2 * Copyright (c) 2016 Samsung Electronics Co., Ltd.
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
8 * http://www.apache.org/licenses/LICENSE-2.0
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
17 #include "stc-manager-gdbus.h"
18 #include "helper-firewall.h"
20 #define STC_FIREWALL_DBUS_SERVICE "net.stc.iptables"
21 #define STC_FIREWALL_DBUS_RULE_INTERFACE STC_FIREWALL_DBUS_SERVICE ".rule"
22 #define STC_FIREWALL_DBUS_CHAIN_INTERFACE STC_FIREWALL_DBUS_SERVICE ".chain"
23 #define STC_FIREWALL_DBUS_RULE_PATH "/net/stc/iptables/rule"
24 #define STC_FIREWALL_DBUS_CHAIN_PATH "/net/stc/iptables/chain"
26 #define STC_FIREWALL_DBUS_METHOD_ADD_CHAIN "IptAddChain"
27 #define STC_FIREWALL_DBUS_METHOD_REMOVE_CHAIN "IptRemoveChain"
28 #define STC_FIREWALL_DBUS_METHOD_FLUSH_CHAIN "IptFlushChain"
29 #define STC_FIREWALL6_DBUS_METHOD_ADD_CHAIN "Ip6tAddChain"
30 #define STC_FIREWALL6_DBUS_METHOD_REMOVE_CHAIN "Ip6tRemoveChain"
31 #define STC_FIREWALL6_DBUS_METHOD_FLUSH_CHAIN "Ip6tFlushChain"
33 #define STC_FIREWALL_DBUS_METHOD_ADD_RULE "IptAddRule"
34 #define STC_FIREWALL_DBUS_METHOD_REMOVE_RULE "IptRemoveRule"
35 #define STC_FIREWALL6_DBUS_METHOD_ADD_RULE "Ip6tAddRule"
36 #define STC_FIREWALL6_DBUS_METHOD_REMOVE_RULE "Ip6tRemoveRule"
38 #define BUF_SIZE_FOR_IP 64
40 static void __fw_add_rule_info_to_builder(GVariantBuilder *builder,
41 firewall_rule_s *rule)
43 if (builder == NULL || rule == NULL)
46 g_variant_builder_add(builder, "{sv}", RULE_CHAIN,
47 g_variant_new_string(rule->chain));
49 if (rule->direction != STC_FW_DIRECTION_NONE)
50 g_variant_builder_add(builder, "{sv}", RULE_DIRECTION,
51 g_variant_new_uint16(rule->direction));
53 if (rule->s_ip_type != STC_FW_IP_NONE)
54 g_variant_builder_add(builder, "{sv}", RULE_SIPTYPE,
55 g_variant_new_uint16(rule->s_ip_type));
57 if (rule->d_ip_type != STC_FW_IP_NONE)
58 g_variant_builder_add(builder, "{sv}", RULE_DIPTYPE,
59 g_variant_new_uint16(rule->d_ip_type));
61 if (rule->s_port_type != STC_FW_PORT_NONE)
62 g_variant_builder_add(builder, "{sv}", RULE_SPORTTYPE,
63 g_variant_new_uint16(rule->s_port_type));
65 if (rule->d_port_type != STC_FW_PORT_NONE)
66 g_variant_builder_add(builder, "{sv}", RULE_DPORTTYPE,
67 g_variant_new_uint16(rule->d_port_type));
69 if (rule->protocol != STC_FW_PROTOCOL_NONE)
70 g_variant_builder_add(builder, "{sv}", RULE_PROTOCOL,
71 g_variant_new_uint16(rule->protocol));
73 switch (rule->family) {
74 case STC_FW_FAMILY_V4:
75 if (rule->s_ip_type != STC_FW_IP_NONE) {
76 if (rule->s_ip1.Ipv4.s_addr)
77 g_variant_builder_add(builder, "{sv}", RULE_SIP1,
78 g_variant_new_uint32(rule->s_ip1.Ipv4.s_addr));
80 if (rule->s_ip2.Ipv4.s_addr)
