fdo-mirrors/NetworkManager
1
0
Fork 0
mirror of https://gitlab.freedesktop.org/NetworkManager/NetworkManager.git synced 2026-01-06 13:10:29 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

firewall/trivial: rename "shared"/"add" argument in firewall utils to "up"

Browse source 
(cherry picked from commit e185f7966d)
This commit is contained in:
Thomas Haller 2022-09-13 19:22:58 +02:00
parent aed57e8acc
commit 6fa0068c1e
No known key found for this signature in database
GPG key ID: 29C2366E4DFC5728
2 changed files with 15 additions and 15 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

28
src/core/nm-firewall-utils.c
View file

@ -171,7 +171,7 @@ _share_iptables_chain_add(const char *table, const char *chain)
}
static void
_share_iptables_set_masquerade(gboolean add, const char *ip_iface, in_addr_t addr, guint8 plen)
_share_iptables_set_masquerade(gboolean up, const char *ip_iface, in_addr_t addr, guint8 plen)
{
char str_subnet[_SHARE_IPTABLES_SUBNET_TO_STR_LEN];
gs_free char *comment_name = NULL;
@ -182,7 +182,7 @@ _share_iptables_set_masquerade(gboolean add, const char *ip_iface, in_addr_t add
_share_iptables_call("" IPTABLES_PATH "",
"--table",
"nat",
add ? "--insert" : "--delete",
up ? "--insert" : "--delete",
"POSTROUTING",
"--source",
str_subnet,
@ -310,7 +310,7 @@ _share_iptables_set_shared_chains_delete(const char *chain_input, const char *ch
}
_nm_unused static void
_share_iptables_set_shared(gboolean add, const char *ip_iface, in_addr_t addr, guint plen)
_share_iptables_set_shared(gboolean up, const char *ip_iface, in_addr_t addr, guint plen)
{
gs_free char *comment_name = NULL;
gs_free char *chain_input = NULL;
@ -320,13 +320,13 @@ _share_iptables_set_shared(gboolean add, const char *ip_iface, in_addr_t addr, g
chain_input = _share_iptables_get_name(TRUE, "nm-sh-in", ip_iface);
chain_forward = _share_iptables_get_name(TRUE, "nm-sh-fw", ip_iface);
if (add)
if (up)
_share_iptables_set_shared_chains_add(chain_input, chain_forward, ip_iface, addr, plen);
_share_iptables_call("" IPTABLES_PATH "",
"--table",
"filter",
add ? "--insert" : "--delete",
up ? "--insert" : "--delete",
"INPUT",
"--in-interface",
ip_iface,
@ -340,7 +340,7 @@ _share_iptables_set_shared(gboolean add, const char *ip_iface, in_addr_t addr, g
_share_iptables_call("" IPTABLES_PATH "",
"--table",
"filter",
add ? "--insert" : "--delete",
up ? "--insert" : "--delete",
"FORWARD",
"--jump",
chain_forward,
@ -349,7 +349,7 @@ _share_iptables_set_shared(gboolean add, const char *ip_iface, in_addr_t addr, g
"--comment",
comment_name);
if (!add)
if (!up)
_share_iptables_set_shared_chains_delete(chain_input, chain_forward);
}
@ -599,7 +599,7 @@ _fw_nft_call_sync(GBytes *stdin_buf, GError **error)
/*****************************************************************************/
static void
_fw_nft_set(gboolean add, const char *ip_iface, in_addr_t addr, guint8 plen)
_fw_nft_set(gboolean up, const char *ip_iface, in_addr_t addr, guint8 plen)
{
nm_auto_str_buf NMStrBuf strbuf = NM_STR_BUF_INIT(NM_UTILS_GET_NEXT_REALLOC_SIZE_1000, FALSE);
gs_unref_bytes GBytes *stdin_buf = NULL;
@ -614,9 +614,9 @@ _fw_nft_set(gboolean add, const char *ip_iface, in_addr_t addr, guint8 plen)
#define _append(p_strbuf, fmt, ...) nm_str_buf_append_printf((p_strbuf), "" fmt "\n", ##__VA_ARGS__)
_append(&strbuf, "add table ip %s", table_name);
_append(&strbuf, "%s table ip %s", add ? "flush" : "delete", table_name);
_append(&strbuf, "%s table ip %s", up ? "flush" : "delete", table_name);
if (add) {
if (up) {
_append(&strbuf,
"add chain ip %s nat_postrouting {"
" type nat hook postrouting priority 100; policy accept; "
@ -720,15 +720,15 @@ nm_firewall_config_free(NMFirewallConfig *self)
}
void
nm_firewall_config_apply(NMFirewallConfig *self, gboolean shared)
nm_firewall_config_apply(NMFirewallConfig *self, gboolean up)
{
switch (nm_firewall_utils_get_backend()) {
case NM_FIREWALL_BACKEND_IPTABLES:
_share_iptables_set_masquerade(shared, self->ip_iface, self->addr, self->plen);
_share_iptables_set_shared(shared, self->ip_iface, self->addr, self->plen);
_share_iptables_set_masquerade(up, self->ip_iface, self->addr, self->plen);
_share_iptables_set_shared(up, self->ip_iface, self->addr, self->plen);
break;
case NM_FIREWALL_BACKEND_NFTABLES:
_fw_nft_set(shared, self->ip_iface, self->addr, self->plen);
_fw_nft_set(up, self->ip_iface, self->addr, self->plen);
break;
case NM_FIREWALL_BACKEND_NONE:
break;

2
src/core/nm-firewall-utils.h
View file

@ -24,6 +24,6 @@ NMFirewallConfig *nm_firewall_config_new(const char *ip_iface, in_addr_t addr, g
void nm_firewall_config_free(NMFirewallConfig *self);
void nm_firewall_config_apply(NMFirewallConfig *self, gboolean shared);
void nm_firewall_config_apply(NMFirewallConfig *self, gboolean up);
#endif /* __NM_FIREWALL_UTILS_H__ */