#endif // _di_firewall_print_help_
#ifndef _di_firewall_main_
- f_status_t firewall_main(firewall_main_t * const main, const f_console_arguments_t *arguments) {
+ f_status_t firewall_main(fll_program_data_t * const main, const f_console_arguments_t *arguments) {
f_status_t status = F_none;
main->child = 0;
- f_console_parameter_t parameters[] = firewall_console_parameter_t_initialize;
- main->parameters.array = parameters;
- main->parameters.used = firewall_total_parameters_d;
-
{
f_console_parameter_id_t ids[3] = { firewall_parameter_no_color_e, firewall_parameter_light_e, firewall_parameter_dark_e };
const f_console_parameter_ids_t choices = macro_f_console_parameter_ids_t_initialize(ids, 3);
fll_program_parameter_process_empty(&main->context, sets);
}
- if (F_status_is_error(status)) {
- firewall_main_delete(main);
-
- return F_status_set_error(status);
- }
+ if (F_status_is_error(status)) return status;
}
// Identify priority of verbosity related parameters.
f_console_parameter_id_t choice = 0;
status = f_console_parameter_prioritize_right(main->parameters, choices, &choice);
-
- if (F_status_is_error(status)) {
- firewall_main_delete(main);
-
- return status;
- }
+ if (F_status_is_error(status)) return status;
if (choice == firewall_parameter_verbosity_quiet_e) {
main->output.verbosity = f_console_verbosity_quiet_e;
}
}
- f_string_static_t * const argv = main->parameters.arguments.array;
+ firewall_data_t data = firewall_data_t_initialize;
+ data.main = main;
+ data.argv = main->parameters.arguments.array;
status = F_none;
if (main->parameters.array[firewall_parameter_help_e].result == f_console_result_found_e) {
firewall_print_help(main->output.to, main->context);
- firewall_main_delete(main);
-
return F_none;
}
if (main->parameters.array[firewall_parameter_version_e].result == f_console_result_found_e) {
fll_program_print_version(main->output.to, firewall_program_version_s);
- firewall_main_delete(main);
-
return F_none;
}
index = main->parameters.remaining.array[i];
- if (fl_string_dynamic_compare(firewall_show_nat_s, argv[index]) == F_equal_to) {
+ if (fl_string_dynamic_compare(firewall_show_nat_s, data.argv[index]) == F_equal_to) {
show_nat = F_true;
}
else {
- if (fl_string_dynamic_compare(firewall_show_mangle_s, argv[index]) == F_equal_to) {
+ if (fl_string_dynamic_compare(firewall_show_mangle_s, data.argv[index]) == F_equal_to) {
show_mangle = F_true;
}
else {
- if (fl_string_dynamic_compare(firewall_show_ports_s, argv[index]) == F_equal_to) {
+ if (fl_string_dynamic_compare(firewall_show_ports_s, data.argv[index]) == F_equal_to) {
show_ports = F_true;
}
else {
flockfile(main->warning.to.stream);
fl_print_format("%r%[%Q'%]", main->warning.to.stream, f_string_eol_s, main->warning.context, main->warning.prefix, main->warning.context);
- fl_print_format("%[%Q%]", main->warning.to.stream, main->warning.notable, argv[index], main->warning.notable);
+ fl_print_format("%[%Q%]", main->warning.to.stream, main->warning.notable, data.argv[index], main->warning.notable);
fl_print_format("%[' is not a valid show option.%]%r", main->warning.to.stream, main->warning.context, main->warning.context, f_string_eol_s);
funlockfile(main->warning.to.stream);
main->child = return_code;
firewall_delete_local_data(&local);
- firewall_main_delete(main);
+ firewall_data_delete(&data);
return status;
}
main->child = return_code;
firewall_delete_local_data(&local);
- firewall_main_delete(main);
+ firewall_data_delete(&data);
return status;
}
main->child = return_code;
firewall_delete_local_data(&local);
- firewall_main_delete(main);
+ firewall_data_delete(&data);
return status;
}
}
firewall_delete_local_data(&local);
- firewall_main_delete(main);
+ firewall_data_delete(&data);
return status;
}
// Load all network devices.
- status = f_directory_list(firewall_network_devices_s, 0, alphasort, &main->devices);
+ status = f_directory_list(firewall_network_devices_s, 0, alphasort, &data.devices);
if (F_status_is_error(status)) {
status = F_status_set_fine(status);
}
firewall_delete_local_data(&local);
- firewall_main_delete(main);
+ firewall_data_delete(&data);
return F_status_set_error(status);
}
{
f_array_length_t i = 0;
- for (; i < main->devices.used; ++i) {
+ for (; i < data.devices.used; ++i) {
- if (fl_string_dynamic_compare(firewall_device_loop_s, main->devices.array[i]) == F_equal_to) {
- f_string_static_t swap_string = main->devices.array[i];
+ if (fl_string_dynamic_compare(firewall_device_loop_s, data.devices.array[i]) == F_equal_to) {
+ f_string_static_t swap_string = data.devices.array[i];
- --main->devices.used;
+ --data.devices.used;
- for (; i < main->devices.used; ++i) {
- main->devices.array[i] = main->devices.array[i + 1];
+ for (; i < data.devices.used; ++i) {
+ data.devices.array[i] = data.devices.array[i + 1];
} // for
- main->devices.array[main->devices.used] = swap_string;
+ data.devices.array[data.devices.used] = swap_string;
}
} // for
}
memcpy(path_file_other_string, firewall_network_path_s.string, sizeof(f_char_t) * firewall_network_path_s.used);
memcpy(path_file_other_string + firewall_network_path_s.used, firewall_file_other_s.string, sizeof(f_char_t) * firewall_file_other_s.used);
- status = firewall_buffer_rules(main, path_file_other, F_false, &local);
+ status = firewall_buffer_rules(&data, path_file_other, F_false, &local);
if (F_status_is_error(status) || status == F_child) {
firewall_delete_local_data(&local);
- firewall_main_delete(main);
+ firewall_data_delete(&data);
return status;
}
if (command == firewall_parameter_command_lock_e) {
if (reserved.has_lock) {
- status = firewall_delete_chains(main);
+ status = firewall_delete_chains(&data);
if (F_status_is_error_not(status) && status != F_child) {
- status = firewall_default_lock(main);
+ status = firewall_default_lock(&data);
}
if (F_status_is_error(status) || status == F_child) {
firewall_delete_local_data(&local);
- firewall_main_delete(main);
+ firewall_data_delete(&data);
return status;
}
input.start = local.chain_contents.array[reserved.lock_at].array[0].start;
input.stop = local.chain_contents.array[reserved.lock_at].array[0].stop;
- status = firewall_process_rules(main, &input, &local);
+ status = firewall_process_rules(&data, &input, &local);
firewall_delete_local_data(&local);
- firewall_main_delete(main);
+ firewall_data_delete(&data);
return status;
}
}
firewall_delete_local_data(&local);
- firewall_main_delete(main);
return F_status_set_error(F_data);
}
if (command == firewall_parameter_command_stop_e || command == firewall_parameter_command_restart_e) {
if (reserved.has_stop) {
- status = firewall_delete_chains(main);
+ status = firewall_delete_chains(&data);
if (F_status_is_error_not(status) && status != F_child) {
- status = firewall_default_lock(main);
+ status = firewall_default_lock(&data);
}
if (F_status_is_error(status) || status == F_child) {
firewall_delete_local_data(&local);
- firewall_main_delete(main);
+ firewall_data_delete(&data);
return status;
}
input.start = local.chain_contents.array[reserved.stop_at].array[0].start;
input.stop = local.chain_contents.array[reserved.stop_at].array[0].stop;
- status = firewall_process_rules(main, &input, &local);
+ status = firewall_process_rules(&data, &input, &local);
if (F_status_is_error(status) || command == firewall_parameter_command_stop_e || status == F_child) {
firewall_delete_local_data(&local);
- firewall_main_delete(main);
return status;
}
}
firewall_delete_local_data(&local);
- firewall_main_delete(main);
+ firewall_data_delete(&data);
return F_status_set_error(F_data);
}
memcpy(path_file_first_string, firewall_network_path_s.string, sizeof(f_char_t) * firewall_network_path_s.used);
