static GSList *managed_tables;
+static bool firewall_is_up;
+
static int chain_to_index(const char *chain_name)
{
if (!g_strcmp0(builtin_chains[NF_IP_PRE_ROUTING], chain_name))
static int managed_chain_to_index(const char *chain_name)
{
- if (g_str_has_prefix(chain_name, CHAIN_PREFIX) == FALSE)
+ if (!g_str_has_prefix(chain_name, CHAIN_PREFIX))
return -1;
return chain_to_index(chain_name + strlen(CHAIN_PREFIX));
goto out;
}
- for (list = managed_tables; list != NULL; list = list->next) {
+ for (list = managed_tables; list; list = list->next) {
mtable = list->data;
if (g_strcmp0(mtable->name, table_name) == 0)
mtable = NULL;
}
- if (mtable == NULL) {
+ if (!mtable) {
mtable = g_new0(struct connman_managed_table, 1);
mtable->name = g_strdup(table_name);
err = __connman_iptables_delete(table_name, managed_chain,
rule_spec);
- for (list = managed_tables; list != NULL; list = list->next) {
+ for (list = managed_tables; list; list = list->next) {
mtable = list->data;
if (g_strcmp0(mtable->name, table_name) == 0)
mtable = NULL;
}
- if (mtable == NULL) {
+ if (!mtable) {
err = -ENOENT;
goto out;
}
GList *list;
int err;
- for (list = rules; list != NULL; list = g_list_previous(list)) {
+ for (list = rules; list; list = g_list_previous(list)) {
rule = list->data;
err = delete_managed_rule(rule->table,
GList *list;
int err;
- for (list = g_list_first(ctx->rules); list != NULL;
+ for (list = g_list_first(ctx->rules); list;
list = g_list_next(list)) {
rule = list->data;
goto err;
}
+ firewall_is_up = true;
+
return 0;
err:
return firewall_disable(g_list_last(ctx->rules));
}
+bool __connman_firewall_is_up(void)
+{
+ return firewall_is_up;
+}
+
static void iterate_chains_cb(const char *chain_name, void *user_data)
{
GSList **chains = user_data;
__connman_iptables_iterate_chains(table_name, iterate_chains_cb,
&chains);
- for (list = chains; list != NULL; list = list->next) {
+ for (list = chains; list; list = list->next) {
id = GPOINTER_TO_INT(list->data);
managed_chain = g_strdup_printf("%s%s", CHAIN_PREFIX,
static void flush_all_tables(void)
{
- /* Flush the tables ConnMan might have modified */
+ /* Flush the tables ConnMan might have modified
+ * But do so if only ConnMan has done something with
+ * iptables */
+
+ if (!g_file_test("/proc/net/ip_tables_names",
+ G_FILE_TEST_EXISTS | G_FILE_TEST_IS_REGULAR)) {
+ firewall_is_up = false;
+ return;
+ }
+
+ firewall_is_up = true;
flush_table("filter");
flush_table("mangle");