diff options
author | Daniel Wagner <daniel.wagner@bmw-carit.de> | 2013-03-19 13:46:32 +0100 |
---|---|---|
committer | Patrik Flykt <patrik.flykt@linux.intel.com> | 2013-03-25 13:17:58 +0200 |
commit | 8d9d64c7f2deda60e668bd74c09dfd4b16cfa0d2 (patch) | |
tree | adab483ab7708ee9dbb9f243d6fe3242f8006dbc /src/connman.h | |
parent | a6b73c60cf555ea6e02daca913f08bfa0b48b723 (diff) | |
download | connman-8d9d64c7f2deda60e668bd74c09dfd4b16cfa0d2.tar.gz connman-8d9d64c7f2deda60e668bd74c09dfd4b16cfa0d2.tar.bz2 connman-8d9d64c7f2deda60e668bd74c09dfd4b16cfa0d2.zip |
firewall: Add firewall API
The main idea behind this API is to collect several iptables rules
together and enable or disable in one go.
For this a context is created via __connman_firewall_create() and
the rules added to this context via __connman_firewall_add_rule().
In order to append all rules __connman_firewall_enable() has
to be called. To remove all rules associated with one context
__connman_firewall_disable() has to be used.
If something goes awry the code tries to get back to the initial
state.
Diffstat (limited to 'src/connman.h')
-rw-r--r-- | src/connman.h | 10 |
1 files changed, 10 insertions, 0 deletions
diff --git a/src/connman.h b/src/connman.h index e09c22e2..e9c774e7 100644 --- a/src/connman.h +++ b/src/connman.h @@ -880,6 +880,16 @@ int __connman_nat_enable(const char *name, const char *address, unsigned char prefixlen); void __connman_nat_disable(const char *name); +struct firewall_context; + +struct firewall_context *__connman_firewall_create(void); +void __connman_firewall_destroy(struct firewall_context *ctx); +int __connman_firewall_add_rule(struct firewall_context *ctx, + const char *table, + const char *chain, + const char *rule_fmt, ...); +int __connman_firewall_enable(struct firewall_context *ctx); +int __connman_firewall_disable(struct firewall_context *ctx); int __connman_firewall_init(void); void __connman_firewall_cleanup(void); |