memcpy(path_file_first_string + firewall_network_path_s.used, firewall_file_first_s.string, sizeof(f_char_t) * firewall_file_first_s.used);
- status = firewall_buffer_rules(main, path_file_first, F_false, &local);
+ status = firewall_buffer_rules(&data, path_file_first, F_false, &local);
if (F_status_is_error(status) || status == F_child) {
firewall_delete_local_data(&local);
- firewall_main_delete(main);
+ firewall_data_delete(&data);
return status;
}
if (command == firewall_parameter_command_start_e) {
- status = firewall_delete_chains(main);
+ status = firewall_delete_chains(&data);
if (F_status_is_error_not(status) && status != F_child) {
- status = firewall_default_lock(main);
+ status = firewall_default_lock(&data);
}
if (F_status_is_error(status) || status == F_child) {
firewall_delete_local_data(&local);
- firewall_main_delete(main);
+ firewall_data_delete(&data);
return status;
}
}
- status = firewall_create_custom_chains(main, &reserved, &local);
+ status = firewall_create_custom_chains(&data, &reserved, &local);
if (F_status_is_error(status) || status == F_child) {
firewall_delete_local_data(&local);
- firewall_main_delete(main);
+ firewall_data_delete(&data);
return status;
}
local.is_main = reserved.has_main && i == reserved.main_at ? F_true : F_false;
local.chain = i;
- status = firewall_process_rules(main, &input, &local);
+ status = firewall_process_rules(&data, &input, &local);
if (F_status_is_error(status) || command == firewall_parameter_command_stop_e || status == F_child) {
firewall_delete_local_data(&local);
- firewall_main_delete(main);
+ firewall_data_delete(&data);
return status;
}
f_string_dynamic_t path_file = f_string_dynamic_t_initialize;
f_array_length_t j = 0;
- for (i = 0; i < main->devices.used; ++i) {
+ for (i = 0; i < data.devices.used; ++i) {
path_file.used = 0;
local.device = i;
- status = f_string_dynamic_increase_by(firewall_network_path_s.used + main->devices.array[i].used + firewall_file_suffix_s.used + 1, &path_file);
+ status = f_string_dynamic_increase_by(firewall_network_path_s.used + data.devices.array[i].used + firewall_file_suffix_s.used + 1, &path_file);
if (F_status_is_error_not(status)) {
status = f_string_dynamic_append(firewall_network_path_s, &path_file);
}
if (F_status_is_error_not(status)) {
- status = f_string_dynamic_append(main->devices.array[i], &path_file);
+ status = f_string_dynamic_append(data.devices.array[i], &path_file);
}
if (F_status_is_error_not(status)) {
firewall_print_error_on_allocation_failure(main->error);
firewall_delete_local_data(&local);
- firewall_main_delete(main);
+ firewall_data_delete(&data);
return status;
}
- status = firewall_buffer_rules(main, path_file, F_true, &local);
+ status = firewall_buffer_rules(&data, path_file, F_true, &local);
if (status == F_child) {
firewall_delete_local_data(&local);
+ firewall_data_delete(&data);
f_string_dynamic_resize(0, &path_file);
- firewall_main_delete(main);
-
return status;
}
}
f_string_dynamic_resize(0, &path_file);
-
- firewall_main_delete(main);
+ firewall_data_delete(&data);
return F_status_set_error(status);
}
- status = firewall_create_custom_chains(main, &reserved, &local);
+ status = firewall_create_custom_chains(&data, &reserved, &local);
if (F_status_is_error(status) || status == F_child) {
firewall_delete_local_data(&local);
- firewall_main_delete(main);
+ firewall_data_delete(&data);
return status;
}
local.is_main = reserved.has_main && j == reserved.main_at ? F_true : F_false;
local.chain = j;
- status = firewall_process_rules(main, &input, &local);
+ status = firewall_process_rules(&data, &input, &local);
if (F_status_is_error(status) || command == firewall_parameter_command_stop_e || status == F_child) {
f_string_dynamic_resize(0, &path_file);
firewall_delete_local_data(&local);
- firewall_main_delete(main);
+ firewall_data_delete(&data);
return status;
}
}
if (F_status_is_error_not(status)) {
- status = firewall_buffer_rules(main, path_file, F_false, &local);
+ status = firewall_buffer_rules(&data, path_file, F_false, &local);
}
if (F_status_is_error(status) || status == F_child) {
f_string_dynamic_resize(0, &path_file);
firewall_delete_local_data(&local);
- firewall_main_delete(main);
+ firewall_data_delete(&data);
return status;
}
- status = firewall_create_custom_chains(main, &reserved, &local);
+ status = firewall_create_custom_chains(&data, &reserved, &local);
if (F_status_is_error(status) || status == F_child) {
f_string_dynamic_resize(0, &path_file);
firewall_delete_local_data(&local);
- firewall_main_delete(main);
+ firewall_data_delete(&data);
return status;
}
local.is_main = reserved.has_main && i == reserved.main_at ? F_true : F_false;
local.chain = i;
- status = firewall_process_rules(main, &input, &local);
+ status = firewall_process_rules(&data, &input, &local);
if (F_status_is_error(status) || command == firewall_parameter_command_stop_e || status == F_child) {
f_string_dynamic_resize(0, &path_file);
firewall_delete_local_data(&local);
- firewall_main_delete(main);
+ firewall_data_delete(&data);
return status;
}
}
}
- firewall_main_delete(main);
+ firewall_data_delete(&data);
return status;
}
extern "C" {
#endif
-f_status_t firewall_perform_commands(firewall_main_t * const main, const firewall_local_data_t local) {
+f_status_t firewall_perform_commands(firewall_data_t * const data, firewall_local_data_t * const local) {
f_status_t status = F_none;
f_string_dynamic_t protocol = f_string_dynamic_t_initialize;
f_string_dynamics_t arguments = f_string_dynamics_t_initialize;
- if (local.is_global) {
+ if (local->is_global) {
device_all = F_true;
}
else {
- if (main->devices.array[local.device].used) {
+ if (data->devices.array[local->device].used) {
device.used = 0;
- status = f_string_dynamic_append(main->devices.array[local.device], &device);
+ status = f_string_dynamic_append(data->devices.array[local->device], &device);
if (F_status_is_error(status)) {
if (F_status_set_fine(status) == F_memory_not) {
- firewall_print_error_on_allocation_failure(main->error);
+ firewall_print_error_on_allocation_failure(data->main->error);
}
return status;
}
// For custom chains, the chain command may not be specified.
- if (!(local.is_main || local.is_stop || local.is_lock)) {
+ if (!(local->is_main || local->is_stop || local->is_lock)) {
chain = firewall_chain_custom_id_e;
}
- for (; F_status_is_error_not(status) && i < local.rule_objects.used; ++i) {
+ for (; F_status_is_error_not(status) && i < local->rule_objects.used; ++i) {
- if (!((++main->signal_check) % firewall_signal_check_d)) {
- if (firewall_signal_received(main)) {
+ if (!((++data->main->signal_check) % firewall_signal_check_d)) {
+ if (firewall_signal_received(data)) {
f_string_dynamic_resize(0, &ip_list);
f_string_dynamics_resize(0, &arguments);
f_string_dynamic_resize(0, &device);
return F_status_set_error(F_interrupt);
}
- main->signal_check = 0;
+ data->main->signal_check = 0;
}
- length = macro_firewall_structure_size(local.rule_objects, i);
+ length = (local->rule_objects.array[i].stop - local->rule_objects.array[i].start) + 1;
invalid = F_false;
is_ip_list = F_false;
ip_list.used = 0;
// Process chain rule
- if (fl_string_dynamic_compare_string(local.buffer.string + local.rule_objects.array[i].start, firewall_chain_s, length) == F_equal_to) {
+ if (fl_string_dynamic_compare_string(local->buffer.string + local->rule_objects.array[i].start, firewall_chain_s, length) == F_equal_to) {
if (chain == firewall_chain_custom_id_e) {
// Custom chains can only apply to themselves, so silently ignore chain commands specified within a custom chain.
