f_status_t status = F_none;
- f_array_length_t i = 0;
- f_string_dynamics_t arguments = f_string_dynamics_t_initialize;
- f_string_dynamic_t argument = f_string_dynamic_t_initialize;
-
- int return_code = 0;
- f_array_length_t length = 0;
bool invalid = F_false;
bool is_ip_list = F_false;
- f_string_dynamic_t ip_list = f_string_dynamic_t_initialize;
// Iptables command arguments
bool device_all = F_false;
- bool ip_list_direction = F_false; // false = source, true = destination
+ bool ip_list_direction = F_false; // false = source, true = destination.
bool use_protocol = F_false;
uint8_t tool = firewall_program_ip46tables_e;
uint8_t chain = firewall_chain_none_id_e;
- f_array_length_t repeat = 2;
+ int return_code = 0;
+
+ f_array_length_t i = 0;
f_array_length_t r = 0;
+ f_array_length_t repeat = 2;
+ f_array_length_t length = 0;
f_string_static_t current_tool = firewall_tool_iptables_s;
- f_array_length_t current_tool_length = firewall_tool_iptables_s_length;
- f_array_length_t direction = firewall_direction_none_id_e;
+ uint8_t direction = firewall_direction_none_id_e;
+ uint8_t action = firewall_action_append_id_e;
+
+ f_string_dynamic_t ip_list = f_string_dynamic_t_initialize;
f_string_dynamic_t device = f_string_dynamic_t_initialize;
- f_array_length_t action = firewall_action_append_id_e;
f_string_dynamic_t protocol = f_string_dynamic_t_initialize;
+ f_string_dynamics_t arguments = f_string_dynamics_t_initialize;
if (local.is_global) {
device_all = F_true;
}
else {
- if (main->devices.array[local.device].used > 0) {
- macro_f_string_dynamic_t_resize(status, device, main->devices.array[local.device].used);
+ if (main->devices.array[local.device].used) {
+ device.used = 0;
+
+ status = f_string_dynamic_append(main->devices.array[local.device], &device);
+
+ if (F_status_is_error_not(status)) {
+ status = f_string_dynamic_terminate_after(&device);
+ }
if (F_status_is_error(status)) {
- f_string_dynamic_resize(0, &device);
+ if (F_status_set_fine(status) == F_memory_not) {
+ firewall_print_error_on_allocation_failure(main->error);
+ }
return status;
}
-
- macro_firewall_concat_string(device.string, main->devices.array[local.device].string, main->devices.array[local.device].used);
- device.used = main->devices.array[local.device].used;
}
}
chain = firewall_chain_custom_id_e;
}
- for (uint16_t signal_check = 0; i < local.rule_objects.used; ++i) {
+ for (uint16_t signal_check = 0; F_status_is_error_not(status) && i < local.rule_objects.used; ++i) {
if (!((++signal_check) % firewall_signal_check_d)) {
if (firewall_signal_received(main)) {
f_string_dynamic_resize(0, &ip_list);
- f_string_dynamic_resize(0, &argument);
f_string_dynamics_resize(0, &arguments);
f_string_dynamic_resize(0, &device);
f_string_dynamic_resize(0, &protocol);
signal_check = 0;
}
- length = macro_firewall_structure_size(local.rule_objects, i);
+ length = macro_firewall_structure_size(local.rule_objects, i);
invalid = F_false;
is_ip_list = F_false;
ip_list_direction = F_false;
- f_string_dynamic_resize(0, &ip_list);
+ ip_list.used = 0;
// Process chain rule
- if (length >= firewall_chain_s_length && fl_string_compare(local.buffer.string + local.rule_objects.array[i].start, (f_string_t) firewall_chain_s, length, firewall_chain_s_length) == F_equal_to) {
+ if (fl_string_dynamic_compare_string(local.buffer.string + local.rule_objects.array[i].start, firewall_chain_s, length) == F_equal_to) {
if (chain == firewall_chain_custom_id_e) {
// Custom chains can only apply to themselves, so silently ignore chain commands specified within a custom chain.
if (macro_firewall_rule_contents_has_incorrect_items(i, 1)) {
invalid = F_true;
}
- else if (length >= firewall_chain_input_s_length && fl_string_compare(local.buffer.string + local.rule_contents.array[i].array[0].start, (f_string_t) firewall_chain_input_s, length, firewall_chain_input_s_length) == F_equal_to) {
+ else if (fl_string_dynamic_compare_string(local.buffer.string + local.rule_contents.array[i].array[0].start, firewall_chain_input_s, length) == F_equal_to) {
chain = firewall_chain_input_id_e;
}
- else if (length >= firewall_chain_output_s_length && fl_string_compare(local.buffer.string + local.rule_contents.array[i].array[0].start, (f_string_t) firewall_chain_output_s, length, firewall_chain_output_s_length) == F_equal_to) {
+ else if (fl_string_dynamic_compare_string(local.buffer.string + local.rule_contents.array[i].array[0].start, firewall_chain_output_s, length) == F_equal_to) {
chain = firewall_chain_output_id_e;
}
- else if (length >= firewall_chain_forward_s_length && fl_string_compare(local.buffer.string + local.rule_contents.array[i].array[0].start, (f_string_t) firewall_chain_forward_s, length, firewall_chain_forward_s_length) == F_equal_to) {
+ else if (fl_string_dynamic_compare_string(local.buffer.string + local.rule_contents.array[i].array[0].start, firewall_chain_forward_s, length) == F_equal_to) {
chain = firewall_chain_forward_id_e;
}
- else if (length >= firewall_chain_postrouting_s_length && fl_string_compare(local.buffer.string + local.rule_contents.array[i].array[0].start, (f_string_t) firewall_chain_postrouting_s, length, firewall_chain_postrouting_s_length) == F_equal_to) {
+ else if (fl_string_dynamic_compare_string(local.buffer.string + local.rule_contents.array[i].array[0].start, firewall_chain_postrouting_s, length) == F_equal_to) {
chain = firewall_chain_postrouting_id_e;
}
- else if (length >= firewall_chain_prerouting_s_length && fl_string_compare(local.buffer.string + local.rule_contents.array[i].array[0].start, (f_string_t) firewall_chain_prerouting_s, length, firewall_chain_prerouting_s_length) == F_equal_to) {
+ else if (fl_string_dynamic_compare_string(local.buffer.string + local.rule_contents.array[i].array[0].start, firewall_chain_prerouting_s, length) == F_equal_to) {
chain = firewall_chain_prerouting_id_e;
}
- else if (length >= firewall_chain_none_s_length && fl_string_compare(local.buffer.string + local.rule_contents.array[i].array[0].start, (f_string_t) firewall_chain_none_s, length, firewall_chain_none_s_length) == F_equal_to) {
+ else if (fl_string_dynamic_compare_string(local.buffer.string + local.rule_contents.array[i].array[0].start, firewall_chain_none_s, length) == F_equal_to) {
chain = firewall_chain_none_id_e;
}
else {
}
// Process direction rule
- else if (length >= firewall_direction_s_length && fl_string_compare(local.buffer.string + local.rule_objects.array[i].start, (f_string_t) firewall_direction_s, length, firewall_direction_s_length) == F_equal_to) {
+ else if (fl_string_dynamic_compare_string(local.buffer.string + local.rule_objects.array[i].start, firewall_direction_s, length) == F_equal_to) {
length = macro_firewall_structure_size(local.rule_contents.array[i], 0);
if (macro_firewall_rule_contents_has_incorrect_items(i, 1)) {
invalid = F_true;
}
- else if (length >= firewall_direction_input_s_length && fl_string_compare(local.buffer.string + local.rule_contents.array[i].array[0].start, (f_string_t) firewall_direction_input_s, length, firewall_direction_input_s_length) == F_equal_to) {
+ else if (fl_string_dynamic_compare_string(local.buffer.string + local.rule_contents.array[i].array[0].start, firewall_direction_input_s, length) == F_equal_to) {
direction = firewall_direction_input_id_e;
}
- else if (length >= firewall_direction_output_s_length && fl_string_compare(local.buffer.string + local.rule_contents.array[i].array[0].start, (f_string_t) firewall_direction_output_s, length, firewall_direction_output_s_length) == F_equal_to) {
+ else if (fl_string_dynamic_compare_string(local.buffer.string + local.rule_contents.array[i].array[0].start, firewall_direction_output_s, length) == F_equal_to) {
direction = firewall_direction_output_id_e;
}
- else if (length >= firewall_direction_none_s_length && fl_string_compare(local.buffer.string + local.rule_contents.array[i].array[0].start, (f_string_t) firewall_direction_none_s, length, firewall_direction_none_s_length) == F_equal_to) {
+ else if (fl_string_dynamic_compare_string(local.buffer.string + local.rule_contents.array[i].array[0].start, firewall_direction_none_s, length) == F_equal_to) {
direction = firewall_direction_none_id_e;
}
else {
}
// Process device rule.