81 g_variant_builder_add(builder, "{sv}", RULE_SIP2,
82 g_variant_new_uint32(rule->s_ip2.Ipv4.s_addr));
85 if (rule->d_ip_type != STC_FW_IP_NONE) {
86 if (rule->d_ip1.Ipv4.s_addr)
87 g_variant_builder_add(builder, "{sv}", RULE_DIP1,
88 g_variant_new_uint32(rule->d_ip1.Ipv4.s_addr));
90 if (rule->d_ip2.Ipv4.s_addr)
91 g_variant_builder_add(builder, "{sv}", RULE_DIP2,
92 g_variant_new_uint32(rule->d_ip2.Ipv4.s_addr));
96 case STC_FW_FAMILY_V6:
98 char buf[BUF_SIZE_FOR_IP];
100 if (rule->s_ip_type != STC_FW_IP_NONE) {
101 if (rule->s_ip1.Ipv6.s6_addr32[0] || rule->s_ip1.Ipv6.s6_addr32[1] ||
102 rule->s_ip1.Ipv6.s6_addr32[2] || rule->s_ip1.Ipv6.s6_addr32[3]) {
103 memset(buf, 0, sizeof(buf));
104 snprintf(buf, sizeof(buf), "%08x:%08x:%08x:%08x",
105 rule->s_ip1.Ipv6.s6_addr32[0], rule->s_ip1.Ipv6.s6_addr32[1],
106 rule->s_ip1.Ipv6.s6_addr32[2], rule->s_ip1.Ipv6.s6_addr32[3]);
107 g_variant_builder_add(builder, "{sv}", RULE_SIP1,
108 g_variant_new_string(buf));
111 if (rule->s_ip2.Ipv6.s6_addr32[0] || rule->s_ip2.Ipv6.s6_addr32[1] ||
112 rule->s_ip2.Ipv6.s6_addr32[2] || rule->s_ip2.Ipv6.s6_addr32[3]) {
113 memset(buf, 0, sizeof(buf));
114 snprintf(buf, sizeof(buf), "%08x:%08x:%08x:%08x",
115 rule->s_ip2.Ipv6.s6_addr32[0], rule->s_ip2.Ipv6.s6_addr32[1],
116 rule->s_ip2.Ipv6.s6_addr32[2], rule->s_ip2.Ipv6.s6_addr32[3]);
117 g_variant_builder_add(builder, "{sv}", RULE_SIP2,
118 g_variant_new_string(buf));
122 if (rule->d_ip_type != STC_FW_IP_NONE) {
123 if (rule->d_ip1.Ipv6.s6_addr32[0] || rule->d_ip1.Ipv6.s6_addr32[1] ||
124 rule->d_ip1.Ipv6.s6_addr32[2] || rule->d_ip1.Ipv6.s6_addr32[3]) {
125 memset(buf, 0, sizeof(buf));
126 snprintf(buf, sizeof(buf), "%08x:%08x:%08x:%08x",
127 rule->d_ip1.Ipv6.s6_addr32[0], rule->d_ip1.Ipv6.s6_addr32[1],
128 rule->d_ip1.Ipv6.s6_addr32[2], rule->d_ip1.Ipv6.s6_addr32[3]);
129 g_variant_builder_add(builder, "{sv}", RULE_DIP1,
130 g_variant_new_string(buf));
133 if (rule->d_ip2.Ipv6.s6_addr32[0] || rule->d_ip2.Ipv6.s6_addr32[1] ||
134 rule->d_ip2.Ipv6.s6_addr32[2] || rule->d_ip2.Ipv6.s6_addr32[3]) {
135 memset(buf, 0, sizeof(buf));
136 snprintf(buf, sizeof(buf), "%08x:%08x:%08x:%08x",
137 rule->d_ip2.Ipv6.s6_addr32[0], rule->d_ip2.Ipv6.s6_addr32[1],
138 rule->d_ip2.Ipv6.s6_addr32[2], rule->d_ip2.Ipv6.s6_addr32[3]);
139 g_variant_builder_add(builder, "{sv}", RULE_DIP2,
140 g_variant_new_string(buf));
150 if (rule->s_port_type != STC_FW_PORT_NONE) {
152 g_variant_builder_add(builder, "{sv}", RULE_SPORT1,
153 g_variant_new_uint32(rule->s_port1));
156 g_variant_builder_add(builder, "{sv}", RULE_SPORT2,
157 g_variant_new_uint32(rule->s_port2));