- fll_print_format("%r%[%QAt line %ul, the chain option is meaningless inside of a custom chain.%]%r", main->warning.to.stream, f_string_eol_s, main->warning.context, main->warning.prefix, i, main->warning.context, f_string_eol_s);
+ fll_print_format("%r%[%QAt line %ul, the chain option is meaningless inside of a custom chain.%]%r", data->main->warning.to.stream, f_string_eol_s, data->main->warning.context, data->main->warning.prefix, i, data->main->warning.context, f_string_eol_s);
continue;
}
- length = macro_firewall_structure_size(local.rule_contents.array[i], 0);
+ length = (local->rule_contents.array[i].array[0].stop - local->rule_contents.array[i].array[0].start) + 1;
- if (macro_firewall_rule_contents_has_incorrect_items(i, 1)) {
+ if (local->rule_contents.array[i].used <= 0 || local->rule_contents.array[i].used > 1) {
invalid = F_true;
}
- else if (fl_string_dynamic_compare_string(local.buffer.string + local.rule_contents.array[i].array[0].start, firewall_chain_input_s, length) == F_equal_to) {
+ else if (fl_string_dynamic_compare_string(local->buffer.string + local->rule_contents.array[i].array[0].start, firewall_chain_input_s, length) == F_equal_to) {
chain = firewall_chain_input_id_e;
}
- else if (fl_string_dynamic_compare_string(local.buffer.string + local.rule_contents.array[i].array[0].start, firewall_chain_output_s, length) == F_equal_to) {
+ else if (fl_string_dynamic_compare_string(local->buffer.string + local->rule_contents.array[i].array[0].start, firewall_chain_output_s, length) == F_equal_to) {
chain = firewall_chain_output_id_e;
}
- else if (fl_string_dynamic_compare_string(local.buffer.string + local.rule_contents.array[i].array[0].start, firewall_chain_forward_s, length) == F_equal_to) {
+ else if (fl_string_dynamic_compare_string(local->buffer.string + local->rule_contents.array[i].array[0].start, firewall_chain_forward_s, length) == F_equal_to) {
chain = firewall_chain_forward_id_e;
}
- else if (fl_string_dynamic_compare_string(local.buffer.string + local.rule_contents.array[i].array[0].start, firewall_chain_postrouting_s, length) == F_equal_to) {
+ else if (fl_string_dynamic_compare_string(local->buffer.string + local->rule_contents.array[i].array[0].start, firewall_chain_postrouting_s, length) == F_equal_to) {
chain = firewall_chain_postrouting_id_e;
}
- else if (fl_string_dynamic_compare_string(local.buffer.string + local.rule_contents.array[i].array[0].start, firewall_chain_prerouting_s, length) == F_equal_to) {
+ else if (fl_string_dynamic_compare_string(local->buffer.string + local->rule_contents.array[i].array[0].start, firewall_chain_prerouting_s, length) == F_equal_to) {
chain = firewall_chain_prerouting_id_e;
}
- else if (fl_string_dynamic_compare_string(local.buffer.string + local.rule_contents.array[i].array[0].start, firewall_chain_none_s, length) == F_equal_to) {
+ else if (fl_string_dynamic_compare_string(local->buffer.string + local->rule_contents.array[i].array[0].start, firewall_chain_none_s, length) == F_equal_to) {
chain = firewall_chain_none_id_e;
}
else {
}
// Process direction rule
- else if (fl_string_dynamic_compare_string(local.buffer.string + local.rule_objects.array[i].start, firewall_direction_s, length) == F_equal_to) {
- length = macro_firewall_structure_size(local.rule_contents.array[i], 0);
+ else if (fl_string_dynamic_compare_string(local->buffer.string + local->rule_objects.array[i].start, firewall_direction_s, length) == F_equal_to) {
+ length = (local->rule_contents.array[i].array[0].stop - local->rule_contents.array[i].array[0].start) + 1;
- if (macro_firewall_rule_contents_has_incorrect_items(i, 1)) {
+ if (local->rule_contents.array[i].used <= 0 || local->rule_contents.array[i].used > 1) {
invalid = F_true;
}
- else if (fl_string_dynamic_compare_string(local.buffer.string + local.rule_contents.array[i].array[0].start, firewall_direction_input_s, length) == F_equal_to) {
+ else if (fl_string_dynamic_compare_string(local->buffer.string + local->rule_contents.array[i].array[0].start, firewall_direction_input_s, length) == F_equal_to) {
direction = firewall_direction_input_id_e;
}
- else if (fl_string_dynamic_compare_string(local.buffer.string + local.rule_contents.array[i].array[0].start, firewall_direction_output_s, length) == F_equal_to) {
+ else if (fl_string_dynamic_compare_string(local->buffer.string + local->rule_contents.array[i].array[0].start, firewall_direction_output_s, length) == F_equal_to) {
direction = firewall_direction_output_id_e;
}
- else if (fl_string_dynamic_compare_string(local.buffer.string + local.rule_contents.array[i].array[0].start, firewall_direction_none_s, length) == F_equal_to) {
+ else if (fl_string_dynamic_compare_string(local->buffer.string + local->rule_contents.array[i].array[0].start, firewall_direction_none_s, length) == F_equal_to) {
direction = firewall_direction_none_id_e;
}
else {
}
// Process device rule.
- else if (fl_string_dynamic_compare_string(local.buffer.string + local.rule_objects.array[i].start, firewall_device_s, length) == F_equal_to) {
- length = macro_firewall_structure_size(local.rule_contents.array[i], 0);
+ else if (fl_string_dynamic_compare_string(local->buffer.string + local->rule_objects.array[i].start, firewall_device_s, length) == F_equal_to) {
+ length = (local->rule_contents.array[i].array[0].stop - local->rule_contents.array[i].array[0].start) + 1;
- if (macro_firewall_rule_contents_has_incorrect_items(i, 1)) {
+ if (local->rule_contents.array[i].used <= 0 || local->rule_contents.array[i].used > 1) {
invalid = F_true;
}
- else if (fl_string_dynamic_compare_string(local.buffer.string + local.rule_contents.array[i].array[0].start, firewall_device_all_s, length) == F_equal_to) {
+ else if (fl_string_dynamic_compare_string(local->buffer.string + local->rule_contents.array[i].array[0].start, firewall_device_all_s, length) == F_equal_to) {
f_string_dynamic_resize(0, &device);
device_all = F_true;
continue;
}
- else if (fl_string_dynamic_compare_string(local.buffer.string + local.rule_contents.array[i].array[0].start, firewall_device_this_s, length) == F_equal_to) {
- if (main->devices.array[local.device].used > 0) {
- if (main->devices.array[local.device].used > device.size) {
- status = f_string_dynamic_resize(main->devices.array[local.device].used, &device);
+ else if (fl_string_dynamic_compare_string(local->buffer.string + local->rule_contents.array[i].array[0].start, firewall_device_this_s, length) == F_equal_to) {
+ if (data->devices.array[local->device].used > 0) {
+ if (data->devices.array[local->device].used > device.size) {
+ status = f_string_dynamic_resize(data->devices.array[local->device].used, &device);
if (F_status_is_error(status)) break;
}
- memcpy(device.string, main->devices.array[local.device].string, sizeof(f_char_t) * main->devices.array[local.device].used);
+ memcpy(device.string, data->devices.array[local->device].string, sizeof(f_char_t) * data->devices.array[local->device].used);
- device.used = main->devices.array[local.device].used;
+ device.used = data->devices.array[local->device].used;
}
else {
f_string_dynamic_resize(0, &device);
device.used = 0;
if (length) {
- status = f_string_dynamic_partial_append(local.buffer, local.rule_contents.array[i].array[0], &device);
+ status = f_string_dynamic_partial_append(local->buffer, local->rule_contents.array[i].array[0], &device);
if (F_status_is_error(status)) break;
}
}
// Process action rule.
- else if (fl_string_dynamic_compare_string(local.buffer.string + local.rule_objects.array[i].start, firewall_action_s, length) == F_equal_to) {
- length = macro_firewall_structure_size(local.rule_contents.array[i], 0);
+ else if (fl_string_dynamic_compare_string(local->buffer.string + local->rule_objects.array[i].start, firewall_action_s, length) == F_equal_to) {
+ length = (local->rule_contents.array[i].array[0].stop - local->rule_contents.array[i].array[0].start) + 1;
- if (macro_firewall_rule_contents_has_incorrect_items(i, 1)) {
+ if (local->rule_contents.array[i].used <= 0 || local->rule_contents.array[i].used > 1) {
invalid = F_true;
}
- else if (fl_string_dynamic_compare_string(local.buffer.string + local.rule_contents.array[i].array[0].start, firewall_action_append_s, length) == F_equal_to) {
+ else if (fl_string_dynamic_compare_string(local->buffer.string + local->rule_contents.array[i].array[0].start, firewall_action_append_s, length) == F_equal_to) {
action = firewall_action_append_id_e;
}
- else if (fl_string_dynamic_compare_string(local.buffer.string + local.rule_contents.array[i].array[0].start, firewall_action_insert_s, length) == F_equal_to) {
+ else if (fl_string_dynamic_compare_string(local->buffer.string + local->rule_contents.array[i].array[0].start, firewall_action_insert_s, length) == F_equal_to) {
action = firewall_action_insert_id_e;
}
- else if (fl_string_dynamic_compare_string(local.buffer.string + local.rule_contents.array[i].array[0].start, firewall_action_policy_s, length) == F_equal_to) {
+ else if (fl_string_dynamic_compare_string(local->buffer.string + local->rule_contents.array[i].array[0].start, firewall_action_policy_s, length) == F_equal_to) {
action = firewall_action_policy_id_e;
}
- else if (fl_string_dynamic_compare_string(local.buffer.string + local.rule_contents.array[i].array[0].start, firewall_action_none_s, length) == F_equal_to) {
+ else if (fl_string_dynamic_compare_string(local->buffer.string + local->rule_contents.array[i].array[0].start, firewall_action_none_s, length) == F_equal_to) {
action = firewall_action_none_id_e;
}
else {
}
// Process ip_list rule.
