_FAMILY_V6, fw3_flag_names[table])) - continue; - if (!(handle = fw3_ipt_open(family, table))) continue; @@ -437,9 +425,6 @@ gc(void) for (table = FW3_TABLE_FILTER; table <= FW3_TABLE_RAW; table++) { - if (!fw3_has_table(family == FW3_FAMILY_V6, fw3_flag_names[table])) - continue; - if (!(handle = fw3_ipt_open(family, table))) continue; diff --git a/utils.c b/utils.c index 92e966c..faa51a1 100644 --- a/utils.c +++ b/utils.c @@ -339,15 +339,6 @@ file_contains(const char *path, const char *str) return seen; } -bool -fw3_has_table(const bool ipv6, const char *table) -{ - const char *path = ipv6 - ? "/proc/net/ip6_tables_names" : "/proc/net/ip_tables_names"; - - return file_contains(path, table); -} - bool fw3_has_target(const bool ipv6, const char *target) { diff --git a/utils.h b/utils.h index 884907d..5b17a2d 100644 --- a/utils.h +++ b/utils.h @@ -102,8 +102,6 @@ void fw3_command_close(void); void fw3_pr(const char *fmt, ...) __attribute__ ((format (printf, 1, 2))); -bool fw3_has_table(const bool ipv6, const char *table); - bool fw3_has_target(const bool ipv6, const char *target); bool fw3_lock(void); -- cgit v1.2.1