160 if (rule->s_port_type != STC_FW_PORT_NONE) {
162 g_variant_builder_add(builder, "{sv}", RULE_DPORT1,
163 g_variant_new_uint32(rule->d_port1));
166 g_variant_builder_add(builder, "{sv}", RULE_DPORT2,
167 g_variant_new_uint32(rule->d_port2));
170 if (rule->direction != STC_FW_DIRECTION_NONE) {
171 if (rule->ifname && rule->ifname[0] != '\0')
172 g_variant_builder_add(builder, "{sv}", RULE_IFNAME,
173 g_variant_new_string(rule->ifname));
176 if (rule->target_str && rule->target_str[0] != '\0')
177 g_variant_builder_add(builder, "{sv}", RULE_TARGET,
178 g_variant_new_string(rule->target_str));
180 if (rule->target != STC_FW_RULE_TARGET_NONE)
181 g_variant_builder_add(builder, "{sv}", RULE_TARGETTYPE,
182 g_variant_new_uint16(rule->target));
184 switch (rule->target) {
185 case STC_FW_RULE_TARGET_LOG:
186 g_variant_builder_add(builder, "{sv}", RULE_LOG_LEVEL,
187 g_variant_new_uint16(rule->log_level));
189 if (rule->log_prefix && rule->log_prefix[0] != '\0')
190 g_variant_builder_add(builder, "{sv}", RULE_LOG_PREFIX,
191 g_variant_new_string(rule->log_prefix));
193 case STC_FW_RULE_TARGET_NFLOG:
194 g_variant_builder_add(builder, "{sv}", RULE_NFLOG_GROUP,
195 g_variant_new_uint16(rule->nflog_group));
197 if (rule->nflog_prefix && rule->nflog_prefix[0] != '\0')
198 g_variant_builder_add(builder, "{sv}", RULE_NFLOG_PREFIX,
199 g_variant_new_string(rule->nflog_prefix));
201 g_variant_builder_add(builder, "{sv}", RULE_NFLOG_RANGE,
202 g_variant_new_uint16(rule->nflog_range));
204 g_variant_builder_add(builder, "{sv}", RULE_NFLOG_THRESHOLD,
205 g_variant_new_uint16(rule->nflog_threshold));
212 static int __fw_add_chain(GDBusConnection *connection,
216 GVariant *message = NULL;
218 message = stc_manager_gdbus_call_sync(connection,
219 STC_FIREWALL_DBUS_SERVICE,
220 STC_FIREWALL_DBUS_CHAIN_PATH,
221 STC_FIREWALL_DBUS_CHAIN_INTERFACE,
222 STC_FIREWALL_DBUS_METHOD_ADD_CHAIN,
223 g_variant_new("(s)", chain));
225 if (message == NULL) {
226 STC_LOGE("Failed to invoke dbus method");
227 return STC_ERROR_FAIL;
230 g_variant_get(message, "(i)", &result);
231 STC_LOGD("Successfully added firewall chain [%d:%s]", result, chain);
232 g_variant_unref(message);
234 return STC_ERROR_NONE;
237 static int __fw6_add_chain(GDBusConnection *connection,
241 GVariant *message = NULL;
243 message = stc_manager_gdbus_call_sync(connection,
244 STC_FIREWALL_DBUS_SERVICE,
245 STC_FIREWALL_DBUS_CHAIN_PATH,
246 STC_FIREWALL_DBUS_CHAIN_INTERFACE,
247 STC_FIREWALL6_DBUS_METHOD_ADD_CHAIN,
248 g_variant_new("(s)", chain));
250 if (message == NULL) {
251 STC_LOGE("Failed to invoke dbus method");
252 return STC_ERROR_FAIL;