- else if (fl_string_dynamic_compare_string(local.buffer.string + local.rule_objects.array[i].start, firewall_ip_list, length) == F_equal_to) {
- length = macro_firewall_structure_size(local.rule_contents.array[i], 0);
+ else if (fl_string_dynamic_compare_string(local->buffer.string + local->rule_objects.array[i].start, firewall_ip_list, length) == F_equal_to) {
+ length = (local->rule_contents.array[i].array[0].stop - local->rule_contents.array[i].array[0].start) + 1;
is_ip_list = F_true;
- if (fl_string_dynamic_compare_string(local.buffer.string + local.rule_contents.array[i].array[0].start, firewall_ip_list_source_s, length) == F_equal_to) {
+ if (fl_string_dynamic_compare_string(local->buffer.string + local->rule_contents.array[i].array[0].start, firewall_ip_list_source_s, length) == F_equal_to) {
ip_list_direction = F_false;
}
- else if (fl_string_dynamic_compare_string(local.buffer.string + local.rule_contents.array[i].array[0].start, firewall_ip_list_destination_s, length) == F_equal_to) {
+ else if (fl_string_dynamic_compare_string(local->buffer.string + local->rule_contents.array[i].array[0].start, firewall_ip_list_destination_s, length) == F_equal_to) {
ip_list_direction = F_true;
}
else {
invalid = F_true;
}
}
- else if (fl_string_dynamic_compare_string(local.buffer.string + local.rule_objects.array[i].start, firewall_protocol_s, length) == F_equal_to) {
- length = macro_firewall_structure_size(local.rule_contents.array[i], 0);
+ else if (fl_string_dynamic_compare_string(local->buffer.string + local->rule_objects.array[i].start, firewall_protocol_s, length) == F_equal_to) {
+ length = (local->rule_contents.array[i].array[0].stop - local->rule_contents.array[i].array[0].start) + 1;
- if (macro_firewall_rule_contents_has_incorrect_items(i, 1)) {
+ if (local->rule_contents.array[i].used <= 0 || local->rule_contents.array[i].used > 1) {
invalid = F_true;
}
else {
- if (fl_string_dynamic_compare_string(local.buffer.string + local.rule_contents.array[i].array[0].start, firewall_protocol_none_s, length) == F_equal_to) {
+ if (fl_string_dynamic_compare_string(local->buffer.string + local->rule_contents.array[i].array[0].start, firewall_protocol_none_s, length) == F_equal_to) {
use_protocol = F_false;
}
else if (length) {
protocol.used = 0;
- status = f_string_dynamic_partial_append(local.buffer, local.rule_contents.array[i].array[0], &protocol);
+ status = f_string_dynamic_partial_append(local->buffer, local->rule_contents.array[i].array[0], &protocol);
if (F_status_is_error(status)) break;
}
// Process tool rule.
- else if (fl_string_dynamic_compare_string(local.buffer.string + local.rule_objects.array[i].start, firewall_tool_s, length) == F_equal_to) {
- length = macro_firewall_structure_size(local.rule_contents.array[i], 0);
+ else if (fl_string_dynamic_compare_string(local->buffer.string + local->rule_objects.array[i].start, firewall_tool_s, length) == F_equal_to) {
+ length = (local->rule_contents.array[i].array[0].stop - local->rule_contents.array[i].array[0].start) + 1;
- if (macro_firewall_rule_contents_has_incorrect_items(i, 1)) {
+ if (local->rule_contents.array[i].used <= 0 || local->rule_contents.array[i].used > 1) {
invalid = F_true;
}
else {
- if (fl_string_dynamic_compare_string(local.buffer.string + local.rule_contents.array[i].array[0].start, firewall_tool_iptables_s, length) == F_equal_to) {
+ if (fl_string_dynamic_compare_string(local->buffer.string + local->rule_contents.array[i].array[0].start, firewall_tool_iptables_s, length) == F_equal_to) {
tool = firewall_program_iptables_e;
current_tool = firewall_tool_iptables_s;
repeat = 1;
}
- else if (fl_string_dynamic_compare_string(local.buffer.string + local.rule_contents.array[i].array[0].start, firewall_tool_ip6tables_s, length) == F_equal_to) {
+ else if (fl_string_dynamic_compare_string(local->buffer.string + local->rule_contents.array[i].array[0].start, firewall_tool_ip6tables_s, length) == F_equal_to) {
tool = firewall_program_ip6tables_e;
current_tool = firewall_tool_ip6tables_s;
repeat = 1;
}
- else if (fl_string_dynamic_compare_string(local.buffer.string + local.rule_contents.array[i].array[0].start, firewall_tool_ip46tables_s, length) == F_equal_to) {
+ else if (fl_string_dynamic_compare_string(local->buffer.string + local->rule_contents.array[i].array[0].start, firewall_tool_ip46tables_s, length) == F_equal_to) {
tool = firewall_program_ip46tables_e;
current_tool = firewall_tool_iptables_s;
repeat = 2;
}
// If the remaining rule does not match as firewall_rule_s, then it is an invalid rule.
- else if (fl_string_dynamic_compare_string(local.buffer.string + local.rule_objects.array[i].start, firewall_rule_s, length) == F_equal_to_not) {
+ else if (fl_string_dynamic_compare_string(local->buffer.string + local->rule_objects.array[i].start, firewall_rule_s, length) == F_equal_to_not) {
if (length) {
- flockfile(main->warning.to.stream);
+ flockfile(data->main->warning.to.stream);
- fl_print_format("%r%[%QAt line %ul, the object '%]", main->warning.to.stream, f_string_eol_s, main->warning.context, main->warning.prefix, i, main->warning.context, main->warning.notable);
- fl_print_format("%[%/Q%]", main->warning.to.stream, main->warning.notable, local.buffer, local.rule_objects.array[i], main->warning.notable);
- fl_print_format("%[' is invalid.%]%r", main->warning.to.stream, main->warning.context, main->warning.context, f_string_eol_s);
+ fl_print_format("%r%[%QAt line %ul, the object '%]", data->main->warning.to.stream, f_string_eol_s, data->main->warning.context, data->main->warning.prefix, i, data->main->warning.context, data->main->warning.notable);
+ fl_print_format("%[%/Q%]", data->main->warning.to.stream, data->main->warning.notable, local->buffer, local->rule_objects.array[i], data->main->warning.notable);
+ fl_print_format("%[' is invalid.%]%r", data->main->warning.to.stream, data->main->warning.context, data->main->warning.context, f_string_eol_s);
- funlockfile(main->warning.to.stream);
+ funlockfile(data->main->warning.to.stream);
}
else {
- fll_print_format("%r%[%QAt line %ul, the object is missing.%]%r", main->warning.to.stream, f_string_eol_s, main->warning.context, main->warning.prefix, i, main->warning.context, f_string_eol_s);
+ fll_print_format("%r%[%QAt line %ul, the object is missing.%]%r", data->main->warning.to.stream, f_string_eol_s, data->main->warning.context, data->main->warning.prefix, i, data->main->warning.context, f_string_eol_s);
}
continue;
}
if (invalid) {
- length = macro_firewall_structure_size(local.rule_objects, i);
+ length = (local->rule_objects.array[i].stop - local->rule_objects.array[i].start) + 1;
if (length) {
- flockfile(main->warning.to.stream);
+ flockfile(data->main->warning.to.stream);
- fl_print_format("%r%[%QAt line %ul, the object '%]", main->warning.to.stream, f_string_eol_s, main->warning.context, main->warning.prefix, i, main->warning.context);
- fl_print_format("%[%/Q%]", main->warning.to.stream, main->warning.notable, local.buffer, local.rule_objects.array[i], main->warning.notable);
- fl_print_format("%[' has invalid content '%]", main->warning.to.stream, main->warning.context, main->warning.context);
- fl_print_format("%[%/Q%]", main->warning.to.stream, main->warning.notable, local.buffer, local.rule_contents.array[i].array[0], main->warning.notable);
- fl_print_format("%['.%]%r", main->warning.to.stream, main->warning.context, main->warning.context, f_string_eol_s);
+ fl_print_format("%r%[%QAt line %ul, the object '%]", data->main->warning.to.stream, f_string_eol_s, data->main->warning.context, data->main->warning.prefix, i, data->main->warning.context);
+ fl_print_format("%[%/Q%]", data->main->warning.to.stream, data->main->warning.notable, local->buffer, local->rule_objects.array[i], data->main->warning.notable);
+ fl_print_format("%[' has invalid content '%]", data->main->warning.to.stream, data->main->warning.context, data->main->warning.context);
+ fl_print_format("%[%/Q%]", data->main->warning.to.stream, data->main->warning.notable, local->buffer, local->rule_contents.array[i].array[0], data->main->warning.notable);
+ fl_print_format("%['.%]%r", data->main->warning.to.stream, data->main->warning.context, data->main->warning.context, f_string_eol_s);
- funlockfile(main->warning.to.stream);
+ funlockfile(data->main->warning.to.stream);
}
else {
- fll_print_format("%r%[%QAt line %ul, the object has no content.%]%r", main->warning.to.stream, f_string_eol_s, main->warning.context, main->warning.prefix, i, main->warning.context, f_string_eol_s);
+ fll_print_format("%r%[%QAt line %ul, the object has no content.%]%r", data->main->warning.to.stream, f_string_eol_s, data->main->warning.context, data->main->warning.prefix, i, data->main->warning.context, f_string_eol_s);
}
continue;
// Process the chain, which is required by the action.
