diff options
| author | David Sommerseth <dazo@users.sourceforge.net> | 2010-08-26 17:56:39 +0200 |
|---|---|---|
| committer | David Sommerseth <dazo@users.sourceforge.net> | 2010-08-26 17:56:39 +0200 |
| commit | 8fb7a163d03b8a547332cea6484848b799c2c2e1 (patch) | |
| tree | 78ceaee8efd17ba4ec69055af7ecd9a02ab1fe9f /plugin | |
| parent | d5134aeb56a68fdcf45ff8347d308a88ca4bc5e8 (diff) | |
| download | eurephia-8fb7a163d03b8a547332cea6484848b799c2c2e1.tar.gz eurephia-8fb7a163d03b8a547332cea6484848b799c2c2e1.tar.xz eurephia-8fb7a163d03b8a547332cea6484848b799c2c2e1.zip | |
Fixed some issues with the firewall implementation
- OpenVPN would not exit gracefully due to mq_send() returns 0 on success
- On-the-fly blacklisting with new API failed due to wrong value checking
The request->rule_destination is empty when request->mode==BLACKLIST, so
the check for rule_destination was moved to the appropriate place.
Signed-off-by: David Sommerseth <dazo@users.sourceforge.net>
Diffstat (limited to 'plugin')
| -rw-r--r-- | plugin/firewall/eurephiafw.c | 12 |
1 files changed, 9 insertions, 3 deletions
diff --git a/plugin/firewall/eurephiafw.c b/plugin/firewall/eurephiafw.c index 774fe21..9ef8ce0 100644 --- a/plugin/firewall/eurephiafw.c +++ b/plugin/firewall/eurephiafw.c @@ -354,7 +354,7 @@ void eFW_StopFirewall(eurephiaCTX *ctx) { errno = 0; mqres = mq_send((*ctx->fwcfg).thrdata.msgq, (const char *)&updreq, EFW_MSG_SIZE, 1); - if( mqres < 1 ) { + if( mqres < 0 ) { eurephia_log(ctx, LOG_PANIC, 0, "Could not initiate shutdown on eFW module: %s", strerror(errno)); kill(ctx->fwcfg->fwproc_pid, SIGABRT); @@ -414,8 +414,8 @@ int eFW_UpdateFirewall(eurephiaCTX *ctx, eFWupdateRequest *request ) { return 0; } - if( (request == NULL) || (strlen_nullsafe(request->rule_destination) < 1) ) { - eurephia_log(ctx, LOG_PANIC, 0, "eFW_UpdateFirewall: Invalid update request"); + if( (request == NULL) ) { + eurephia_log(ctx, LOG_FATAL, 0, "eFW_UpdateFirewall: Invalid update request"); return 0; } @@ -423,6 +423,12 @@ int eFW_UpdateFirewall(eurephiaCTX *ctx, eFWupdateRequest *request ) { case fwADD: prio = 11; case fwDELETE: + if( strlen_nullsafe(request->rule_destination) < 1 ) { + eurephia_log(ctx, LOG_FATAL, 0, + "eFW_UpdateFirewall: No firewall destination defined"); + return 0; + } + if( (strlen_nullsafe(request->macaddress) < 1) && (strlen_nullsafe(request->ipaddress) < 1) ) { eurephia_log(ctx, LOG_ERROR, 0, |