info->identifier = g_strdup(rule->identifier);
info->key = rule->key;
- STC_LOGD("Identifier [%s]", rule->identifier);
- STC_LOGD("Key [%u]", rule->key);
+ if (STC_DEBUG_LOG && STC_FW_LOG) {
+ STC_LOGD("Identifier [%s]", rule->identifier);
+ STC_LOGD("Key [%u]", rule->key);
+ }
}
static void __fw_rule_free(void *data)
lookup = g_hash_table_lookup(g_firewalls, chain);
if (lookup) {
- STC_LOGD("chain already present");
+ if (STC_DEBUG_LOG && STC_FW_LOG)
+ STC_LOGD("chain already present");
return STC_ERROR_ALREADY_DATA;
}
data = MALLOC0(stc_fw_data_s, 1);
if (!data) {
- STC_LOGE("data allocation failed");
+ if (STC_DEBUG_LOG && STC_FW_LOG)
+ STC_LOGE("data allocation failed");
return STC_ERROR_OUT_OF_MEMORY;
}
lookup = g_hash_table_lookup(g_firewalls, chain);
if (!lookup) {
- STC_LOGE("chain not found");
+ if (STC_DEBUG_LOG && STC_FW_LOG)
+ STC_LOGE("chain not found");
return STC_ERROR_NO_DATA;
}
if (lookup->target != STC_FW_CHAIN_TARGET_NONE) {
- STC_LOGE("can't be applied bcz chain is set");
+ if (STC_DEBUG_LOG && STC_FW_LOG)
+ STC_LOGE("can't be applied bcz chain is set");
return STC_ERROR_INVALID_PARAMETER;
}
lookup = g_hash_table_lookup(g_firewalls, chain);
if (!lookup) {
- STC_LOGE("chain not found");
+ if (STC_DEBUG_LOG && STC_FW_LOG)
+ STC_LOGE("chain not found");
return STC_ERROR_NO_DATA;
}
if (lookup->target != STC_FW_CHAIN_TARGET_NONE) {
- STC_LOGE("can't be applied bcz chain is set");
+ if (STC_DEBUG_LOG && STC_FW_LOG)
+ STC_LOGE("can't be applied bcz chain is set");
return STC_ERROR_INVALID_PARAMETER;
}
lookup = g_hash_table_lookup(g_firewalls, chain);
if (!lookup) {
- STC_LOGE("chain not found");
+ if (STC_DEBUG_LOG && STC_FW_LOG)
+ STC_LOGE("chain not found");
return STC_ERROR_NO_DATA;
}
lookup = g_hash_table_lookup(g_firewalls, chain);
if (!lookup) {
- STC_LOGE("chain not found");
+ if (STC_DEBUG_LOG && STC_FW_LOG)
+ STC_LOGE("chain not found");
return NULL;
}
lookup = g_hash_table_lookup(g_firewalls, chain);
if (!lookup) {
- STC_LOGE("chain not found");
+ if (STC_DEBUG_LOG && STC_FW_LOG)
+ STC_LOGE("chain not found");
return STC_ERROR_NO_DATA;
}
switch (rule->s_ip_type) {
case STC_FW_IP_RANGE:
+ /* fall through */
case STC_FW_IP_MASK:
addr = g_try_malloc0(INET_ADDRSTRLEN);
if (addr) {
g_variant_new_string(addr));
FREE(addr);
}
+ /* fall through */
case STC_FW_IP_SINGLE:
addr = g_try_malloc0(INET_ADDRSTRLEN);
if (addr) {
switch (rule->d_ip_type) {
case STC_FW_IP_RANGE:
+ /* fall through */
case STC_FW_IP_MASK:
addr = g_try_malloc0(INET_ADDRSTRLEN);
if (addr) {
g_variant_new_string(addr));
FREE(addr);
}
+ /* fall through */
case STC_FW_IP_SINGLE:
addr = g_try_malloc0(INET_ADDRSTRLEN);
if (addr) {
switch (rule->s_ip_type) {
case STC_FW_IP_RANGE:
+ /* fall through */
case STC_FW_IP_MASK:
addr = g_try_malloc0(INET6_ADDRSTRLEN);
if (addr) {
g_variant_new_string(addr));
FREE(addr);
}
+ /* fall through */
case STC_FW_IP_SINGLE:
addr = g_try_malloc0(INET6_ADDRSTRLEN);
if (addr) {
switch (rule->d_ip_type) {
case STC_FW_IP_RANGE:
