diff options
Diffstat (limited to 'plugin/firewall/iptables/efw-iptables.c')
-rw-r--r-- | plugin/firewall/iptables/efw-iptables.c | 34 |
1 files changed, 17 insertions, 17 deletions
diff --git a/plugin/firewall/iptables/efw-iptables.c b/plugin/firewall/iptables/efw-iptables.c index aad5d4f..6172d5d 100644 --- a/plugin/firewall/iptables/efw-iptables.c +++ b/plugin/firewall/iptables/efw-iptables.c @@ -176,7 +176,7 @@ void eFW_RunFirewall(void *fwargs) { */ int process_input(eurephiaCTX *ctx, const char *fwcmd, const eFWupdateRequest *req) { const char *iptables_args[] = { NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL}; - int ret = 0; + int ret = 0, argc = 2; DEBUG(ctx, 36, "eFW_RunFirewall::process_input(ctx, %s, %s, %s, %s, %s)", eFWmode_str[req->mode], req->ipaddress, req->macaddress, @@ -195,24 +195,24 @@ int process_input(eurephiaCTX *ctx, const char *fwcmd, const eFWupdateRequest *r iptables_args[1] = "-D"; } // Prepare iptables arguments - iptables_args[2] = req->rule_destination; - if( req->ipaddress ) { - iptables_args[3] = "-s\0"; - iptables_args[4] = req->ipaddress; + iptables_args[argc++] = req->rule_destination; + if( strlen_nullsafe(req->ipaddress) > 0 ) { + iptables_args[argc++] = "-s\0"; + iptables_args[argc++] = req->ipaddress; } - if( req->macaddress ) { - iptables_args[3] = "-m\0"; - iptables_args[4] = "mac\0"; - iptables_args[5] = "--mac-source\0"; - iptables_args[6] = req->macaddress; + if( strlen_nullsafe(req->macaddress) > 0 ) { + iptables_args[argc++] = "-m\0"; + iptables_args[argc++] = "mac\0"; + iptables_args[argc++] = "--mac-source\0"; + iptables_args[argc++] = req->macaddress; } - iptables_args[7] = "-m\0"; - iptables_args[8] = "state\0"; - iptables_args[9] = "--state\0"; - iptables_args[10] = "NEW\0"; - iptables_args[11] = "-j\0"; - iptables_args[12] = req->goto_destination; - iptables_args[13] = NULL; + iptables_args[argc++] = "-m\0"; + iptables_args[argc++] = "state\0"; + iptables_args[argc++] = "--state\0"; + iptables_args[argc++] = "NEW\0"; + iptables_args[argc++] = "-j\0"; + iptables_args[argc++] = req->goto_destination; + iptables_args[argc++] = NULL; eurephia_log(ctx, LOG_INFO, 3, "eFW_RunFirewall - updating iptables rules " "==> mode: %s ipaddr: %s macaddr: '%s' destchain: '%s' jump: '%s'", |