if (chain == firewall_chain_custom_id_e) {
- status = f_string_dynamic_append(main->chains.array[local.chain_ids.array[local.chain]], &arguments.array[arguments.used]);
+ status = f_string_dynamic_append(data->chains.array[local->chain_ids.array[local->chain]], &arguments.array[arguments.used]);
}
else if (chain == firewall_chain_forward_id_e) {
status = f_string_dynamic_append(firewall_chain_forward_s, &arguments.array[arguments.used]);
// Add the device if and only if a non-none direction is specified.
if (device.used && (direction == firewall_direction_input_id_e || direction == firewall_direction_output_id_e)) {
- if (fl_string_dynamic_compare_string(local.buffer.string + local.rule_contents.array[i].array[0].start, firewall_device_all_s, length) == F_equal_to_not) {
+ if (fl_string_dynamic_compare_string(local->buffer.string + local->rule_contents.array[i].array[0].start, firewall_device_all_s, length) == F_equal_to_not) {
status = f_string_dynamics_increase(firewall_default_allocation_step_d, &arguments);
if (F_status_is_error(status)) break;
}
// Last up is the "rule".
- if ((!is_ip_list && local.rule_contents.array[i].used > 0) || (is_ip_list && local.rule_contents.array[i].used > 1)) {
+ if ((!is_ip_list && local->rule_contents.array[i].used > 0) || (is_ip_list && local->rule_contents.array[i].used > 1)) {
f_array_length_t subcounter = 0;
if (is_ip_list) {
// Skip past the chain.
++subcounter;
- length = macro_firewall_structure_size(local.rule_contents.array[i], subcounter);
+ length = (local->rule_contents.array[i].array[subcounter].stop - local->rule_contents.array[i].array[subcounter].start) + 1;
if (length) {
ip_list.used = 0;
- status = f_string_dynamic_partial_append(local.buffer, local.rule_contents.array[i].array[subcounter], &ip_list);
+ status = f_string_dynamic_partial_append(local->buffer, local->rule_contents.array[i].array[subcounter], &ip_list);
if (F_status_is_error(status)) {
// Prevent the loop below from being processed.
- subcounter = local.rule_contents.array[i].used;
+ subcounter = local->rule_contents.array[i].used;
}
else {
++subcounter;
}
}
- for (; subcounter < local.rule_contents.array[i].used; ++subcounter) {
+ status = f_string_dynamics_increase_by(local->rule_contents.array[i].used, &arguments);
+ if (F_status_is_error(status)) break;
+
+ for (; subcounter < local->rule_contents.array[i].used; ++subcounter) {
- length = macro_firewall_structure_size(local.rule_contents.array[i], subcounter);
+ length = (local->rule_contents.array[i].array[subcounter].stop - local->rule_contents.array[i].array[subcounter].start) + 1;
if (length) {
arguments.array[arguments.used].used = 0;
- status = f_string_dynamic_partial_append(local.buffer, local.rule_contents.array[i].array[subcounter], &arguments.array[arguments.used]);
+ status = f_string_dynamic_partial_append(local->buffer, local->rule_contents.array[i].array[subcounter], &arguments.array[arguments.used]);
if (F_status_is_error(status)) break;
++arguments.used;
} // for
}
else {
- length = macro_firewall_structure_size(local.rule_objects, i);
+ length = (local->rule_objects.array[i].stop - local->rule_objects.array[i].start) + 1;
- flockfile(main->warning.to.stream);
+ flockfile(data->main->warning.to.stream);
- fl_print_format("%r%[%QAt line %ul, the object '%]", main->warning.to.stream, f_string_eol_s, main->warning.context, main->warning.prefix, i, main->warning.context);
- fl_print_format("%[%/Q%]", main->warning.to.stream, main->warning.notable, local.buffer, local.rule_objects.array[i], main->warning.notable);
- fl_print_format("%]%[' has no content.%]%r", main->warning.to.stream, main->warning.context, main->warning.context, f_string_eol_s);
+ fl_print_format("%r%[%QAt line %ul, the object '%]", data->main->warning.to.stream, f_string_eol_s, data->main->warning.context, data->main->warning.prefix, i, data->main->warning.context);
+ fl_print_format("%[%/Q%]", data->main->warning.to.stream, data->main->warning.notable, local->buffer, local->rule_objects.array[i], data->main->warning.notable);
+ fl_print_format("%]%[' has no content.%]%r", data->main->warning.to.stream, data->main->warning.context, data->main->warning.context, f_string_eol_s);
- funlockfile(main->warning.to.stream);
+ funlockfile(data->main->warning.to.stream);
break;
}
if (F_status_is_error(status)) {
if (F_status_set_fine(status) == F_parameter) {
- if (main->error.verbosity != f_console_verbosity_quiet_e) {
- firewall_print_error_on_invalid_parameter(main->error, "f_file_open");
+ if (data->main->error.verbosity != f_console_verbosity_quiet_e) {
+ firewall_print_error_on_invalid_parameter(data->main->error, "f_file_open");
}
}
else if (F_status_set_fine(status) == F_file_found_not) {
// The file does not have to exist
- if (main->error.verbosity != f_console_verbosity_verbose_e || main->error.verbosity == f_console_verbosity_debug_e) {
- fll_print_format("%r%[%QCannot find the file '%Q'.%]%r", main->warning.to.stream, f_string_eol_s, main->warning.context, main->warning.prefix, path_file, main->warning.context, f_string_eol_s);
+ if (data->main->error.verbosity != f_console_verbosity_verbose_e || data->main->error.verbosity == f_console_verbosity_debug_e) {
+ fll_print_format("%r%[%QCannot find the file '%Q'.%]%r", data->main->warning.to.stream, f_string_eol_s, data->main->warning.context, data->main->warning.prefix, path_file, data->main->warning.context, f_string_eol_s);
}
status = F_none;
}
else if (F_status_set_fine(status) == F_file_open) {
- if (main->error.verbosity != f_console_verbosity_quiet_e) {
- fll_print_format("%r%[%QUnable to open the file '%Q'.%]%r", main->error.to.stream, f_string_eol_s, main->error.context, main->error.prefix, path_file, main->error.context, f_string_eol_s);
+ if (data->main->error.verbosity != f_console_verbosity_quiet_e) {
+ fll_print_format("%r%[%QUnable to open the file '%Q'.%]%r", data->main->error.to.stream, f_string_eol_s, data->main->error.context, data->main->error.prefix, path_file, data->main->error.context, f_string_eol_s);
}
}
else if (F_status_set_fine(status) == F_file_descriptor) {
- if (main->error.verbosity != f_console_verbosity_quiet_e) {
- fll_print_format("%r%[%QFile descriptor error while trying to open the file '%Q'.%]%r", main->error.to.stream, f_string_eol_s, main->error.context, main->error.prefix, path_file, main->error.context, f_string_eol_s);
+ if (data->main->error.verbosity != f_console_verbosity_quiet_e) {
+ fll_print_format("%r%[%QFile descriptor error while trying to open the file '%Q'.%]%r", data->main->error.to.stream, f_string_eol_s, data->main->error.context, data->main->error.prefix, path_file, data->main->error.context, f_string_eol_s);
}
}
else if (F_status_set_fine(status) == F_memory_not) {
- firewall_print_error_on_allocation_failure(main->error);
+ firewall_print_error_on_allocation_failure(data->main->error);
}
else {
- firewall_print_error_on_unhandled(main->error, "f_file_open", F_status_set_fine(status));
+ firewall_print_error_on_unhandled(data->main->error, "f_file_open", F_status_set_fine(status));
}
f_file_stream_close(F_true, &file);
f_file_stream_close(F_true, &file);
if (F_status_is_error(status)) {
- if (main->error.verbosity != f_console_verbosity_quiet_e) {