+ /* fall through */
case STC_FW_IP_MASK:
addr = g_try_malloc0(INET6_ADDRSTRLEN);
if (addr) {
g_variant_new_string(addr));
FREE(addr);
}
+ /* fall through */
case STC_FW_IP_SINGLE:
addr = g_try_malloc0(INET6_ADDRSTRLEN);
if (addr) {
break;
}
- firewall_rule_add(rule);
+ firewall_rule_append(rule);
}
static void __fw_rule_print_rules(gpointer data, gpointer user_data)
rule->d_ip_type, rule->d_ip1.Ipv4.s_addr, rule->d_ip2.Ipv4.s_addr);
break;
case STC_FW_FAMILY_V6:
- STC_LOGD("[%d][%d][%08x:%08x:%08x:%08x][%08x:%08x:%08x:%08x]"
- "[%d][%08x:%08x:%08x:%08x][%08x:%08x:%08x:%08x]",
+ STC_LOGD("[%d][%d][%08x:%08x:%08x:%08x]"
+ "[%d][%08x:%08x:%08x:%08x]",
rule->family,
rule->s_ip_type,
rule->s_ip1.Ipv6.s6_addr32[0], rule->s_ip1.Ipv6.s6_addr32[1],
data = MALLOC0(stc_fw_data_s, 1);
if (!data) {
- STC_LOGE("data allocation failed");
+ if (STC_DEBUG_LOG && STC_FW_LOG)
+ STC_LOGE("data allocation failed");
return STC_CONTINUE;
}
lookup = g_hash_table_lookup(g_firewalls, info->chain);
if (!lookup) {
- STC_LOGE("chain not found");
+ if (STC_DEBUG_LOG && STC_FW_LOG)
+ STC_LOGE("chain not found");
return STC_CONTINUE;
}
rule = MALLOC0(firewall_rule_s, 1);
if (!rule) {
- STC_LOGE("rule allocation failed");
+ if (STC_DEBUG_LOG && STC_FW_LOG)
+ STC_LOGE("rule allocation failed");
return STC_CONTINUE;
}
lookup = g_hash_table_lookup(g_firewalls, info->chain);
if (!lookup) {
- STC_LOGE("chain not found");
+ if (STC_DEBUG_LOG && STC_FW_LOG)
+ STC_LOGE("chain not found");
return STC_ERROR_NO_DATA;
}
if (lookup->target != STC_FW_CHAIN_TARGET_NONE) {
- STC_LOGE("can't be applied bcz chain is set");
+ if (STC_DEBUG_LOG && STC_FW_LOG)
+ STC_LOGE("can't be applied bcz chain is set");
return STC_ERROR_INVALID_PARAMETER;
}
rule = MALLOC0(firewall_rule_s, 1);
if (!rule) {
- STC_LOGE("rule allocation failed");
+ if (STC_DEBUG_LOG && STC_FW_LOG)
+ STC_LOGE("rule allocation failed");
return STC_ERROR_OUT_OF_MEMORY;
}
comp = g_slist_find_custom(lookup->rules, rule, __fw_rule_comp);
if (comp) {
- STC_LOGD("rule already present");
+ if (STC_DEBUG_LOG && STC_FW_LOG)
+ STC_LOGD("rule already present");
__fw_rule_free(rule);
return STC_ERROR_ALREADY_DATA;
}
lookup = g_hash_table_lookup(g_firewalls, info->chain);
if (!lookup) {
- STC_LOGE("chain not found");
+ if (STC_DEBUG_LOG && STC_FW_LOG)
+ STC_LOGE("chain not found");
return STC_ERROR_NO_DATA;
}
if (lookup->target != STC_FW_CHAIN_TARGET_NONE) {
- STC_LOGE("can't be applied bcz chain is set");
+ if (STC_DEBUG_LOG && STC_FW_LOG)
+ STC_LOGE("can't be applied bcz chain is set");
return STC_ERROR_INVALID_PARAMETER;
}
rule_list = lookup->rules;
comp = g_slist_find_custom(rule_list, info, __fw_rule_comp);
if (!comp) {
- STC_LOGD("rule not found");
+ if (STC_DEBUG_LOG && STC_FW_LOG)
+ STC_LOGD("rule not found");
return STC_ERROR_NO_DATA;
}
lookup = g_hash_table_lookup(g_firewalls, info->chain);
if (!lookup) {
- STC_LOGE("chain not found");
+ if (STC_DEBUG_LOG && STC_FW_LOG)
+ STC_LOGE("chain not found");
return STC_ERROR_NO_DATA;
