diff options
| author | Daniel Wagner <daniel.wagner@bmw-carit.de> | 2013-03-19 13:46:25 +0100 |
|---|---|---|
| committer | Patrik Flykt <patrik.flykt@linux.intel.com> | 2013-03-25 13:17:57 +0200 |
| commit | 1cebb9d0088ad62c84743188f20b0e6a856dc9c3 (patch) | |
| tree | 8ede00d8aa57d7780fb59235626e5ed69f1af6bf /src/iptables.c | |
| parent | 9944240ba52d19f04fb4bf468a8524f570e5fa6d (diff) | |
| download | connman-1cebb9d0088ad62c84743188f20b0e6a856dc9c3.tar.gz connman-1cebb9d0088ad62c84743188f20b0e6a856dc9c3.tar.bz2 connman-1cebb9d0088ad62c84743188f20b0e6a856dc9c3.zip | |
iptables: Prepare rule to be inserted or appended
Add a boolean helper to distinguish between insert and append operations.
When chain_head == chain_tail->prev, the builtin chain is empty which makes
an intended append operation equivalent to an insert operation.
Diffstat (limited to 'src/iptables.c')
| -rw-r--r-- | src/iptables.c | 7 |
1 files changed, 4 insertions, 3 deletions
diff --git a/src/iptables.c b/src/iptables.c index 1fd6c428..0273ac76 100644 --- a/src/iptables.c +++ b/src/iptables.c @@ -768,7 +768,8 @@ static struct ipt_entry *prepare_rule_inclusion(struct connman_iptables *table, struct ipt_ip *ip, const char *chain_name, const char *target_name, struct xtables_target *xt_t, - int *builtin, struct xtables_rule_match *xt_rm) + int *builtin, struct xtables_rule_match *xt_rm, + connman_bool_t insert) { GList *chain_tail, *chain_head; struct ipt_entry *new_entry; @@ -796,7 +797,7 @@ static struct ipt_entry *prepare_rule_inclusion(struct connman_iptables *table, head = chain_head->data; if (head->builtin < 0) *builtin = -1; - else if (chain_head == chain_tail->prev) { + else if (insert == TRUE || chain_head == chain_tail->prev) { *builtin = head->builtin; head->builtin = -1; } @@ -821,7 +822,7 @@ static int iptables_append_rule(struct connman_iptables *table, return -EINVAL; new_entry = prepare_rule_inclusion(table, ip, chain_name, - target_name, xt_t, &builtin, xt_rm); + target_name, xt_t, &builtin, xt_rm, FALSE); if (new_entry == NULL) return -EINVAL; |