+ if (data->main->error.verbosity != f_console_verbosity_quiet_e) {
if (F_status_set_fine(status) == F_parameter) {
- firewall_print_error_on_invalid_parameter(main->error, "f_file_read");
+ firewall_print_error_on_invalid_parameter(data->main->error, "f_file_read");
}
else if (F_status_set_fine(status) == F_number_overflow) {
- fll_print_format("%r%[%QInteger overflow while trying to buffer the file '%Q'.%]%r", main->error.to.stream, f_string_eol_s, main->error.context, main->error.prefix, path_file, main->error.context, f_string_eol_s);
+ fll_print_format("%r%[%QInteger overflow while trying to buffer the file '%Q'.%]%r", data->main->error.to.stream, f_string_eol_s, data->main->error.context, data->main->error.prefix, path_file, data->main->error.context, f_string_eol_s);
}
else if (F_status_set_fine(status) == F_file_closed) {
- fll_print_format("%r%[%QThe file '%Q' is no longer open.%]%r", main->error.to.stream, f_string_eol_s, main->error.context, main->error.prefix, path_file, main->error.context, f_string_eol_s);
+ fll_print_format("%r%[%QThe file '%Q' is no longer open.%]%r", data->main->error.to.stream, f_string_eol_s, data->main->error.context, data->main->error.prefix, path_file, data->main->error.context, f_string_eol_s);
}
else if (F_status_set_fine(status) == F_file_seek) {
- fll_print_format("%r%[%QA seek error occurred while accessing the file '%Q'.%]%r", main->error.to.stream, f_string_eol_s, main->error.context, main->error.prefix, path_file, main->error.context, f_string_eol_s);
+ fll_print_format("%r%[%QA seek error occurred while accessing the file '%Q'.%]%r", data->main->error.to.stream, f_string_eol_s, data->main->error.context, data->main->error.prefix, path_file, data->main->error.context, f_string_eol_s);
}
else if (F_status_set_fine(status) == F_file_read) {
- fll_print_format("%r%[%QA read error occurred while accessing the file '%Q'.%]%r", main->error.to.stream, f_string_eol_s, main->error.context, main->error.prefix, path_file, main->error.context, f_string_eol_s);
+ fll_print_format("%r%[%QA read error occurred while accessing the file '%Q'.%]%r", data->main->error.to.stream, f_string_eol_s, data->main->error.context, data->main->error.prefix, path_file, data->main->error.context, f_string_eol_s);
}
else if (F_status_set_fine(status) != F_memory_not) {
- firewall_print_error_on_unhandled(main->error, "f_file_read", F_status_set_fine(status));
+ firewall_print_error_on_unhandled(data->main->error, "f_file_read", F_status_set_fine(status));
}
}
}
status = F_status_set_fine(status);
if (status == F_parameter) {
- firewall_print_error_on_invalid_parameter_for_file(main->error, "fll_fss_basic_read", path_file.used ? path_file : f_string_empty_s);
+ firewall_print_error_on_invalid_parameter_for_file(data->main->error, "fll_fss_basic_read", path_file.used ? path_file : f_string_empty_s);
}
else if (status == F_data_not_eos || status == F_data_not || status == F_data_not_stop) {
// Empty files are to be silently ignored.
}
else if (status != F_memory_not) {
- firewall_print_error_on_unhandled_for_file(main->error, "fll_fss_basic_read", status, path_file.used ? path_file : f_string_empty_s);
+ firewall_print_error_on_unhandled_for_file(data->main->error, "fll_fss_basic_read", status, path_file.used ? path_file : f_string_empty_s);
}
status = F_status_set_error(status);
status = fl_fss_apply_delimit(delimits, &local_buffer);
if (F_status_is_error(status)) {
- fll_error_print(main->error, F_status_set_fine(status), "fl_fss_apply_delimit", F_true);
+ fll_error_print(data->main->error, F_status_set_fine(status), "fl_fss_apply_delimit", F_true);
}
}
++arguments.used;
- firewall_print_debug_tool(main->warning, current_tool, arguments);
+ firewall_print_debug_tool(data->main->warning, current_tool, arguments);
status = fll_execute_program(current_tool, arguments, 0, 0, (void *) &return_code);
f_string_dynamic_resize(0, &device);
f_string_dynamic_resize(0, &protocol);
- main->child = return_code;
+ data->main->child = return_code;
return status;
}
if (F_status_is_error(status)) {
if (F_status_set_fine(status) == F_failure) {
- firewall_print_error_on_operation(main->error, current_tool, arguments);
+ firewall_print_error_on_operation(data->main->error, current_tool, arguments);
}
else if (F_status_set_fine(status) == F_parameter) {
- firewall_print_error_on_invalid_parameter(main->error, "fll_execute_program");
+ firewall_print_error_on_invalid_parameter(data->main->error, "fll_execute_program");
}
else {
- firewall_print_error_on_unhandled(main->error, "fll_execute_program", F_status_set_fine(status));
+ firewall_print_error_on_unhandled(data->main->error, "fll_execute_program", F_status_set_fine(status));
}
break;
if (F_status_set_fine(status) == F_failure || F_status_set_fine(status) == F_parameter) break;
}
else {
- firewall_print_debug_tool(main->warning, current_tool, arguments);
+ firewall_print_debug_tool(data->main->warning, current_tool, arguments);
status = fll_execute_program(current_tool, arguments, 0, 0, (void *) &return_code);
f_string_dynamic_resize(0, &device);
f_string_dynamic_resize(0, &protocol);
- main->child = return_code;
+ data->main->child = return_code;
return status;
}
if (F_status_is_error(status)) {
if (F_status_set_fine(status) == F_failure) {
- firewall_print_error_on_operation(main->error, current_tool, arguments);
+ firewall_print_error_on_operation(data->main->error, current_tool, arguments);
}
else if (F_status_set_fine(status) == F_parameter) {
- firewall_print_error_on_invalid_parameter(main->error, "fll_execute_program");
+ firewall_print_error_on_invalid_parameter(data->main->error, "fll_execute_program");
}
else if (F_status_set_fine(status) != F_memory_not) {
- firewall_print_error_on_unhandled(main->error, "fll_execute_program", F_status_set_fine(status));
+ firewall_print_error_on_unhandled(data->main->error, "fll_execute_program", F_status_set_fine(status));
}
break;
if (F_status_is_error(status)) {
if (F_status_set_fine(status) == F_memory_not) {
- firewall_print_error_on_allocation_failure(main->error);
+ firewall_print_error_on_allocation_failure(data->main->error);
}
}
return status;
}
-f_status_t firewall_create_custom_chains(firewall_main_t * const main, firewall_reserved_chains_t *reserved, firewall_local_data_t *local) {
+f_status_t firewall_create_custom_chains(firewall_data_t * const data, firewall_reserved_chains_t * const reserved, firewall_local_data_t * const local) {
f_status_t status = F_none;
status = f_string_dynamics_resize(2, &arguments);
if (F_status_is_error(status)) return status;
+ status = f_array_lengths_increase_by(local->chain_objects.used, &local->chain_ids);
+ if (F_status_is_error(status)) return status;
+
+ memset(local->chain_ids.array, 0, sizeof(f_array_length_t) * local->chain_ids.used);
+
status = f_string_dynamic_append(firewall_chain_create_command_s, &arguments.array[0]);
if (F_status_is_error_not(status)) {
new_chain = F_true;
j = 0;
- if (!((++main->signal_check) % firewall_signal_check_d)) {
- if (firewall_signal_received(main)) break;
+ if (!((++data->main->signal_check) % firewall_signal_check_d)) {
+ if (firewall_signal_received(data)) break;
}
// Skip globally reserved chain name: main.