- else if (length >= firewall_device_s_length && fl_string_compare(local.buffer.string + local.rule_objects.array[i].start, (f_string_t) firewall_device_s, length, firewall_device_s_length) == F_equal_to) {
+ else if (fl_string_dynamic_compare_string(local.buffer.string + local.rule_objects.array[i].start, firewall_device_s, length) == F_equal_to) {
length = macro_firewall_structure_size(local.rule_contents.array[i], 0);
if (macro_firewall_rule_contents_has_incorrect_items(i, 1)) {
invalid = F_true;
}
- else if (length >= firewall_device_all_s_length && fl_string_compare(local.buffer.string + local.rule_contents.array[i].array[0].start, (f_string_t) firewall_device_all_s, length, firewall_device_all_s_length) == F_equal_to) {
+ else if (fl_string_dynamic_compare_string(local.buffer.string + local.rule_contents.array[i].array[0].start, firewall_device_all_s, length) == F_equal_to) {
f_string_dynamic_resize(0, &device);
device_all = F_true;
continue;
}
- else if (length >= firewall_device_this_s_length && fl_string_compare(local.buffer.string + local.rule_contents.array[i].array[0].start, (f_string_t) firewall_device_this_s, length, firewall_device_this_s_length) == F_equal_to) {
+ else if (fl_string_dynamic_compare_string(local.buffer.string + local.rule_contents.array[i].array[0].start, firewall_device_this_s, length) == F_equal_to) {
if (main->devices.array[local.device].used > 0) {
if (main->devices.array[local.device].used > device.size) {
macro_f_string_dynamic_t_resize(status, device, main->devices.array[local.device].used);
if (F_status_is_error(status)) break;
}
- macro_firewall_concat_string(device.string, main->devices.array[local.device].string, main->devices.array[local.device].used);
+ memcpy(device.string, main->devices.array[local.device].string, main->devices.array[local.device].used);
device.used = main->devices.array[local.device].used;
}
}
if (!invalid) {
- if (length > 0) {
- if (length > device.size) {
- status = f_string_dynamic_resize(length, &device);
- if (F_status_is_error(status)) break;
+ device.used = 0;
+
+ if (length) {
+ status = f_string_dynamic_partial_append(local.buffer, local.rule_contents.array[i].array[0], &device);
+
+ if (F_status_is_error_not(status)) {
+ status = f_string_dynamic_terminate_after(&device);
}
- macro_firewall_concat_string(device.string, local.buffer.string + local.rule_contents.array[i].array[0].start, length);
- device.used = length;
- }
- else {
- f_string_dynamic_resize(0, &device);
+ if (F_status_is_error(status)) break;
}
device_all = F_false;
}
// Process action rule.
- else if (length >= firewall_action_length_s && fl_string_compare(local.buffer.string + local.rule_objects.array[i].start, (f_string_t) firewall_action_s, length, firewall_action_length_s) == F_equal_to) {
+ else if (fl_string_dynamic_compare_string(local.buffer.string + local.rule_objects.array[i].start, firewall_action_s, length) == F_equal_to) {
length = macro_firewall_structure_size(local.rule_contents.array[i], 0);
if (macro_firewall_rule_contents_has_incorrect_items(i, 1)) {
invalid = F_true;
}
- else if (length >= firewall_action_append_s_length && fl_string_compare(local.buffer.string + local.rule_contents.array[i].array[0].start, (f_string_t) firewall_action_append_s, length, firewall_action_append_s_length) == F_equal_to) {
+ else if (fl_string_dynamic_compare_string(local.buffer.string + local.rule_contents.array[i].array[0].start, firewall_action_append_s, length) == F_equal_to) {
action = firewall_action_append_id_e;
}
- else if (length >= firewall_action_insert_s_length && fl_string_compare(local.buffer.string + local.rule_contents.array[i].array[0].start, (f_string_t) firewall_action_insert_s, length, firewall_action_insert_s_length) == F_equal_to) {
+ else if (fl_string_dynamic_compare_string(local.buffer.string + local.rule_contents.array[i].array[0].start, firewall_action_insert_s, length) == F_equal_to) {
action = firewall_action_insert_id_e;
}
- else if (length >= firewall_action_policy_s_length && fl_string_compare(local.buffer.string + local.rule_contents.array[i].array[0].start, (f_string_t) firewall_action_policy_s, length, firewall_action_policy_s_length) == F_equal_to) {
+ else if (fl_string_dynamic_compare_string(local.buffer.string + local.rule_contents.array[i].array[0].start, firewall_action_policy_s, length) == F_equal_to) {
action = firewall_action_policy_id_e;
}
- else if (length >= firewall_action_none_s_length && fl_string_compare(local.buffer.string + local.rule_contents.array[i].array[0].start, (f_string_t) firewall_action_none_s, length, firewall_action_none_s_length) == F_equal_to) {
+ else if (fl_string_dynamic_compare_string(local.buffer.string + local.rule_contents.array[i].array[0].start, firewall_action_none_s, length) == F_equal_to) {
action = firewall_action_none_id_e;
}
else {
}
// Process ip_list rule.
- else if (length >= firewall_ip_list_length_s && fl_string_compare(local.buffer.string + local.rule_objects.array[i].start, (f_string_t) firewall_ip_list, length, firewall_ip_list_length_s) == F_equal_to) {
+ else if (fl_string_dynamic_compare_string(local.buffer.string + local.rule_objects.array[i].start, firewall_ip_list, length) == F_equal_to) {
length = macro_firewall_structure_size(local.rule_contents.array[i], 0);
is_ip_list = F_true;
- if (length >= firewall_ip_list_source_s_length && fl_string_compare(local.buffer.string + local.rule_contents.array[i].array[0].start, (f_string_t) firewall_ip_list_source_s, length, firewall_ip_list_source_s_length) == F_equal_to) {
+ if (fl_string_dynamic_compare_string(local.buffer.string + local.rule_contents.array[i].array[0].start, firewall_ip_list_source_s, length) == F_equal_to) {
ip_list_direction = F_false;
}
- else if (length >= firewall_ip_list_destination_s_length && fl_string_compare(local.buffer.string + local.rule_contents.array[i].array[0].start, (f_string_t) firewall_ip_list_destination_s, length, firewall_ip_list_destination_s_length) == F_equal_to) {
+ else if (fl_string_dynamic_compare_string(local.buffer.string + local.rule_contents.array[i].array[0].start, firewall_ip_list_destination_s, length) == F_equal_to) {
ip_list_direction = F_true;
}
else {
invalid = F_true;
}
}
- else if (length >= firewall_protocol_s_length && fl_string_compare(local.buffer.string + local.rule_objects.array[i].start, (f_string_t) firewall_protocol_s, length, firewall_protocol_s_length) == F_equal_to) {
+ else if (fl_string_dynamic_compare_string(local.buffer.string + local.rule_objects.array[i].start, firewall_protocol_s, length) == F_equal_to) {
length = macro_firewall_structure_size(local.rule_contents.array[i], 0);
if (macro_firewall_rule_contents_has_incorrect_items(i, 1)) {
invalid = F_true;
}
else {
- if (fl_string_compare(local.buffer.string + local.rule_contents.array[i].array[0].start, (f_string_t) firewall_protocol_none_s, length, firewall_protocol_none_s_length) == F_equal_to) {
+ if (fl_string_dynamic_compare_string(local.buffer.string + local.rule_contents.array[i].array[0].start, firewall_protocol_none_s, length) == F_equal_to) {
use_protocol = F_false;
}
- else if (length > 0) {
- status = f_string_dynamic_resize(length, &potocol);
+ else if (length) {
+ protocol.used = 0;
+
+ status = f_string_dynamic_partial_append(local.buffer, local.rule_contents.array[i].array[0], &protocol);
+
+ if (F_status_is_error_not(status)) {
+ status = f_string_dynamic_terminate_after(&protocol);
+ }
if (F_status_is_error(status)) break;
- macro_firewall_concat_string(protocol.string, local.buffer.string + local.rule_contents.array[i].array[0].start, length);
- protocol.used = length;
use_protocol = F_true;
}
else {
}
// Process tool rule.
- else if (length >= firewall_tool_s_length && fl_string_compare(local.buffer.string + local.rule_objects.array[i].start, (f_string_t) firewall_tool_s, length, firewall_tool_s_length) == F_equal_to) {
+ else if (fl_string_dynamic_compare_string(local.buffer.string + local.rule_objects.array[i].start, firewall_tool_s, length) == F_equal_to) {
length = macro_firewall_structure_size(local.rule_contents.array[i], 0);
if (macro_firewall_rule_contents_has_incorrect_items(i, 1)) {
invalid = F_true;
}
else {
- if (fl_string_compare(local.buffer.string + local.rule_contents.array[i].array[0].start, (f_string_t) firewall_tool_iptables_s, length, firewall_tool_iptables_s_length) == F_equal_to) {
+ if (fl_string_dynamic_compare_string(local.buffer.string + local.rule_contents.array[i].array[0].start, firewall_tool_iptables_s, length) == F_equal_to) {
tool = firewall_program_iptables_e;
current_tool = firewall_tool_iptables_s;
- current_tool_length = firewall_tool_iptables_s_length;
repeat = 1;
}
- else if (fl_string_compare(local.buffer.string + local.rule_contents.array[i].array[0].start, (f_string_t) firewall_tool_ip6tables_s, length, firewall_tool_ip6tables_s_length) == F_equal_to) {
+ else if (fl_string_dynamic_compare_string(local.buffer.string + local.rule_contents.array[i].array[0].start, firewall_tool_ip6tables_s, length) == F_equal_to) {
tool = firewall_program_ip6tables_e;
current_tool = firewall_tool_ip6tables_s;
- current_tool_length = firewall_tool_ip6tables_s_length;
repeat = 1;
}
- else if (fl_string_compare(local.buffer.string + local.rule_contents.array[i].array[0].start, (f_string_t) firewall_tool_ip46tables_s, length, firewall_tool_ip46tables_s_length) == F_equal_to) {
+ else if (fl_string_dynamic_compare_string(local.buffer.string + local.rule_contents.array[i].array[0].start, firewall_tool_ip46tables_s, length) == F_equal_to) {
tool = firewall_program_ip46tables_e;
current_tool = firewall_tool_iptables_s;
- current_tool_length = firewall_tool_iptables_s_length;
repeat = 2;
}
else {
}
}
- // Process rule rule, if the remaining rule does not match as firewall_rule_s, then it is an invalid rule.
