Added firewall update of blacklisted IP addresses in eFW_StartFirewall(...)

1 files changed, 20 insertions, 0 deletions

diff --git a/plugin/firewall/eurephiafw.c b/plugin/firewall/eurephiafw.c
index 444f471..3f43aa5 100644
--- a/plugin/firewall/eurephiafw.c
+++ b/plugin/firewall/eurephiafw.c
@@ -38,6 +38,7 @@
 #include "eurephia_nullsafe.h"
 #include "eurephia_values.h"
 #include "eurephiafw_helpers.h"
+#include "eurephuadb_driver.h"
 
 int eFW_unload(eurephiaCTX *ctx) {
         if( ctx == NULL ) {
@@ -214,6 +215,25 @@ void eFW_StartFirewall(eurephiaCTX *ctx) {
                 eurephia_log(ctx, LOG_ERROR, 0, "Could not request firewall initialisation of the %s chain: %s",
                              fwdest, strerror(errno));
         };
+
+        if( ctx->fwcfg->fwblacklist != NULL ) {
+                eurephiaVALUES *blacklisted = NULL, *p = NULL;
+                // Flushing firewall blacklist chain
+                snprintf(buf, 1024, "F %s", ctx->fwcfg->fwblacklist);
+                if( mq_send((*ctx->fwcfg).thrdata.msgq, buf, strlen(buf)+1, 1) == -1 ) {
+                        eurephia_log(ctx, LOG_ERROR, 0, "Could not request flushing of the %s chain: %s",
+                                     ctx->fwcfg->fwblacklist, strerror(errno));
+                };
+
+                // Registering already blacklisted IP addresses into the proper firewall chain
+                blacklisted = eDBget_blaclisted_ip(ctx);
+                p = blacklisted;
+                while( p != NULL ) {
+                        eFW_UpdateFirewall(ctx, FWRULE_BLACKLIST, p->val, ctx->fwcfg->fwblacklist, NULL);
+                        p = p->next;
+                }
+                eFree_values(ctx, blacklisted);
+        }
 }
 
 void eFW_StopFirewall(eurephiaCTX *ctx) {