}
if (new_chain) {
- for (; j < main->chains.used; ++j) {
+ for (; j < data->chains.used; ++j) {
- if (fl_string_dynamic_partial_compare_string(main->chains.array[j].string, local->buffer, main->chains.array[j].used, local->chain_objects.array[i]) == F_equal_to) {
+ if (fl_string_dynamic_partial_compare_string(data->chains.array[j].string, local->buffer, data->chains.array[j].used, local->chain_objects.array[i]) == F_equal_to) {
new_chain = F_false;
local->chain_ids.array[i] = j;
}
if (new_chain) {
- status = f_string_dynamics_increase(firewall_default_allocation_step_d, &main->chains);
+ status = f_string_dynamics_increase(firewall_default_allocation_step_d, &data->chains);
if (F_status_is_error(status)) break;
create_chain = F_true;
- length = macro_firewall_structure_size(local->chain_objects, i);
+ length = (local->chain_objects.array[i].stop - local->chain_objects.array[i].start) + 1;
arguments.array[1].used = 0;
status = f_string_dynamic_increase_by(length + 1, &arguments.array[1]);
if (F_status_is_error(status)) break;
- status = f_string_dynamic_increase_by(length + 1, &main->chains.array[main->chains.used]);
+ status = f_string_dynamic_increase_by(length + 1, &data->chains.array[data->chains.used]);
if (F_status_is_error(status)) break;
- main->chains.array[main->chains.used].used = 0;
- local->chain_ids.array[i] = main->chains.used;
+ data->chains.array[data->chains.used].used = 0;
+ local->chain_ids.array[i] = data->chains.used;
// Copy the string character by character, ignoring placeholders.
for (j = local->chain_objects.array[i].start; j <= local->chain_objects.array[i].stop; ++j) {
if (local->buffer.string[j] == f_fss_delimit_placeholder_s.string[0]) continue;
- main->chains.array[main->chains.used].string[main->chains.array[main->chains.used].used++] = local->buffer.string[j];
+ data->chains.array[data->chains.used].string[data->chains.array[data->chains.used].used++] = local->buffer.string[j];
arguments.array[1].string[arguments.array[1].used++] = local->buffer.string[j];
} // for
arguments.array[1].string[arguments.array[1].used] = 0;
- main->chains.array[main->chains.used].string[main->chains.array[main->chains.used].used] = 0;
+ data->chains.array[data->chains.used].string[data->chains.array[data->chains.used].used] = 0;
if (fl_string_dynamic_compare(arguments.array[1], firewall_chain_forward_s) == F_equal_to) {
create_chain = F_false;
}
if (create_chain) {
- firewall_print_debug_tool(main->warning, firewall_tool_iptables_s, arguments);
+ firewall_print_debug_tool(data->main->warning, firewall_tool_iptables_s, arguments);
tool = firewall_program_iptables_e;
status = fll_execute_program(firewall_tool_iptables_s, arguments, 0, 0, (void *) &return_code);
if (status == F_child) {
- main->child = return_code;
+ data->main->child = return_code;
break;
}
if (F_status_is_error_not(status)) {
- if (firewall_signal_received(main)) {
+ if (firewall_signal_received(data)) {
status = F_status_set_error(F_interrupt);
break;
}
- firewall_print_debug_tool(main->warning, firewall_tool_ip6tables_s, arguments);
+ firewall_print_debug_tool(data->main->warning, firewall_tool_ip6tables_s, arguments);
tool = firewall_program_ip6tables_e;
status = fll_execute_program(firewall_tool_ip6tables_s, arguments, 0, 0, (void *) &return_code);
if (status == F_child) {
- main->child = return_code;
+ data->main->child = return_code;
break;
}
if (F_status_is_error(status)) {
if (F_status_set_fine(status) == F_failure) {
- firewall_print_error_on_operation(main->error, tool == firewall_program_iptables_e ? firewall_tool_iptables_s : firewall_tool_ip6tables_s, arguments);
+ firewall_print_error_on_operation(data->main->error, tool == firewall_program_iptables_e ? firewall_tool_iptables_s : firewall_tool_ip6tables_s, arguments);
}
else if (F_status_set_fine(status) == F_parameter) {
- firewall_print_error_on_invalid_parameter(main->error, "fll_execute_program");
+ firewall_print_error_on_invalid_parameter(data->main->error, "fll_execute_program");
}
else {
- firewall_print_error_on_unhandled(main->error, "fll_execute_program", F_status_set_fine(status));
+ firewall_print_error_on_unhandled(data->main->error, "fll_execute_program", F_status_set_fine(status));
}
break;
}
}
- ++main->chains.used;
+ ++data->chains.used;
}
} // for
return status;
}
-f_status_t firewall_delete_chains(firewall_main_t * const main) {
+f_status_t firewall_delete_chains(firewall_data_t * const data) {
const f_string_static_t tools[2] = { firewall_tool_iptables_s, firewall_tool_ip6tables_s };
f_status_t status = F_none;
for (f_array_length_t i = 0; i < 2; ++i) {
- if (firewall_signal_received(main)) {
+ if (firewall_signal_received(data)) {
return F_status_set_error(F_interrupt);
}
int return_code = 0;
- firewall_print_debug_tool(main->warning, tools[i], arguments);
+ firewall_print_debug_tool(data->main->warning, tools[i], arguments);
status = fll_execute_program(tools[i], arguments, 0, 0, (void *) &return_code);
if (status == F_child) {
- main->child = return_code;
+ data->main->child = return_code;
return status;
}
if (F_status_is_error(status)) {
if (F_status_set_fine(status) == F_failure) {
- firewall_print_error_on_operation(main->error, tools[i], arguments);
+ firewall_print_error_on_operation(data->main->error, tools[i], arguments);
}
else if (F_status_set_fine(status) == F_parameter) {
- firewall_print_error_on_invalid_parameter(main->error, "fll_execute_program");
+ firewall_print_error_on_invalid_parameter(data->main->error, "fll_execute_program");
}
else {
- firewall_print_error_on_unhandled(main->error, "fll_execute_program", F_status_set_fine(status));
+ firewall_print_error_on_unhandled(data->main->error, "fll_execute_program", F_status_set_fine(status));
}
return status;
for (f_array_length_t i = 0; i < 2; ++i) {
- firewall_print_debug_tool(main->warning, tools[i], arguments);
+ firewall_print_debug_tool(data->main->warning, tools[i], arguments);
return_code = 0;
status = fll_execute_program(tools[i], arguments, 0, 0, (void *) &return_code);
if (status == F_child) {
- main->child = return_code;
+ data->main->child = return_code;
break;
}
- if (firewall_signal_received(main)) {
+ if (firewall_signal_received(data)) {
status = F_status_set_error(F_interrupt);
break;
if (F_status_is_error(status)) {
if (F_status_set_fine(status) == F_failure) {
- firewall_print_error_on_operation(main->error, tools[i], arguments);
+ firewall_print_error_on_operation(data->main->error, tools[i], arguments);
}
else if (F_status_set_fine(status) == F_parameter) {
- firewall_print_error_on_invalid_parameter(main->error, "fll_execute_program");
+ firewall_print_error_on_invalid_parameter(data->main->error, "fll_execute_program");
}
else {
- firewall_print_error_on_unhandled(main->error, "fll_execute_program", F_status_set_fine(status));
+ firewall_print_error_on_unhandled(data->main->error, "fll_execute_program", F_status_set_fine(status));
}
break;
return status;
}
-f_status_t firewall_default_lock(firewall_main_t * const main) {
+f_status_t firewall_default_lock(firewall_data_t * const data) {
const f_string_static_t chains[3] = { firewall_chain_input_s, firewall_chain_output_s, firewall_chain_forward_s };
const f_string_static_t tools[2] = { firewall_tool_iptables_s, firewall_tool_ip6tables_s };
for (j = 0; j < 2; ++j) {
- firewall_print_debug_tool(main->warning, tools[j], arguments);
+ firewall_print_debug_tool(data->main->warning, tools[j], arguments);
return_code = 0;
status = fll_execute_program(tools[j], arguments, 0, 0, (void *) &return_code);
if (status == F_child) {
- main->child = return_code;
+ data->main->child = return_code;
break;
}
- if (firewall_signal_received(main)) {
+ if (firewall_signal_received(data)) {
status = F_status_set_error(F_interrupt);
break;
if (F_status_is_error(status)) {
if (F_status_set_fine(status) == F_failure) {
- firewall_print_error_on_operation(main->error, tools[j], arguments);
+ firewall_print_error_on_operation(data->main->error, tools[j], arguments);
}
else if (F_status_set_fine(status) == F_parameter) {
- firewall_print_error_on_invalid_parameter(main->error, "fll_execute_program");
+ firewall_print_error_on_invalid_parameter(data->main->error, "fll_execute_program");
}
else {
- firewall_print_error_on_unhandled(main->error, "fll_execute_program", F_status_set_fine(status));
+ firewall_print_error_on_unhandled(data->main->error, "fll_execute_program", F_status_set_fine(status));
}
break;
return status;
}
-f_status_t firewall_buffer_rules(firewall_main_t * const main, const f_string_static_t filename, const bool optional, firewall_local_data_t *local) {