- else if (length < firewall_rule_s_length || fl_string_compare(local.buffer.string + local.rule_objects.array[i].start, (f_string_t) firewall_rule_s, length, firewall_rule_s_length) == F_equal_to_not) {
+ // If the remaining rule does not match as firewall_rule_s, then it is an invalid rule.
+ else if (fl_string_dynamic_compare_string(local.buffer.string + local.rule_objects.array[i].start, firewall_rule_s, length) == F_equal_to_not) {
if (length) {
flockfile(main->warning.to.stream);
- fl_print_format("%r%[%QAt line %ul, the object '%]%[", main->warning.to.stream, f_string_eol_s, main->warning.context, main->warning.prefix, i, main->warning.context, main->warning.notable);
- f_print(local.buffer.string + local.rule_objects.array[i].start, length, main->warning.to.stream);
- fl_print_format("%]%[' is invalid.%]%r", main->warning.to.stream, main->warning.notable, main->warning.context, main->warning.context, f_string_eol_s);
+ fl_print_format("%r%[%QAt line %ul, the object '%]", main->warning.to.stream, f_string_eol_s, main->warning.context, main->warning.prefix, i, main->warning.context, main->warning.notable);
+ fl_print_format("%[%/Q%]", main->warning.to.stream, main->warning.notable, local.buffer, local.rule_objects.array[i], main->warning.notable);
+ fl_print_format("%[' is invalid.%]%r", main->warning.to.stream, main->warning.context, main->warning.context, f_string_eol_s);
funlockfile(main->warning.to.stream);
}
if (length) {
flockfile(main->warning.to.stream);
- fl_print_format("%r%[%QAt line %ul, the object '%]%[", main->warning.to.stream, f_string_eol_s, main->warning.context, main->warning.prefix, i, main->warning.context, main->warning.notable);
- f_print(local.buffer.string + local.rule_objects.array[i].start, length, main->warning.to.stream);
- fl_print_format("%]%[' has invalid content '%]%[", main->warning.to.stream, main->warning.notable, main->warning.context, main->warning.context, main->warning.notable);
- f_print(local.buffer.string + local.rule_contents.array[i].array[0].start, macro_firewall_structure_size(local.rule_contents.array[i], 0), main->warning.to.stream);
- fl_print_format("%]%['.%]%r", main->warning.to.stream, main->warning.notable, main->warning.context, main->warning.context, f_string_eol_s);
+ fl_print_format("%r%[%QAt line %ul, the object '%]", main->warning.to.stream, f_string_eol_s, main->warning.context, main->warning.prefix, i, main->warning.context);
+ fl_print_format("%[%/Q%]", main->warning.to.stream, main->warning.notable, local.buffer, local.rule_objects.array[i], main->warning.notable);
+ fl_print_format("%[' has invalid content '%]", main->warning.to.stream, main->warning.context, main->warning.context);
+ fl_print_format("%[%/Q%]", main->warning.to.stream, main->warning.notable, local.buffer, local.rule_contents.array[i].array[0], main->warning.notable);
+ fl_print_format("%['.%]%r", main->warning.to.stream, main->warning.context, main->warning.context, f_string_eol_s);
funlockfile(main->warning.to.stream);
}
continue;
}
- for (r = repeat; r > 0; --r) {
+ for (r = repeat; F_status_is_error_not(status) && r; --r) {
- // First add the program name
- f_string_dynamics_resize(0, &arguments);
+ arguments.used = 0;
+ // First add the program name.
status = f_string_dynamics_increase(F_memory_default_allocation_small_d, &arguments);
if (F_status_is_error(status)) break;
if (tool == firewall_program_ip46tables_e) {
if (r == 2) {
current_tool = firewall_tool_iptables_s;
- current_tool_length = firewall_tool_iptables_s_length;
}
else {
current_tool = firewall_tool_ip6tables_s;
- current_tool_length = firewall_tool_ip6tables_s_length;
}
}
- f_string_dynamic_resize(0, &argument);
-
- if (F_status_is_error(status)) break;
-
// Process the action when a non-none chain is specified.
if (chain != firewall_chain_none_id_e && action != firewall_action_none_id_e) {
- if (action == firewall_action_append_id_e) {
- macro_f_string_dynamic_t_resize(status, argument, firewall_action_append_command_s_length);
+ status = f_string_dynamics_increase(firewall_default_allocation_step_d, &arguments);
+ if (F_status_is_error(status)) break;
- if (F_status_is_error(status)) break;
+ arguments.array[arguments.used].used = 0;
- macro_firewall_concat_string(argument.string, firewall_action_append_command_s, firewall_action_append_command_s_length);
- argument.used = firewall_action_append_command_s_length;
+ if (action == firewall_action_append_id_e) {
+ status = f_string_dynamic_append(firewall_action_append_command_s, &arguments.array[arguments.used]);
}
else if (action == firewall_action_insert_id_e) {
- macro_f_string_dynamic_t_resize(status, argument, firewall_action_insert_command_s_length);
-
- if (F_status_is_error(status)) break;
-
- macro_firewall_concat_string(argument.string, firewall_action_insert_command_s, firewall_action_insert_command_s_length);
- argument.used = firewall_action_insert_command_s_length;
+ status = f_string_dynamic_append(firewall_action_insert_command_s, &arguments.array[arguments.used]);
}
else if (action == firewall_action_policy_id_e) {
- macro_f_string_dynamic_t_resize(status, argument, firewall_action_policy_command_s_length);
-
- if (F_status_is_error(status)) break;
+ status = f_string_dynamic_append(firewall_action_policy_command_s, &arguments.array[arguments.used]);
+ }
- macro_firewall_concat_string(argument.string, firewall_action_policy_command_s, firewall_action_policy_command_s_length);
- argument.used = firewall_action_policy_command_s_length;
+ if (F_status_is_error_not(status)) {
+ status = f_string_dynamic_terminate_after(&arguments.array[arguments.used]);
}
- if (argument.used > 0) {
- macro_firewall_append_argument_to_arguments(status, arguments, argument)
- if (F_status_is_error(status)) {
- f_string_dynamic_resize(0, &argument);
+ if (F_status_is_error(status)) break;
- break;
- }
+ if (action == firewall_action_append_id_e || action == firewall_action_insert_id_e || action == firewall_action_policy_id_e) {
+ ++arguments.used;
- // Process the chain, which is required by the action.
- if (chain == firewall_chain_custom_id_e) {
- if (main->chains.array[local.chain_ids.array[local.chain]].used > 0) {
- macro_f_string_dynamic_t_resize(status, argument, main->chains.array[local.chain_ids.array[local.chain]].used);
+ status = f_string_dynamics_increase(firewall_default_allocation_step_d, &arguments);
+ if (F_status_is_error(status)) break;
- if (F_status_is_error(status)) break;
+ arguments.array[arguments.used].used = 0;
+ status = F_data_not;
- macro_firewall_concat_string(argument.string, main->chains.array[local.chain_ids.array[local.chain]].string, main->chains.array[local.chain_ids.array[local.chain]].used);
- argument.used = main->chains.array[local.chain_ids.array[local.chain]].used;
- }
+ // Process the chain, which is required by the action.