255 g_variant_get(message, "(i)", &result);
256 STC_LOGD("Successfully added firewall6 chain [%d:%s]", result, chain);
257 g_variant_unref(message);
259 return STC_ERROR_NONE;
262 static int __fw_remove_chain(GDBusConnection *connection,
266 GVariant *message = NULL;
268 message = stc_manager_gdbus_call_sync(connection,
269 STC_FIREWALL_DBUS_SERVICE,
270 STC_FIREWALL_DBUS_CHAIN_PATH,
271 STC_FIREWALL_DBUS_CHAIN_INTERFACE,
272 STC_FIREWALL_DBUS_METHOD_REMOVE_CHAIN,
273 g_variant_new("(s)", chain));
275 if (message == NULL) {
276 STC_LOGE("Failed to invoke dbus method");
277 return STC_ERROR_FAIL;
280 g_variant_get(message, "(i)", &result);
281 STC_LOGD("Successfully removed firewall chain [%d:%s]", result, chain);
282 g_variant_unref(message);
284 return STC_ERROR_NONE;
287 static int __fw6_remove_chain(GDBusConnection *connection,
291 GVariant *message = NULL;
293 message = stc_manager_gdbus_call_sync(connection,
294 STC_FIREWALL_DBUS_SERVICE,
295 STC_FIREWALL_DBUS_CHAIN_PATH,
296 STC_FIREWALL_DBUS_CHAIN_INTERFACE,
297 STC_FIREWALL6_DBUS_METHOD_REMOVE_CHAIN,
298 g_variant_new("(s)", chain));
300 if (message == NULL) {
301 STC_LOGE("Failed to invoke dbus method");
302 return STC_ERROR_FAIL;
305 g_variant_get(message, "(i)", &result);
306 STC_LOGD("Successfully removed firewall6 chain [%d:%s]", result, chain);
307 g_variant_unref(message);
309 return STC_ERROR_NONE;
312 static int __fw_flush_chain(GDBusConnection *connection,
316 GVariant *message = NULL;
318 message = stc_manager_gdbus_call_sync(connection,
319 STC_FIREWALL_DBUS_SERVICE,
320 STC_FIREWALL_DBUS_CHAIN_PATH,
321 STC_FIREWALL_DBUS_CHAIN_INTERFACE,
322 STC_FIREWALL_DBUS_METHOD_FLUSH_CHAIN,
323 g_variant_new("(s)", chain));
325 if (message == NULL) {
326 STC_LOGE("Failed to invoke dbus method");
327 return STC_ERROR_FAIL;
330 g_variant_get(message, "(i)", &result);
331 STC_LOGD("Successfully flushed firewall chain [%d:%s]", result, chain);
332 g_variant_unref(message);
334 return STC_ERROR_NONE;
337 static int __fw6_flush_chain(GDBusConnection *connection,
341 GVariant *message = NULL;
343 message = stc_manager_gdbus_call_sync(connection,
344 STC_FIREWALL_DBUS_SERVICE,
345 STC_FIREWALL_DBUS_CHAIN_PATH,
346 STC_FIREWALL_DBUS_CHAIN_INTERFACE,
347 STC_FIREWALL6_DBUS_METHOD_FLUSH_CHAIN,
348 g_variant_new("(s)", chain));
350 if (message == NULL) {
351 STC_LOGE("Failed to invoke dbus method");
352 return STC_ERROR_FAIL;
355 g_variant_get(message, "(i)", &result);
356 STC_LOGD("Successfully flushed firewall6 chain [%d:%s]", result, chain);
357 g_variant_unref(message);
359 return STC_ERROR_NONE;
362 static int __fw_set_chain(firewall_chain_s *chain)