+f_status_t firewall_buffer_rules(firewall_data_t * const data, const f_string_static_t filename, const bool optional, firewall_local_data_t * const local) {
f_file_t file = f_file_t_initialize;
f_status_t status = f_file_open(filename, 0, &file);
if (F_status_is_error(status)) {
- if (main->error.verbosity != f_console_verbosity_quiet_e) {
+ if (data->main->error.verbosity != f_console_verbosity_quiet_e) {
if (optional) {
if (F_status_set_fine(status) == F_parameter) {
- firewall_print_error_on_invalid_parameter(main->error, "f_file_open");
+ firewall_print_error_on_invalid_parameter(data->main->error, "f_file_open");
}
else if (F_status_set_fine(status) != F_file_found_not && F_status_set_fine(status) != F_file_open && F_status_set_fine(status) != F_file_descriptor) {
- firewall_print_error_on_unhandled(main->error, "f_file_open", F_status_set_fine(status));
+ firewall_print_error_on_unhandled(data->main->error, "f_file_open", F_status_set_fine(status));
}
} else {
if (F_status_set_fine(status) == F_parameter) {
- firewall_print_error_on_invalid_parameter(main->error, "f_file_open");
+ firewall_print_error_on_invalid_parameter(data->main->error, "f_file_open");
}
else if (F_status_set_fine(status) == F_file_found_not) {
- fll_print_format("%r%[%QUnable to find the file '%Q'.%]%r", main->error.to.stream, f_string_eol_s, main->error.context, main->error.prefix, filename, main->error.context, f_string_eol_s);
+ fll_print_format("%r%[%QUnable to find the file '%Q'.%]%r", data->main->error.to.stream, f_string_eol_s, data->main->error.context, data->main->error.prefix, filename, data->main->error.context, f_string_eol_s);
}
else if (F_status_set_fine(status) == F_file_open) {
- fll_print_format("%r%[%QUnable to open the file '%Q'.%]%r", main->error.to.stream, f_string_eol_s, main->error.context, main->error.prefix, filename, main->error.context, f_string_eol_s);
+ fll_print_format("%r%[%QUnable to open the file '%Q'.%]%r", data->main->error.to.stream, f_string_eol_s, data->main->error.context, data->main->error.prefix, filename, data->main->error.context, f_string_eol_s);
}
else if (F_status_set_fine(status) == F_file_descriptor) {
- fll_print_format("%r%[%QFile descriptor error while trying to open the file '%Q'.%]%r", main->error.to.stream, f_string_eol_s, main->error.context, main->error.prefix, filename, main->error.context, f_string_eol_s);
+ fll_print_format("%r%[%QFile descriptor error while trying to open the file '%Q'.%]%r", data->main->error.to.stream, f_string_eol_s, data->main->error.context, data->main->error.prefix, filename, data->main->error.context, f_string_eol_s);
}
else {
- firewall_print_error_on_unhandled(main->error, "f_file_open", F_status_set_fine(status));
+ firewall_print_error_on_unhandled(data->main->error, "f_file_open", F_status_set_fine(status));
}
}
}
f_file_stream_close(F_true, &file);
if (F_status_is_error(status)) {
- if (main->error.verbosity != f_console_verbosity_quiet_e) {
+ if (data->main->error.verbosity != f_console_verbosity_quiet_e) {
if (F_status_set_fine(status) == F_parameter) {
- firewall_print_error_on_invalid_parameter(main->error, "f_file_read");
+ firewall_print_error_on_invalid_parameter(data->main->error, "f_file_read");
}
else if (F_status_set_fine(status) == F_number_overflow) {
- fll_print_format("%r%[%QInteger overflow while trying to buffer the file '%Q'.%]%r", main->error.to.stream, f_string_eol_s, main->error.context, main->error.prefix, filename, main->error.context, f_string_eol_s);
+ fll_print_format("%r%[%QInteger overflow while trying to buffer the file '%Q'.%]%r", data->main->error.to.stream, f_string_eol_s, data->main->error.context, data->main->error.prefix, filename, data->main->error.context, f_string_eol_s);
}
else if (F_status_set_fine(status) == F_file_closed) {
- fll_print_format("%r%[%QThe file '%Q' is no longer open.%]%r", main->error.to.stream, f_string_eol_s, main->error.context, main->error.prefix, filename, main->error.context, f_string_eol_s);
+ fll_print_format("%r%[%QThe file '%Q' is no longer open.%]%r", data->main->error.to.stream, f_string_eol_s, data->main->error.context, data->main->error.prefix, filename, data->main->error.context, f_string_eol_s);
}
else if (F_status_set_fine(status) == F_file_seek) {
- fll_print_format("%r%[%QA seek error occurred while accessing the file '%Q'.%]%r", main->error.to.stream, f_string_eol_s, main->error.context, main->error.prefix, filename, main->error.context, f_string_eol_s);
+ fll_print_format("%r%[%QA seek error occurred while accessing the file '%Q'.%]%r", data->main->error.to.stream, f_string_eol_s, data->main->error.context, data->main->error.prefix, filename, data->main->error.context, f_string_eol_s);
}
else if (F_status_set_fine(status) == F_file_read) {
- fll_print_format("%r%[%QA read error occurred while accessing the file '%Q'.%]%r", main->error.to.stream, f_string_eol_s, main->error.context, main->error.prefix, filename, main->error.context, f_string_eol_s);
+ fll_print_format("%r%[%QA read error occurred while accessing the file '%Q'.%]%r", data->main->error.to.stream, f_string_eol_s, data->main->error.context, data->main->error.prefix, filename, data->main->error.context, f_string_eol_s);
}
else if (F_status_set_fine(status) == F_memory_not) {
- firewall_print_error_on_allocation_failure(main->error);
+ firewall_print_error_on_allocation_failure(data->main->error);
}
else {
- firewall_print_error_on_unhandled(main->error, "f_file_read", F_status_set_fine(status));
+ firewall_print_error_on_unhandled(data->main->error, "f_file_read", F_status_set_fine(status));
}
}
if (F_status_is_error(status)) {
status = F_status_set_fine(status);
- if (main->error.verbosity != f_console_verbosity_quiet_e) {
+ if (data->main->error.verbosity != f_console_verbosity_quiet_e) {
if (status == F_parameter) {
- firewall_print_error_on_invalid_parameter_for_file(main->error, "fll_fss_basic_list_read", filename);
+ firewall_print_error_on_invalid_parameter_for_file(data->main->error, "fll_fss_basic_list_read", filename);
}
else if (status == F_data_not_eos || status == F_data_not || status == F_data_not_stop) {
- fll_print_format("%r%[%QNo relevant main was found within the file '%Q'.%]%r", main->error.to.stream, f_string_eol_s, main->error.context, main->error.prefix, filename, main->error.context, f_string_eol_s);
+ fll_print_format("%r%[%QNo relevant main was found within the file '%Q'.%]%r", data->main->error.to.stream, f_string_eol_s, data->main->error.context, data->main->error.prefix, filename, data->main->error.context, f_string_eol_s);
}
else if (status == F_memory_not) {
- firewall_print_error_on_allocation_failure(main->error);
+ firewall_print_error_on_allocation_failure(data->main->error);
}
else {
- firewall_print_error_on_unhandled_for_file(main->error, "fll_fss_basic_read", status, filename);
+ firewall_print_error_on_unhandled_for_file(data->main->error, "fll_fss_basic_read", status, filename);
}
}
}
status = fl_fss_apply_delimit(delimits, &local->buffer);
if (F_status_is_error(status)) {
- fll_error_print(main->error, F_status_set_fine(status), "fl_fss_apply_delimit", F_true);
+ fll_error_print(data->main->error, F_status_set_fine(status), "fl_fss_apply_delimit", F_true);
}
}
return status;
}
-f_status_t firewall_process_rules(firewall_main_t * const main, f_string_range_t *range, firewall_local_data_t *local) {
+f_status_t firewall_process_rules(firewall_data_t * const data, f_string_range_t * const range, firewall_local_data_t * const local) {
f_status_t status = F_none;
f_fss_delimits_t delimits = f_fss_delimits_t_initialize;
status = fl_fss_apply_delimit(delimits, &local->buffer);
if (F_status_is_error(status)) {
- fll_error_print(main->error, F_status_set_fine(status), "fl_fss_apply_delimit", F_true);
+ fll_error_print(data->main->error, F_status_set_fine(status), "fl_fss_apply_delimit", F_true);
}
}
macro_f_fss_delimits_t_delete_simple(delimits);
if (F_status_is_error_not(status)) {
- status = firewall_perform_commands(main, *local);
+ status = firewall_perform_commands(data, local);
if (F_status_is_error(status)) {
if (F_status_set_fine(status) == F_memory_not) {
- firewall_print_error_on_allocation_failure(main->error);
+ firewall_print_error_on_allocation_failure(data->main->error);
}
else if (F_status_set_fine(status) == F_failure) {
// The error message has already been displayed.
}
else {
- firewall_print_error_on_unhandled(main->error, "firewall_perform_commands", F_status_set_fine(status));
+ firewall_print_error_on_unhandled(data->main->error, "firewall_perform_commands", F_status_set_fine(status));
}
}
}
projects / fll / commitdiff