+ if (chain == firewall_chain_custom_id_e) {
+ status = f_string_dynamic_append(main->chains.array[local.chain_ids.array[local.chain]], &arguments.array[arguments.used]);
}
else if (chain == firewall_chain_forward_id_e) {
- macro_f_string_dynamic_t_resize(status, argument, firewall_chain_forward_s_length);
-
- if (F_status_is_error(status)) break;
-
- macro_firewall_concat_string(argument.string, firewall_chain_forward_s, firewall_chain_forward_s_length);
- argument.used = firewall_chain_forward_s_length;
+ status = f_string_dynamic_append(firewall_chain_forward_s, &arguments.array[arguments.used]);
}
else if (chain == firewall_chain_postrouting_id_e) {
- macro_f_string_dynamic_t_resize(status, argument, firewall_chain_postrouting_s_length);
-
- if (F_status_is_error(status)) break;
-
- macro_firewall_concat_string(argument.string, firewall_chain_postrouting_s, firewall_chain_postrouting_s_length);
- argument.used += firewall_chain_postrouting_s_length;
+ status = f_string_dynamic_append(firewall_chain_postrouting_s, &arguments.array[arguments.used]);
}
else if (chain == firewall_chain_prerouting_id_e) {
- macro_f_string_dynamic_t_resize(status, argument, firewall_chain_prerouting_s_length);
-
- if (F_status_is_error(status)) break;
-
- macro_firewall_concat_string(argument.string, firewall_chain_prerouting_s, firewall_chain_prerouting_s_length);
- argument.used = firewall_chain_prerouting_s_length;
+ status = f_string_dynamic_append(firewall_chain_prerouting_s, &arguments.array[arguments.used]);
}
else if (chain == firewall_chain_input_id_e) {
- macro_f_string_dynamic_t_resize(status, argument, firewall_chain_input_s_length);
-
- if (F_status_is_error(status)) break;
-
- macro_firewall_concat_string(argument.string, firewall_chain_input_s, firewall_chain_input_s_length);
- argument.used = firewall_chain_input_s_length;
+ status = f_string_dynamic_append(firewall_chain_input_s, &arguments.array[arguments.used]);
}
else if (chain == firewall_chain_output_id_e) {
- macro_f_string_dynamic_t_resize(status, argument, firewall_chain_output_s_length);
-
- if (F_status_is_error(status)) break;
+ status = f_string_dynamic_append(firewall_chain_output_s, &arguments.array[arguments.used]);
+ }
- macro_firewall_concat_string(argument.string, firewall_chain_output_s, firewall_chain_output_s_length);
- argument.used = firewall_chain_output_s_length;
+ if (F_status_is_error_not(status)) {
+ status = f_string_dynamic_terminate_after(&arguments.array[arguments.used]);
}
- if (argument.used > 0) {
- macro_firewall_append_argument_to_arguments(status, arguments, argument)
- if (F_status_is_error(status)) {
- break;
- }
+ if (F_status_is_error(status)) break;
+
+ if (status == F_data_not) {
+ status = F_none;
+ }
+ else {
+ ++arguments.used;
}
}
}
// Add the device if and only if a non-none direction is specified.
- if (device.used > 0 && (direction == firewall_direction_input_id_e || direction == firewall_direction_output_id_e)) {
- if (length < firewall_device_all_s_length || fl_string_compare(local.buffer.string + local.rule_contents.array[i].array[0].start, (f_string_t) firewall_device_all_s, length, firewall_device_all_s_length) == F_equal_to_not) {
+ if (device.used && (direction == firewall_direction_input_id_e || direction == firewall_direction_output_id_e)) {
+ if (fl_string_dynamic_compare_string(local.buffer.string + local.rule_contents.array[i].array[0].start, firewall_device_all_s, length) == F_equal_to_not) {
+
+ status = f_string_dynamics_increase(firewall_default_allocation_step_d, &arguments);
+ if (F_status_is_error(status)) break;
+
+ arguments.array[arguments.used].used = 0;
+
if (direction == firewall_direction_input_id_e) {
- macro_f_string_dynamic_t_resize(status, argument, firewall_device_input_command_length_s);
- if (F_status_is_error(status)) break;
+ status = f_string_dynamic_append(firewall_device_input_command_s, &arguments.array[arguments.used]);
+
+ if (F_status_is_error_not(status)) {
+ status = f_string_dynamic_terminate_after(&arguments.array[arguments.used]);
+ }
- macro_firewall_concat_string(argument.string, firewall_device_input_command_s, firewall_device_input_command_length_s);
- argument.used = firewall_device_input_command_length_s;
- }
- else if (direction == firewall_direction_output_id_e) {
- macro_f_string_dynamic_t_resize(status, argument, firewall_device_output_command_length_s);
if (F_status_is_error(status)) break;
- macro_firewall_concat_string(argument.string, firewall_device_output_command_s, firewall_device_output_command_length_s);
- argument.used = firewall_device_output_command_length_s;
+ ++arguments.used;
}
+ else if (direction == firewall_direction_output_id_e) {
+ status = f_string_dynamic_append(firewall_device_output_command_s, &arguments.array[arguments.used]);
- if (argument.used > 0) {
- macro_firewall_append_argument_to_arguments(status, arguments, argument)
- if (F_status_is_error(status)) {
- break;
+ if (F_status_is_error_not(status)) {
+ status = f_string_dynamic_terminate_after(&arguments.array[arguments.used]);
}
+
+ if (F_status_is_error(status)) break;
+
+ ++arguments.used;
}
}
// Add the device.
- if (device.used > 0) {
- macro_f_string_dynamic_t_resize(status, argument, device.used);
-
+ if (device.used) {
+ status = f_string_dynamics_increase(firewall_default_allocation_step_d, &arguments);
if (F_status_is_error(status)) break;
- macro_firewall_concat_string(argument.string, device.string, device.used);
- argument.used = device.used;
+ arguments.array[arguments.used].used = 0;
- macro_firewall_append_argument_to_arguments(status, arguments, argument)
- if (F_status_is_error(status)) {
- break;
+ status = f_string_dynamic_append(device, &arguments.array[arguments.used]);
+
+ if (F_status_is_error_not(status)) {
+ status = f_string_dynamic_terminate_after(&arguments.array[arguments.used]);
}
+
+ if (F_status_is_error(status)) break;
+
+ ++arguments.used;
}
}
if (use_protocol) {
- macro_f_string_dynamic_t_resize(status, argument, firewall_protocol_command_s_length);
-
+ status = f_string_dynamics_increase(firewall_default_allocation_step_d, &arguments);
if (F_status_is_error(status)) break;
- macro_firewall_concat_string(argument.string, firewall_protocol_command_s, firewall_protocol_command_s_length);
- argument.used = firewall_protocol_command_s_length;
+ arguments.array[arguments.used].used = 0;
- macro_firewall_append_argument_to_arguments(status, arguments, argument)
- if (F_status_is_error(status)) {
- break;
+ status = f_string_dynamic_append(firewall_protocol_command_s, &arguments.array[arguments.used]);
+
+ if (F_status_is_error_not(status)) {
+ status = f_string_dynamic_terminate_after(&arguments.array[arguments.used]);
}
- if (protocol.used > 0) {
- macro_f_string_dynamic_t_resize(status, argument, protocol.used);
+ if (F_status_is_error(status)) break;
+
+ ++arguments.used;
+ if (protocol.used) {
+ status = f_string_dynamics_increase(firewall_default_allocation_step_d, &arguments);
if (F_status_is_error(status)) break;
- macro_firewall_concat_string(argument.string, protocol.string, protocol.used);
- argument.used = protocol.used;
+ arguments.array[arguments.used].used = 0;
- macro_firewall_append_argument_to_arguments(status, arguments, argument)
- if (F_status_is_error(status)) {
- break;
+ status = f_string_dynamic_append(protocol, &arguments.array[arguments.used]);
+
+ if (F_status_is_error_not(status)) {
+ status = f_string_dynamic_terminate_after(&arguments.array[arguments.used]);
}
+
+ if (F_status_is_error(status)) break;
+
+ ++arguments.used;
}
}
- // Last up is the "rule"
+ // Last up is the "rule".
if ((!is_ip_list && local.rule_contents.array[i].used > 0) || (is_ip_list && local.rule_contents.array[i].used > 1)) {
f_array_length_t subcounter = 0;
if (is_ip_list) {
- // Skip past the chain
+ // Skip past the chain.
++subcounter;
length = macro_firewall_structure_size(local.rule_contents.array[i], subcounter);
- if (length > 0) {
- macro_f_string_dynamic_t_resize(status, ip_list, length);
+ if (length) {
+ ip_list.used = 0;
+
+ status = f_string_dynamic_partial_append(local.buffer, local.rule_contents.array[i].array[subcounter], &ip_list);
+
+ if (F_status_is_error_not(status)) {
+ status = f_string_dynamic_terminate_after(&ip_list);
+ }
if (F_status_is_error(status)) {
+
// Prevent the loop below from being processed.