364 stc_error_e ret = STC_ERROR_NONE;
365 firewall_rule_s rule;
366 memset(&rule, 0, sizeof(firewall_rule_s));
368 switch (chain->target) {
369 case STC_FW_CHAIN_TARGET_INPUT:
370 rule.chain = g_strdup(FIREWALL_CHAIN_TARGET_IN);
372 case STC_FW_CHAIN_TARGET_OUTPUT:
373 rule.chain = g_strdup(FIREWALL_CHAIN_TARGET_OUT);
376 return STC_ERROR_INVALID_PARAMETER;
379 rule.target_str = g_strdup(chain->chain);
380 ret = firewall_rule_add(&rule);
383 g_free(rule.target_str);
388 static int __fw_unset_chain(firewall_chain_s *chain)
390 stc_error_e ret = STC_ERROR_NONE;
391 firewall_rule_s rule;
392 memset(&rule, 0, sizeof(firewall_rule_s));
394 switch (chain->target) {
395 case STC_FW_CHAIN_TARGET_INPUT:
396 rule.chain = g_strdup(FIREWALL_CHAIN_TARGET_IN);
398 case STC_FW_CHAIN_TARGET_OUTPUT:
399 rule.chain = g_strdup(FIREWALL_CHAIN_TARGET_OUT);
402 return STC_ERROR_INVALID_PARAMETER;
405 rule.target_str = g_strdup(chain->chain);
406 ret = firewall_rule_remove(&rule);
409 g_free(rule.target_str);
414 static int __fw_add_rule(GDBusConnection *connection,
415 firewall_rule_s *rule)
418 GVariantBuilder *builder = NULL;
419 GVariant *params = NULL;
420 GVariant *message = NULL;
422 builder = g_variant_builder_new(G_VARIANT_TYPE("a{sv}"));
423 __fw_add_rule_info_to_builder(builder, rule);
424 params = g_variant_new("(a{sv})", builder);
425 g_variant_builder_unref(builder);
427 message = stc_manager_gdbus_call_sync(connection,
428 STC_FIREWALL_DBUS_SERVICE,
429 STC_FIREWALL_DBUS_RULE_PATH,
430 STC_FIREWALL_DBUS_RULE_INTERFACE,
431 STC_FIREWALL_DBUS_METHOD_ADD_RULE,
434 if (message == NULL) {
435 STC_LOGE("Failed to invoke dbus method");
436 return STC_ERROR_FAIL;
439 g_variant_get(message, "(i)", &result);
440 STC_LOGD("Successfully added firewall rule [%d:%s]",
441 result, rule->chain);
442 g_variant_unref(message);
444 return STC_ERROR_NONE;
447 static int __fw6_add_rule(GDBusConnection *connection,
448 firewall_rule_s *rule)
451 GVariantBuilder *builder = NULL;
452 GVariant *params = NULL;
453 GVariant *message = NULL;
455 builder = g_variant_builder_new(G_VARIANT_TYPE("a{sv}"));
456 __fw_add_rule_info_to_builder(builder, rule);
457 params = g_variant_new("(a{sv})", builder);
458 g_variant_builder_unref(builder);
460 message = stc_manager_gdbus_call_sync(connection,
461 STC_FIREWALL_DBUS_SERVICE,
462 STC_FIREWALL_DBUS_RULE_PATH,
463 STC_FIREWALL_DBUS_RULE_INTERFACE,
464 STC_FIREWALL6_DBUS_METHOD_ADD_RULE,
467 if (message == NULL) {
468 STC_LOGE("Failed to invoke dbus method");
469 return STC_ERROR_FAIL;
472 g_variant_get(message, "(i)", &result);
473 STC_LOGD("Successfully added firewall6 rule [%d:%s]",