}
if (lookup->target != STC_FW_CHAIN_TARGET_NONE) {
- STC_LOGE("can't be applied bcz chain is set");
+ if (STC_DEBUG_LOG && STC_FW_LOG)
+ STC_LOGE("can't be applied bcz chain is set");
return STC_ERROR_INVALID_PARAMETER;
}
rule_list = lookup->rules;
comp = g_slist_find_custom(rule_list, info, __fw_rule_comp);
if (!comp) {
- STC_LOGD("rule not found");
+ if (STC_DEBUG_LOG && STC_FW_LOG)
+ STC_LOGD("rule not found");
return STC_ERROR_NO_DATA;
}
update_rule = MALLOC0(firewall_rule_s, 1);
if (!update_rule) {
- STC_LOGE("rule allocation failed");
+ if (STC_DEBUG_LOG && STC_FW_LOG)
+ STC_LOGE("rule allocation failed");
return STC_ERROR_OUT_OF_MEMORY;
}
comp = g_slist_find_custom(lookup->rules, update_rule, __fw_rule_comp);
if (comp) {
- STC_LOGD("rule already present");
+ if (STC_DEBUG_LOG && STC_FW_LOG)
+ STC_LOGD("rule already present");
__fw_rule_free(update_rule);
return STC_ERROR_ALREADY_DATA;
}
}
} else if (g_strcmp0(key, RULE_DPORT1) == 0) {
- if (rule->s_port_type != STC_FW_PORT_NONE) {
+ if (rule->d_port_type != STC_FW_PORT_NONE) {
rule->d_port1 = g_variant_get_uint32(value);
STC_LOGD("%s: [%04x]", RULE_DPORT1, rule->d_port1);
}
return FALSE;
}
+ if (rule->target >= STC_FW_RULE_TARGET_MAX) {
+ __STC_LOG_FUNC_EXIT__;
+ return FALSE;
+ }
+
if (rule->target == STC_FW_RULE_TARGET_LOG &&
(rule->log_prefix == NULL ||
rule->log_prefix[0] == '\0')) {
void stc_firewall_init(void)
{
+ __STC_LOG_FUNC_ENTER__;
+
int ret = STC_ERROR_NONE;
g_firewalls = g_hash_table_new_full(g_str_hash,
table_firewall_foreach_chain(__fw_table_chain_info_cb, NULL);
table_firewall_foreach_rule(__fw_table_rule_info_cb, NULL);
+
+ __STC_LOG_FUNC_EXIT__;
}
-void stc_firewall_update(void)
+API void stc_firewall_update(void)
{
+ __STC_LOG_FUNC_ENTER__;
+
__fw_chain_foreach(__fw_foreach_to_add_chain, NULL);
__fw_chain_foreach(__fw_foreach_to_set_rule_to_chain, NULL);
__fw_chain_foreach(__fw_foreach_to_set_chain, NULL);
+
+ __STC_LOG_FUNC_EXIT__;
}
void stc_firewall_deinit(void)
{
+ __STC_LOG_FUNC_ENTER__;
+
if (g_firewalls) {
g_hash_table_destroy(g_firewalls);
g_firewalls = NULL;
}
+
+ __STC_LOG_FUNC_EXIT__;
}
gboolean handle_firewall_lock(StcFirewall *object,
}
if (lookup->target == STC_FW_CHAIN_TARGET_NONE) {
- STC_LOGE("chain is not set");
+ if (STC_DEBUG_LOG && STC_FW_LOG)
+ STC_LOGE("chain is not set");
STC_FIREWALL_DBUS_REPLY_ERROR(invocation,
STC_ERROR_INVALID_PARAMETER);
__STC_LOG_FUNC_EXIT__;
rule = MALLOC0(firewall_rule_s, 1);
if (!rule) {
- STC_LOGE("rule allocation failed");
+ if (STC_DEBUG_LOG && STC_FW_LOG)
+ STC_LOGE("rule allocation failed");
return STC_ERROR_OUT_OF_MEMORY;
}
rule = MALLOC0(firewall_rule_s, 1);
if (!rule) {
- STC_LOGE("rule allocation failed");
+ if (STC_DEBUG_LOG && STC_FW_LOG)
+ STC_LOGE("rule allocation failed");
return STC_ERROR_OUT_OF_MEMORY;
}
rule = MALLOC0(firewall_rule_s, 1);
if (!rule) {
- STC_LOGE("rule allocation failed");
+ if (STC_DEBUG_LOG && STC_FW_LOG)
+ STC_LOGE("rule allocation failed");
return STC_ERROR_OUT_OF_MEMORY;
}