subcounter = local.rule_contents.array[i].used;
}
else {
- macro_firewall_concat_string(ip_list.string, local.buffer.string + local.rule_contents.array[i].array[subcounter].start, length);
- ip_list.used = length;
-
++subcounter;
}
}
length = macro_firewall_structure_size(local.rule_contents.array[i], subcounter);
- if (length > 0) {
- macro_f_string_dynamic_t_resize(status, argument, length);
+ if (length) {
+ arguments.array[arguments.used].used = 0;
- if (F_status_is_error(status)) break;
+ status = f_string_dynamic_partial_append(local.buffer, local.rule_contents.array[i].array[subcounter], &arguments.array[arguments.used]);
- macro_firewall_concat_string(argument.string, local.buffer.string + local.rule_contents.array[i].array[subcounter].start, length);
- argument.used = length;
-
- macro_firewall_append_argument_to_arguments(status, arguments, argument)
- if (F_status_is_error(status)) {
- break;
+ if (F_status_is_error_not(status)) {
+ status = f_string_dynamic_terminate_after(&arguments.array[arguments.used]);
}
+
+ if (F_status_is_error(status)) break;
+
+ ++arguments.used;
}
} // for
}
flockfile(main->warning.to.stream);
- fl_print_format("%r%[%QAt line %ul, the object '%]%[", main->warning.to.stream, f_string_eol_s, main->warning.context, main->warning.prefix, i, main->warning.context, main->warning.notable);
- f_print(local.buffer.string + local.rule_objects.array[i].start, length, main->warning.to.stream);
- fl_print_format("%]%[' has no content.%]%r", main->warning.to.stream, main->warning.notable, main->warning.context, main->warning.context, f_string_eol_s);
+ fl_print_format("%r%[%QAt line %ul, the object '%]", main->warning.to.stream, f_string_eol_s, main->warning.context, main->warning.prefix, i, main->warning.context);
+ fl_print_format("%[%/Q%]", main->warning.to.stream, main->warning.notable, local.buffer, local.rule_objects.array[i], main->warning.notable);
+ fl_print_format("%]%[' has no content.%]%r", main->warning.to.stream, main->warning.context, main->warning.context, f_string_eol_s);
funlockfile(main->warning.to.stream);
if (arguments.used > 1) {
if (is_ip_list) {
f_file_t file = f_file_t_initialize;
- f_string_dynamic_t file_path = f_string_dynamic_t_initialize;
+ f_string_dynamic_t path_file = f_string_dynamic_t_initialize;
f_string_dynamic_t local_buffer = f_string_dynamic_t_initialize;
f_fss_objects_t basic_objects = f_fss_objects_t_initialize;
f_fss_contents_t basic_contents = f_fss_objects_t_initialize;
- macro_f_string_dynamic_t_resize(status, file_path, network_path_s_length + ip_list.used + firewall_default_allocation_step_d);
+ status = f_string_dynamic_append(firewall_network_path_s, &path_file);
- if (status == F_none) {
- macro_firewall_concat_string(file_path.string, network_path_s, network_path_s_length);
- macro_firewall_concat_string(file_path.string + network_path_s_length, ip_list.string, ip_list.used);
- file_path.used = file_path.size;
- file_path.string[file_path.used] = 0;
+ if (F_status_is_error_not(status)) {
+ status = f_string_dynamic_append(ip_list, &path_file);
+ }
- status = f_file_open(file_path.string, 0, &file);
+ if (F_status_is_error_not(status)) {
+ status = f_file_open(path_file, 0, &file);
}
if (F_status_is_error(status)) {
- status = F_status_set_fine(status);
-
- if (status == F_parameter) {
+ if (F_status_set_fine(status) == F_parameter) {
if (main->error.verbosity != f_console_verbosity_quiet_e) {
firewall_print_error_on_invalid_parameter(main->error, "f_file_open");
}
}
- else if (status == F_file_found_not) {
+ else if (F_status_set_fine(status) == F_file_found_not) {
// The file does not have to exist
if (main->error.verbosity != f_console_verbosity_verbose_e || main->error.verbosity == f_console_verbosity_debug_e) {
- fll_print_format("%r%[%QCannot find the file '%Q'.%]%r", main->warning.to.stream, f_string_eol_s, main->warning.context, main->warning.prefix, file_path, main->warning.context, f_string_eol_s);
+ fll_print_format("%r%[%QCannot find the file '%Q'.%]%r", main->warning.to.stream, f_string_eol_s, main->warning.context, main->warning.prefix, path_file, main->warning.context, f_string_eol_s);
}
status = F_none;
}
- else if (status == F_file_open) {
+ else if (F_status_set_fine(status) == F_file_open) {
if (main->error.verbosity != f_console_verbosity_quiet_e) {
- fll_print_format("%r%[%QUnable to open the file '%Q'.%]%r", main->error.to.stream, f_string_eol_s, main->error.context, main->error.prefix, file_path, main->error.context, f_string_eol_s);
+ fll_print_format("%r%[%QUnable to open the file '%Q'.%]%r", main->error.to.stream, f_string_eol_s, main->error.context, main->error.prefix, path_file, main->error.context, f_string_eol_s);
}
}
- else if (status == F_file_descriptor) {
+ else if (F_status_set_fine(status) == F_file_descriptor) {
if (main->error.verbosity != f_console_verbosity_quiet_e) {
- fll_print_format("%r%[%QFile descriptor error while trying to open the file '%Q'.%]%r", main->error.to.stream, f_string_eol_s, main->error.context, main->error.prefix, file_path, main->error.context, f_string_eol_s);
+ fll_print_format("%r%[%QFile descriptor error while trying to open the file '%Q'.%]%r", main->error.to.stream, f_string_eol_s, main->error.context, main->error.prefix, path_file, main->error.context, f_string_eol_s);
}
}
- else if (status == F_memory_not) {
+ else if (F_status_set_fine(status) == F_memory_not) {
firewall_print_error_on_allocation_failure(main->error);
}
else {
- firewall_print_error_on_unhandled(main->error, "f_file_open", status);
- }
-
- if (status != F_file_found_not) {
- status = F_status_set_error(status);
+ firewall_print_error_on_unhandled(main->error, "f_file_open", F_status_set_fine(status));
}
f_file_stream_close(F_true, &file);
f_file_stream_close(F_true, &file);
if (F_status_is_error(status)) {
- status = F_status_set_fine(status);
-
if (main->error.verbosity != f_console_verbosity_quiet_e) {
- if (status == F_parameter) {
+ if (F_status_set_fine(status) == F_parameter) {
firewall_print_error_on_invalid_parameter(main->error, "f_file_read");
}
- else if (status == F_number_overflow) {
- fll_print_format("%r%[%QInteger overflow while trying to buffer the file '%Q'.%]%r", main->error.to.stream, f_string_eol_s, main->error.context, main->error.prefix, file_path, main->error.context, f_string_eol_s);
- }
- else if (status == F_file_closed) {
- fll_print_format("%r%[%QThe file '%Q' is no longer open.%]%r", main->error.to.stream, f_string_eol_s, main->error.context, main->error.prefix, file_path, main->error.context, f_string_eol_s);
+ else if (F_status_set_fine(status) == F_number_overflow) {
+ fll_print_format("%r%[%QInteger overflow while trying to buffer the file '%Q'.%]%r", main->error.to.stream, f_string_eol_s, main->error.context, main->error.prefix, path_file, main->error.context, f_string_eol_s);
}
- else if (status == F_file_seek) {
- fll_print_format("%r%[%QA seek error occurred while accessing the file '%Q'.%]%r", main->error.to.stream, f_string_eol_s, main->error.context, main->error.prefix, file_path, main->error.context, f_string_eol_s);
+ else if (F_status_set_fine(status) == F_file_closed) {
+ fll_print_format("%r%[%QThe file '%Q' is no longer open.%]%r", main->error.to.stream, f_string_eol_s, main->error.context, main->error.prefix, path_file, main->error.context, f_string_eol_s);
}
- else if (status == F_file_read) {
- fll_print_format("%r%[%QA read error occurred while accessing the file '%Q'.%]%r", main->error.to.stream, f_string_eol_s, main->error.context, main->error.prefix, file_path, main->error.context, f_string_eol_s);
+ else if (F_status_set_fine(status) == F_file_seek) {
+ fll_print_format("%r%[%QA seek error occurred while accessing the file '%Q'.%]%r", main->error.to.stream, f_string_eol_s, main->error.context, main->error.prefix, path_file, main->error.context, f_string_eol_s);
}
- else if (status == F_memory_not) {
- firewall_print_error_on_allocation_failure(main->error);
+ else if (F_status_set_fine(status) == F_file_read) {
+ fll_print_format("%r%[%QA read error occurred while accessing the file '%Q'.%]%r", main->error.to.stream, f_string_eol_s, main->error.context, main->error.prefix, path_file, main->error.context, f_string_eol_s);
}
- else {
- firewall_print_error_on_unhandled(main->error, "f_file_read", status);
+ else if (F_status_set_fine(status) != F_memory_not) {
+ firewall_print_error_on_unhandled(main->error, "f_file_read", F_status_set_fine(status));
}
}
-
- status = F_status_set_error(status);
}
else {
f_fss_delimits_t delimits = f_fss_delimits_t_initialize;
status = F_status_set_fine(status);
if (status == F_parameter) {
- firewall_print_error_on_invalid_parameter_for_file(main->error, "fll_fss_basic_read", file_path.used ? file_path.string : "");
+ firewall_print_error_on_invalid_parameter_for_file(main->error, "fll_fss_basic_read", path_file.used ? path_file : f_string_empty_s);
}
else if (status == F_data_not_eos || status == F_data_not || status == F_data_not_stop) {
- // Empty files are to be silently ignored
- }
- else if (status == F_memory_not) {
- firewall_print_error_on_allocation_failure(main->error);
+ // Empty files are to be silently ignored.
}
- else {
- firewall_print_error_on_unhandled_for_file(main->error, "fll_fss_basic_read", status, file_path.used ? file_path.string : "");
+ else if (status != F_memory_not) {
+ firewall_print_error_on_unhandled_for_file(main->error, "fll_fss_basic_read", status, path_file.used ? path_file : f_string_empty_s);
}
status = F_status_set_error(status);
}
if (F_status_is_error_not(status)) {
- f_array_length_t buffer_counter = 0;
- f_array_length_t ip_length = 0;
- f_string_dynamic_t ip_list_action = f_string_dynamic_t_initialize;
+ status = f_string_dynamics_increase_by(2, &arguments);
- if (ip_list_direction) {
- macro_f_string_dynamic_t_resize(status, ip_list_action, firewall_ip_list_destination_action_s_length);
-
- if (F_status_is_error(status)) break;
+ if (F_status_is_error_not(status)) {
+ arguments.array[arguments.used].used = 0;
- macro_firewall_concat_string(ip_list_action.string, firewall_ip_list_destination_action_s, firewall_ip_list_destination_action_s_length);
- ip_list_action.used = firewall_ip_list_destination_action_s_length;
+ if (ip_list_direction) {
+ status = f_string_dynamic_append(firewall_ip_list_destination_action_s, &arguments.array[arguments.used]);
+ }
+ else {
+ status = f_string_dynamic_append(firewall_ip_list_source_action_s, &arguments.array[arguments.used]);
+ }
}
- else {
- macro_f_string_dynamic_t_resize(status, ip_list_action, firewall_ip_list_source_action_s_length);
- if (F_status_is_error(status)) break;
+ if (F_status_is_error(status)) {
+ f_type_array_lengths_resize(0, &delimits);
- macro_firewall_concat_string(ip_list_action.string, firewall_ip_list_source_action_s, firewall_ip_list_source_action_s_length);
- ip_list_action.used = firewall_ip_list_source_action_s_length;
+ break;
}
- status = F_none;
- if (arguments.used + 2 > arguments.size) {
- macro_f_string_dynamics_t_resize(status, arguments, arguments.size + 2);
- }
+ ++arguments.used;
- if (F_status_is_error(status)) {
- firewall_print_error_on_allocation_failure(main->error);
+ // The ip_list file contains objects and no content, all objects are what matter an nothing else.