474 result, rule->chain);
475 g_variant_unref(message);
477 return STC_ERROR_NONE;
480 static int __fw_remove_rule(GDBusConnection *connection,
481 firewall_rule_s *rule)
484 GVariantBuilder *builder = NULL;
485 GVariant *params = NULL;
486 GVariant *message = NULL;
488 builder = g_variant_builder_new(G_VARIANT_TYPE("a{sv}"));
489 __fw_add_rule_info_to_builder(builder, rule);
490 params = g_variant_new("(a{sv})", builder);
491 g_variant_builder_unref(builder);
493 message = stc_manager_gdbus_call_sync(connection,
494 STC_FIREWALL_DBUS_SERVICE,
495 STC_FIREWALL_DBUS_RULE_PATH,
496 STC_FIREWALL_DBUS_RULE_INTERFACE,
497 STC_FIREWALL_DBUS_METHOD_REMOVE_RULE,
500 if (message == NULL) {
501 STC_LOGE("Failed to invoke dbus method");
502 return STC_ERROR_FAIL;
505 g_variant_get(message, "(i)", &result);
506 STC_LOGD("Successfully removed firewall rule [%d:%s]",
507 result, rule->chain);
508 g_variant_unref(message);
510 return STC_ERROR_NONE;
513 static int __fw6_remove_rule(GDBusConnection *connection,
514 firewall_rule_s *rule)
517 GVariantBuilder *builder = NULL;
518 GVariant *params = NULL;
519 GVariant *message = NULL;
521 builder = g_variant_builder_new(G_VARIANT_TYPE("a{sv}"));
522 __fw_add_rule_info_to_builder(builder, rule);
523 params = g_variant_new("(a{sv})", builder);
524 g_variant_builder_unref(builder);
526 message = stc_manager_gdbus_call_sync(connection,
527 STC_FIREWALL_DBUS_SERVICE,
528 STC_FIREWALL_DBUS_RULE_PATH,
529 STC_FIREWALL_DBUS_RULE_INTERFACE,
530 STC_FIREWALL6_DBUS_METHOD_REMOVE_RULE,
533 if (message == NULL) {
534 STC_LOGE("Failed to invoke dbus method");
535 return STC_ERROR_FAIL;
538 g_variant_get(message, "(i)", &result);
539 STC_LOGD("Successfully removed firewall6 rule [%d:%s]",
540 result, rule->chain);
541 g_variant_unref(message);
543 return STC_ERROR_NONE;
546 stc_error_e firewall_chain_add(firewall_chain_s *chain)
548 __STC_LOG_FUNC_ENTER__;
550 stc_error_e ret = STC_ERROR_NONE;
551 stc_s *stc = stc_get_manager();
553 if (!stc || !stc->connection) {
554 __STC_LOG_FUNC_EXIT__;
555 return STC_ERROR_UNINITIALIZED;
558 ret = __fw_add_chain(stc->connection, chain->chain);
559 if (ret != STC_ERROR_NONE) {
560 __STC_LOG_FUNC_EXIT__;
564 ret = __fw6_add_chain(stc->connection, chain->chain);
565 if (ret != STC_ERROR_NONE) {
566 __STC_LOG_FUNC_EXIT__;
570 __STC_LOG_FUNC_EXIT__;
574 stc_error_e firewall_chain_remove(firewall_chain_s *chain)
576 __STC_LOG_FUNC_ENTER__;
578 stc_error_e ret = STC_ERROR_NONE;
579 stc_s *stc = stc_get_manager();
581 if (!stc || !stc->connection) {
582 __STC_LOG_FUNC_EXIT__;
583 return STC_ERROR_UNINITIALIZED;
586 ret = __fw_remove_chain(stc->connection, chain->chain);