+ for (f_array_length_t at = 0; at < basic_objects.used; ++at) {
- f_string_dynamic_resize(0, &ip_list_action);
- }
- else {
- f_string_dynamic_t ip_argument = f_string_dynamic_t_initialize;
+ arguments.array[arguments.used].used = 0;
- macro_firewall_append_argument_to_arguments(status, arguments, ip_list_action)
- if (F_status_is_error(status)) {
- f_string_dynamic_resize(0, &ip_argument);
+ status = f_string_dynamic_partial_append(local_buffer, basic_objects.array[at], &arguments.array[arguments.used]);
- break;
+ if (F_status_is_error_not(status)) {
+ status = f_string_dynamic_terminate_after(&arguments.array[arguments.used]);
}
- // the ip_list file contains objects and no content, all objects are what matter an nothing else
- for (; buffer_counter < basic_objects.used; ++buffer_counter) {
-
- ip_length = macro_firewall_structure_size(basic_objects, buffer_counter);
-
- macro_f_string_dynamic_t_resize(status, ip_argument, ip_length);
+ if (F_status_is_error(status)) break;
- if (F_status_is_error(status)) {
- firewall_print_error_on_allocation_failure(main->error);
+ ++arguments.used;
- break;
- }
+ firewall_print_debug_tool(main->warning, current_tool, arguments);
- macro_firewall_concat_string(ip_argument.string, local_buffer.string + basic_objects.array[buffer_counter].start, ip_length);
- ip_argument.used = ip_length;
+ status = fll_execute_program(current_tool, arguments, 0, 0, (void *) &return_code);
- macro_firewall_append_argument_to_arguments(status, arguments, ip_argument)
- if (F_status_is_error(status)) break;
+ if (status == F_child) {
+ f_type_array_lengths_resize(0, &delimits);
- firewall_print_debug_tool(main->warning, current_tool, arguments);
+ f_string_dynamic_resize(0, &ip_list);
+ f_string_dynamics_resize(0, &arguments);
+ f_string_dynamic_resize(0, &device);
+ f_string_dynamic_resize(0, &protocol);
- status = fll_execute_program(current_tool, arguments, 0, 0, (void *) &return_code);
+ main->child = return_code;
- if (status == F_child) {
- f_string_dynamic_resize(0, &ip_list);
- f_string_dynamic_resize(0, &argument);
- f_string_dynamics_resize(0, &arguments);
- f_string_dynamic_resize(0, &device);
- f_string_dynamic_resize(0, &protocol);
+ return status;
+ }
- main->child = return_code;
+ // Remove ip_argument from arguments string.
+ --arguments.used;
- return status;
+ if (F_status_is_error(status)) {
+ if (F_status_set_fine(status) == F_failure) {
+ firewall_print_error_on_operation(main->error, current_tool, arguments);
}
-
- if (F_status_is_error(status)) {
- if (F_status_set_fine(status) == F_failure) {
- firewall_print_error_on_operation(main->error, current_tool, arguments);
- }
- else if (F_status_set_fine(status) == F_parameter) {
- firewall_print_error_on_invalid_parameter(main->error, "fll_execute_program");
- }
- else {
- firewall_print_error_on_unhandled(main->error, "fll_execute_program", status);
- }
-
- // Remove ip_argument from arguments string.
- f_string_dynamic_resize(0, &arguments.array[arguments.used--]);
-
- break;
+ else if (F_status_set_fine(status) == F_parameter) {
+ firewall_print_error_on_invalid_parameter(main->error, "fll_execute_program");
+ }
+ else {
+ firewall_print_error_on_unhandled(main->error, "fll_execute_program", F_status_set_fine(status));
}
- // Remove ip_argument from arguments string.
- f_string_dynamic_resize(0, &arguments.array[arguments.used--]);
- } // for
-
- f_string_dynamic_resize(0, &ip_argument);
+ break;
+ }
+ } // for
- // Remove ip_list_action from arguments string.
- f_string_dynamic_resize(0, &arguments.array[arguments.used--]);
- }
+ // Remove ip_list_action from arguments string.
+ --arguments.used;
}
- macro_f_fss_delimits_t_delete_simple(delimits);
+ f_type_array_lengths_resize(0, &delimits);
}
}
f_string_dynamic_resize(0, &local_buffer);
- f_string_dynamic_resize(0, &file_path);
- macro_f_fss_objects_t_delete_simple(basic_objects);
- macro_f_fss_contents_t_delete_simple(basic_contents);
+ f_string_dynamic_resize(0, &path_file);
+
+ f_string_ranges_resize(0, &basic_objects);
+ f_string_rangess_resize(0, &basic_contents);
if (F_status_set_fine(status) == F_failure || F_status_set_fine(status) == F_parameter) break;
}
if (status == F_child) {
f_string_dynamic_resize(0, &ip_list);
- f_string_dynamic_resize(0, &argument);
f_string_dynamics_resize(0, &arguments);
f_string_dynamic_resize(0, &device);
f_string_dynamic_resize(0, &protocol);
else if (F_status_set_fine(status) == F_parameter) {
firewall_print_error_on_invalid_parameter(main->error, "fll_execute_program");
}
- else {
- firewall_print_error_on_unhandled(main->error, "fll_execute_program", status);
+ else if (F_status_set_fine(status) != F_memory_not) {
+ firewall_print_error_on_unhandled(main->error, "fll_execute_program", F_status_set_fine(status));
}
break;
} // for
} // for
+ if (F_status_is_error(status)) {
+ if (F_status_set_fine(status) == F_memory_not) {
+ firewall_print_error_on_allocation_failure(main->error);
+ }
+ }
+
f_string_dynamic_resize(0, &ip_list);
- f_string_dynamic_resize(0, &argument);
f_string_dynamics_resize(0, &arguments);
f_string_dynamic_resize(0, &device);
f_string_dynamic_resize(0, &protocol);
f_array_length_t j = 0;
f_array_length_t length = 0;
- f_string_range_t range = f_string_range_t_initialize;
f_string_dynamics_t arguments = f_string_dynamics_t_initialize;
- f_string_dynamic_t fixed_string = f_string_dynamic_t_initialize;
-
- f_type_array_lengths_resize(0, &local->chain_ids);
- macro_f_array_lengths_t_resize(status, local->chain_ids, local->chain_objects.used);
-
- if (F_status_is_error(status)) {
- return status;
- }
+ local->chain_ids.used = local->chain_objects.used;
status = f_string_dynamics_resize(2, &arguments);
if (F_status_is_error(status)) return status;
- status = f_string_dynamic_resize(firewall_chain_create_command_s_length + 1, &arguments.array[0]);
+ status = f_string_dynamic_append(firewall_chain_create_command_s, &arguments.array[0]);
- if (F_status_is_error(status)) {
- f_string_dynamics_resize(0, &arguments);
-
- return status;
+ if (F_status_is_error_not(status)) {
+ status = f_string_dynamic_terminate_after(&arguments.array[0]);
}
- macro_firewall_concat_string(arguments.array[0].string, firewall_chain_create_command_s, firewall_chain_create_command_s_length);
-
- arguments.array[0].used = firewall_chain_create_command_s_length;
- arguments.array[0].string[firewall_chain_create_command_s_length] = 0;
-
- status = f_string_dynamic_increase(F_memory_default_allocation_small_d, &arguments.array[1]);
+ if (F_status_is_error_not(status)) {
+ status = f_string_dynamic_increase(F_memory_default_allocation_small_d, &arguments.array[1]);
+ }
if (F_status_is_error(status)) {
- arguments.used = 1;
f_string_dynamics_resize(0, &arguments);
return status;
reserved->has_stop = F_false;
reserved->has_main = F_false;
- for (uint16_t signal_check = 0; i < local->chain_objects.used; ) {
+ for (uint16_t signal_check = 0; i < local->chain_objects.used; ++i) {
new_chain = F_true;
j = 0;
if (!((++signal_check) % firewall_signal_check_d)) {
- if (firewall_signal_received(main)) {
- f_string_dynamics_resize(0, &arguments);
-
- return F_status_set_error(F_interrupt);
- }
+ if (firewall_signal_received(main)) break;
}
- // Skip globally reserved chain name: main
- range.start = 0;
- range.stop = firewall_group_main_s_length - 1;
- fixed_string.string = firewall_group_main_s;
- fixed_string.used = firewall_group_main_s_length;
- if (fl_string_dynamic_partial_compare(local->buffer, fixed_string, local->chain_objects.array[i], range) == F_equal_to) {
+ // Skip globally reserved chain name: main.
+ if (fl_string_dynamic_partial_compare_string(firewall_group_main_s.string, local->buffer, firewall_group_main_s.used, local->chain_objects.array[i]) == F_equal_to) {
new_chain = F_false;
reserved->has_main = F_true;
reserved->main_at = i;
}
- // Skip globally reserved chain name: stop
- range.start = 0;
- range.stop = firewall_group_stop_s_length - 1;
- fixed_string.string = firewall_group_stop_s;
- fixed_string.used = firewall_group_stop_s_length;
- if (fl_string_dynamic_partial_compare(local->buffer, fixed_string, local->chain_objects.array[i], range) == F_equal_to) {
+ // Skip globally reserved chain name: stop.
+ if (fl_string_dynamic_partial_compare_string(firewall_group_stop_s.string, local->buffer, firewall_group_stop_s.used, local->chain_objects.array[i]) == F_equal_to) {
new_chain = F_false;
reserved->has_stop = F_true;
reserved->stop_at = i;
}
- // Skip globally reserved chain name: lock
- range.start = 0;
- range.stop = firewall_group_lock_s_length - 1;
- fixed_string.string = firewall_group_lock_s;
- fixed_string.used = firewall_group_lock_s_length;
- if (fl_string_dynamic_partial_compare(local->buffer, fixed_string, local->chain_objects.array[i], range) == F_equal_to) {
+ // Skip globally reserved chain name: lock.
+ if (fl_string_dynamic_partial_compare_string(firewall_group_lock_s.string, local->buffer, firewall_group_lock_s.used, local->chain_objects.array[i]) == F_equal_to) {
new_chain = F_false;
reserved->has_lock = F_true;
reserved->lock_at = i;
}
- // Skip globally reserved chain name: none
- range.start = 0;
- range.stop = firewall_group_lock_s_length - 1;
- fixed_string.string = firewall_chain_none_s;
- fixed_string.used = firewall_chain_none_s_length;
- if (fl_string_dynamic_partial_compare(local->buffer, fixed_string, local->chain_objects.array[i], range) == F_equal_to) {
+ // Skip globally reserved chain name: none.
+ if (fl_string_dynamic_partial_compare_string(firewall_chain_none_s.string, local->buffer, firewall_chain_none_s.used, local->chain_objects.array[i]) == F_equal_to) {
new_chain = F_false;
}
- macro_f_string_dynamic_t_clear(fixed_string);
-
if (new_chain) {
- while (j < main->chains.used) {
-
- range.start = 0;
- range.stop = main->chains.array[j].used - 1;
+ for (; j < main->chains.used; ++j) {
- if (fl_string_dynamic_partial_compare(local->buffer, main->chains.array[j], local->chain_objects.array[i], range) == F_equal_to) {
+ if (fl_string_dynamic_partial_compare_string(main->chains.array[j].string, local->buffer, main->chains.array[j].used, local->chain_objects.array[i]) == F_equal_to) {
new_chain = F_false;
local->chain_ids.array[i] = j;
break;
}
-
- ++j;
- } // while
+ } // for
}
if (new_chain) {
- if (main->chains.used == main->chains.size) {
- macro_f_string_dynamics_t_resize(status, main->chains, main->chains.used + firewall_default_allocation_step_d);
-
- if (F_status_is_error(status)) {
- f_string_dynamics_resize(0, &arguments);
-
- return status;
- }
- }
+ status = f_string_dynamics_increase(firewall_default_allocation_step_d, &main->chains);
+ if (F_status_is_error(status)) break;
create_chain = F_true;
length = macro_firewall_structure_size(local->chain_objects, i);
arguments.array[1].used = 0;
- if (length > arguments.array[1].size) {
- macro_f_string_dynamic_t_resize(status, arguments.array[1], length + 1);
-
- if (F_status_is_error(status)) {
- f_string_dynamics_resize(0, &arguments);
-
- return status;
- }
- }
- macro_f_string_dynamic_t_resize(status, main->chains.array[main->chains.used], length + 1);
-
- if (F_status_is_error(status)) {
- f_string_dynamics_resize(0, &arguments);
+ status = f_string_dynamic_increase_by(length + 1, &arguments.array[1]);
+ if (F_status_is_error(status)) break;
- return status;
- }
+ status = f_string_dynamic_increase_by(length + 1, &main->chains.array[main->chains.used]);
+ if (F_status_is_error(status)) break;
main->chains.array[main->chains.used].used = 0;
local->chain_ids.array[i] = main->chains.used;
- j = local->chain_objects.array[i].start;
- // copy the string character by character, ignoring placeholders.
- while (j <= local->chain_objects.array[i].stop) {
+ // Copy the string character by character, ignoring placeholders.
+ for (j = local->chain_objects.array[i].start; j <= local->chain_objects.array[i].stop; ++j) {
- if (local->buffer.string[j] == f_fss_delimit_placeholder_s.string[0]) {
- ++j;
- continue;
- }
+ if (local->buffer.string[j] == f_fss_delimit_placeholder_s.string[0]) continue;
main->chains.array[main->chains.used].string[main->chains.array[main->chains.used].used++] = local->buffer.string[j];
arguments.array[1].string[arguments.array[1].used++] = local->buffer.string[j];
- ++j;
- } // while
+ } // for
arguments.array[1].string[arguments.array[1].used] = 0;
main->chains.array[main->chains.used].string[main->chains.array[main->chains.used].used] = 0;
status = fll_execute_program(firewall_tool_iptables_s, arguments, 0, 0, (void *) &return_code);
if (status == F_child) {
- f_string_dynamics_resize(0, &arguments);
-
main->child = return_code;
- return status;
+ break;
}
if (F_status_is_error_not(status)) {
- status = firewall_signal_received(main);
-
- if (status) {
- f_string_dynamics_resize(0, &arguments);
+ if (firewall_signal_received(main)) {
+ status = F_status_set_error(F_interrupt);
- return F_status_set_error(F_interrupt);
+ break;
}
firewall_print_debug_tool(main->warning, firewall_tool_ip6tables_s, arguments);
tool = firewall_program_ip6tables_e;
- status = fll_execute_program((f_string_t) firewall_tool_ip6tables_s, arguments, 0, 0, (void *) &return_code);
+ status = fll_execute_program(firewall_tool_ip6tables_s, arguments, 0, 0, (void *) &return_code);
if (status == F_child) {
- f_string_dynamics_resize(0, &arguments);
-
main->child = return_code;
- return status;
+ break;
}
}
if (F_status_is_error(status)) {
- status = F_status_set_fine(status);
-
- if (status == F_failure) {
+ if (F_status_set_fine(status) == F_failure) {
firewall_print_error_on_operation(main->error, tool == firewall_program_iptables_e ? firewall_tool_iptables_s : firewall_tool_ip6tables_s, arguments);
}
- else if (status == F_parameter) {
+ else if (F_status_set_fine(status) == F_parameter) {
firewall_print_error_on_invalid_parameter(main->error, "fll_execute_program");
}
else {
- firewall_print_error_on_unhandled(main->error, "fll_execute_program", status);
+ firewall_print_error_on_unhandled(main->error, "fll_execute_program", F_status_set_fine(status));
}
- f_string_dynamics_resize(0, &arguments);
- return status;
+ break;
}
}
++main->chains.used;
}
-
- ++i;
- } // while
+ } // for
f_string_dynamics_resize(0, &arguments);
arguments.used = 1;
f_string_static_t arguments_array[arguments.used];
- arguments_array[0] = firewall_chain_forward_s;
+ arguments_array[0] = firewall_chain_flush_command_s;
arguments.array = arguments_array;
int return_code = 0;
}
if (F_status_is_error(status)) {
- status = F_status_set_fine(status);
-
- if (status == F_failure) {
+ if (F_status_set_fine(status) == F_failure) {
firewall_print_error_on_operation(main->error, tools[i], arguments);
}
- else if (status == F_parameter) {
+ else if (F_status_set_fine(status) == F_parameter) {
firewall_print_error_on_invalid_parameter(main->error, "fll_execute_program");
}
else {
- firewall_print_error_on_unhandled(main->error, "fll_execute_program", status);
+ firewall_print_error_on_unhandled(main->error, "fll_execute_program", F_status_set_fine(status));
}
return status;
}
} // for
- for (f_array_length_t i = 0; i < 2; ++i) {
-
- if (firewall_signal_received(main)) {
- return F_status_set_error(F_interrupt);
- }
+ int return_code = 0;
- f_string_dynamics_t arguments = f_string_dynamics_t_initialize;
- f_string_dynamic_t argument[1] = f_string_dynamic_t_initialize;
- int return_code = 0;
+ f_string_statics_t arguments = f_string_statics_t_initialize;
+ arguments.used = 1;
- argument[0].string = (f_string_t) firewall_chain_delete_command_s;
- argument[0].size = firewall_chain_delete_command_s_length;
- argument[0].used = firewall_chain_delete_command_s_length;
+ f_string_static_t argument_array[arguments.used];
+ arguments.array = argument_array;
+ argument_array[0] = firewall_chain_delete_command_s;
- arguments.array = argument;
- arguments.size = 1;
- arguments.used = 1;
+ for (f_array_length_t i = 0; i < 2; ++i) {
firewall_print_debug_tool(main->warning, tools[i], arguments);
+ return_code = 0;
+