587 if (ret != STC_ERROR_NONE) {
588 __STC_LOG_FUNC_EXIT__;
592 ret = __fw6_remove_chain(stc->connection, chain->chain);
593 if (ret != STC_ERROR_NONE) {
594 __STC_LOG_FUNC_EXIT__;
598 __STC_LOG_FUNC_EXIT__;
602 stc_error_e firewall_chain_flush(firewall_chain_s *chain)
604 __STC_LOG_FUNC_ENTER__;
606 stc_error_e ret = STC_ERROR_NONE;
607 stc_s *stc = stc_get_manager();
609 if (!stc || !stc->connection) {
610 __STC_LOG_FUNC_EXIT__;
611 return STC_ERROR_UNINITIALIZED;
614 ret = __fw_flush_chain(stc->connection, chain->chain);
615 if (ret != STC_ERROR_NONE) {
616 __STC_LOG_FUNC_EXIT__;
620 ret = __fw6_flush_chain(stc->connection, chain->chain);
621 if (ret != STC_ERROR_NONE) {
622 __STC_LOG_FUNC_EXIT__;
626 __STC_LOG_FUNC_EXIT__;
630 stc_error_e firewall_chain_set(firewall_chain_s *chain)
632 __STC_LOG_FUNC_ENTER__;
634 stc_error_e ret = STC_ERROR_NONE;
635 ret = __fw_set_chain(chain);
637 __STC_LOG_FUNC_EXIT__;
641 stc_error_e firewall_chain_unset(firewall_chain_s *chain)
643 __STC_LOG_FUNC_ENTER__;
645 stc_error_e ret = STC_ERROR_NONE;
646 ret = __fw_unset_chain(chain);
648 __STC_LOG_FUNC_EXIT__;
652 stc_error_e firewall_rule_add(firewall_rule_s *rule)
654 stc_error_e ret = STC_ERROR_NONE;
655 stc_s *stc = stc_get_manager();
657 if (!stc || !stc->connection) {
658 __STC_LOG_FUNC_EXIT__;
659 return STC_ERROR_UNINITIALIZED;
662 switch (rule->family) {
663 case STC_FW_FAMILY_V4:
664 ret = __fw_add_rule(stc->connection, rule);
665 if (ret != STC_ERROR_NONE) {
666 __STC_LOG_FUNC_EXIT__;
670 case STC_FW_FAMILY_V6:
671 ret = __fw6_add_rule(stc->connection, rule);
672 if (ret != STC_ERROR_NONE) {
673 __STC_LOG_FUNC_EXIT__;
678 ret = __fw_add_rule(stc->connection, rule);
679 if (ret != STC_ERROR_NONE) {
680 __STC_LOG_FUNC_EXIT__;
684 ret = __fw6_add_rule(stc->connection, rule);
685 if (ret != STC_ERROR_NONE) {
686 __STC_LOG_FUNC_EXIT__;
695 stc_error_e firewall_rule_remove(firewall_rule_s *rule)
697 stc_error_e ret = STC_ERROR_NONE;
698 stc_s *stc = stc_get_manager();
700 if (!stc || !stc->connection) {
701 __STC_LOG_FUNC_EXIT__;
702 return STC_ERROR_UNINITIALIZED;
705 switch (rule->family) {
706 case STC_FW_FAMILY_V4:
707 ret = __fw_remove_rule(stc->connection, rule);
708 if (ret != STC_ERROR_NONE) {
709 __STC_LOG_FUNC_EXIT__;
713 case STC_FW_FAMILY_V6:
714 ret = __fw6_remove_rule(stc->connection, rule);
715 if (ret != STC_ERROR_NONE) {
716 __STC_LOG_FUNC_EXIT__;
721 ret = __fw_remove_rule(stc->connection, rule);
722 if (ret != STC_ERROR_NONE) {
723 __STC_LOG_FUNC_EXIT__;
727 ret = __fw6_remove_rule(stc->connection, rule);
728 if (ret != STC_ERROR_NONE) {
729 __STC_LOG_FUNC_EXIT__;