status = fll_execute_program(tools[i], arguments, 0, 0, (void *) &return_code);
if (status == F_child) {
main->child = return_code;
- return status;
+ break;
}
- if (F_status_is_error(status)) {
- status = F_status_set_fine(status);
+ if (firewall_signal_received(main)) {
+ status = F_status_set_error(F_interrupt);
+
+ break;
+ }
- if (status == F_failure) {
+ if (F_status_is_error(status)) {
+ if (F_status_set_fine(status) == F_failure) {
firewall_print_error_on_operation(main->error, tools[i], arguments);
}
- else if (status == F_parameter) {
+ else if (F_status_set_fine(status) == F_parameter) {
firewall_print_error_on_invalid_parameter(main->error, "fll_execute_program");
}
else {
- firewall_print_error_on_unhandled(main->error, "fll_execute_program", status);
+ firewall_print_error_on_unhandled(main->error, "fll_execute_program", F_status_set_fine(status));
}
- return status;
+ break;
}
} // for
int return_code = 0;
- for (f_array_length_t i = 0; i < 3; ++i) {
+ f_string_statics_t arguments = f_string_statics_t_initialize;
+ arguments.used = 3;
- f_string_statics_t arguments = f_string_statics_t_initialize;
- f_string_static_t argument[3];
+ f_string_static_t argument_array[arguments.used];
+ arguments.array = argument_array;
+ arguments.array[0] = firewall_action_policy_command_s;
+ arguments.array[2] = firewall_chain_drop_s;
- arguments.array = argument;
- arguments.used = 3;
- arguments.size = arguments.used;
-
- arguments.array[0] = firewall_action_policy_command_s;
- arguments.array[1] = chains[i];
- arguments.array[2].string = "DROP";
+ f_array_length_t i = 0;
+ f_array_length_t j = 0;
- arguments.array[2].used = 4;
+ for (; i < 3; ++i) {
- arguments.array[2].size = arguments.array[2].used;
+ arguments.array[1] = chains[i];
- for (f_array_length_t j = 0; j < 2; ++j) {
+ for (j = 0; j < 2; ++j) {
firewall_print_debug_tool(main->warning, tools[j], arguments);
if (status == F_child) {
main->child = return_code;
- return status;
+ break;
}
if (firewall_signal_received(main)) {
- return F_status_set_error(F_interrupt);
+ status = F_status_set_error(F_interrupt);
+
+ break;
}
if (F_status_is_error(status)) {
- status = F_status_set_fine(status);
-
- if (status == F_failure) {
+ if (F_status_set_fine(status) == F_failure) {
firewall_print_error_on_operation(main->error, tools[j], arguments);
}
- else if (status == F_parameter) {
+ else if (F_status_set_fine(status) == F_parameter) {
firewall_print_error_on_invalid_parameter(main->error, "fll_execute_program");
}
else {
- firewall_print_error_on_unhandled(main->error, "fll_execute_program", status);
+ firewall_print_error_on_unhandled(main->error, "fll_execute_program", F_status_set_fine(status));
}
- return status;
+ break;
}
} // for
} // for
f_status_t status = f_file_open(filename, 0, &file);
if (F_status_is_error(status)) {
- status = F_status_set_fine(status);
-
if (main->error.verbosity != f_console_verbosity_quiet_e) {
if (optional) {
- if (status == F_parameter) {
+ if (F_status_set_fine(status) == F_parameter) {
firewall_print_error_on_invalid_parameter(main->error, "f_file_open");
}
- else if (status != F_file_found_not && status != F_file_open && status != F_file_descriptor) {
- firewall_print_error_on_unhandled(main->error, "f_file_open", status);
+ else if (F_status_set_fine(status) != F_file_found_not && F_status_set_fine(status) != F_file_open && F_status_set_fine(status) != F_file_descriptor) {
+ firewall_print_error_on_unhandled(main->error, "f_file_open", F_status_set_fine(status));
}
} else {
- if (status == F_parameter) {
+ if (F_status_set_fine(status) == F_parameter) {
firewall_print_error_on_invalid_parameter(main->error, "f_file_open");
}
- else if (status == F_file_found_not) {
+ else if (F_status_set_fine(status) == F_file_found_not) {
fll_print_format("%r%[%QUnable to find the file '%Q'.%]%r", main->error.to.stream, f_string_eol_s, main->error.context, main->error.prefix, filename, main->error.context, f_string_eol_s);
}
- else if (status == F_file_open) {
+ else if (F_status_set_fine(status) == F_file_open) {
fll_print_format("%r%[%QUnable to open the file '%Q'.%]%r", main->error.to.stream, f_string_eol_s, main->error.context, main->error.prefix, filename, main->error.context, f_string_eol_s);
}
- else if (status == F_file_descriptor) {
+ else if (F_status_set_fine(status) == F_file_descriptor) {
fll_print_format("%r%[%QFile descriptor error while trying to open the file '%Q'.%]%r", main->error.to.stream, f_string_eol_s, main->error.context, main->error.prefix, filename, main->error.context, f_string_eol_s);
}
else {
- firewall_print_error_on_unhandled(main->error, "f_file_open", status);
+ firewall_print_error_on_unhandled(main->error, "f_file_open", F_status_set_fine(status));
}
}
}
f_file_stream_close(F_true, &file);
if (F_status_is_error(status)) {
- status = F_status_set_fine(status);
-
if (main->error.verbosity != f_console_verbosity_quiet_e) {
- if (status == F_parameter) {
+ if (F_status_set_fine(status) == F_parameter) {
firewall_print_error_on_invalid_parameter(main->error, "f_file_read");
}
- else if (status == F_number_overflow) {
+ else if (F_status_set_fine(status) == F_number_overflow) {
fll_print_format("%r%[%QInteger overflow while trying to buffer the file '%Q'.%]%r", main->error.to.stream, f_string_eol_s, main->error.context, main->error.prefix, filename, main->error.context, f_string_eol_s);
}
- else if (status == F_file_closed) {
+ else if (F_status_set_fine(status) == F_file_closed) {
fll_print_format("%r%[%QThe file '%Q' is no longer open.%]%r", main->error.to.stream, f_string_eol_s, main->error.context, main->error.prefix, filename, main->error.context, f_string_eol_s);
}
- else if (status == F_file_seek) {
+ else if (F_status_set_fine(status) == F_file_seek) {
fll_print_format("%r%[%QA seek error occurred while accessing the file '%Q'.%]%r", main->error.to.stream, f_string_eol_s, main->error.context, main->error.prefix, filename, main->error.context, f_string_eol_s);
}
- else if (status == F_file_read) {
+ else if (F_status_set_fine(status) == F_file_read) {
fll_print_format("%r%[%QA read error occurred while accessing the file '%Q'.%]%r", main->error.to.stream, f_string_eol_s, main->error.context, main->error.prefix, filename, main->error.context, f_string_eol_s);
}
- else if (status == F_memory_not) {
+ else if (F_status_set_fine(status) == F_memory_not) {
firewall_print_error_on_allocation_failure(main->error);
}
else {
- firewall_print_error_on_unhandled(main->error, "f_file_read", status);
+ firewall_print_error_on_unhandled(main->error, "f_file_read", F_status_set_fine(status));
}
}
if (F_status_is_error_not(status)) {
status = firewall_perform_commands(main, *local);
- if (status == F_child) {
- macro_f_fss_objects_t_delete_simple(local->rule_objects);
- macro_f_fss_contents_t_delete_simple(local->rule_contents);
-
- return status;
- }
-
if (F_status_is_error(status)) {
- status = F_status_set_fine(status);
-
- if (status == F_memory_not) {
+ if (F_status_set_fine(status) == F_memory_not) {
firewall_print_error_on_allocation_failure(main->error);
}
- else if (status == F_failure) {
+ else if (F_status_set_fine(status) == F_failure) {
// The error message has already been displayed.
}
else {
- firewall_print_error_on_unhandled(main->error, "firewall_perform_commands", status);
+ firewall_print_error_on_unhandled(main->error, "firewall_perform_commands", F_status_set_fine(status));
}
-
- macro_f_fss_objects_t_delete_simple(local->rule_objects);
- macro_f_fss_contents_t_delete_simple(local->rule_contents);
-
- return status;
}
}
- macro_f_fss_objects_t_delete_simple(local->rule_objects);
- macro_f_fss_contents_t_delete_simple(local->rule_contents);
+ f_string_ranges_resize(0, &local->rule_objects);
+ f_string_rangess_resize(0, &local->rule_contents);
return status;
}
f_string_dynamic_resize(0, &local->buffer);
f_type_array_lengths_resize(0, &local->chain_ids);
- macro_f_fss_objects_t_delete_simple(local->chain_objects);
- macro_f_fss_contents_t_delete_simple(local->chain_contents);
- macro_f_fss_objects_t_delete_simple(local->rule_objects);
- macro_f_fss_contents_t_delete_simple(local->rule_contents);
+
+ f_string_ranges_resize(0, &local->chain_objects);
+ f_string_rangess_resize(0, &local->chain_contents);
+
+ f_string_ranges_resize(0, &local->rule_objects);
+ f_string_rangess_resize(0, &local->rule_contents);
return F_none;
}
projects / fll / commitdiff