diff options
author | Thomas Haller <thaller@redhat.com> | 2022-09-13 19:22:58 +0200 |
---|---|---|
committer | Thomas Haller <thaller@redhat.com> | 2022-09-29 15:22:59 +0200 |
commit | 4dfe52762c44f08010c2578e962cdc673551e19a (patch) | |
tree | 57fa4246ab4a9d2cb4d4929a80afe5822fbef466 | |
parent | c598f0ff0fbbb0b09008c662e5e1f0ebd7bb3932 (diff) | |
download | NetworkManager-4dfe52762c44f08010c2578e962cdc673551e19a.tar.gz |
firewall/trivial: rename "shared"/"add" argument in firewall utils to "up"
(cherry picked from commit e185f7966d4e495578e8f8dec8077527e3c4fe34)
(cherry picked from commit 6fa0068c1e49e00ac3e83ad8398d451fb5d0a59d)
-rw-r--r-- | src/core/nm-firewall-utils.c | 28 | ||||
-rw-r--r-- | src/core/nm-firewall-utils.h | 2 |
2 files changed, 15 insertions, 15 deletions
diff --git a/src/core/nm-firewall-utils.c b/src/core/nm-firewall-utils.c index 1311f50399..1a9ca465be 100644 --- a/src/core/nm-firewall-utils.c +++ b/src/core/nm-firewall-utils.c @@ -171,7 +171,7 @@ _share_iptables_chain_add(const char *table, const char *chain) } static void -_share_iptables_set_masquerade(gboolean add, const char *ip_iface, in_addr_t addr, guint8 plen) +_share_iptables_set_masquerade(gboolean up, const char *ip_iface, in_addr_t addr, guint8 plen) { char str_subnet[_SHARE_IPTABLES_SUBNET_TO_STR_LEN]; gs_free char *comment_name = NULL; @@ -182,7 +182,7 @@ _share_iptables_set_masquerade(gboolean add, const char *ip_iface, in_addr_t add _share_iptables_call("" IPTABLES_PATH "", "--table", "nat", - add ? "--insert" : "--delete", + up ? "--insert" : "--delete", "POSTROUTING", "--source", str_subnet, @@ -310,7 +310,7 @@ _share_iptables_set_shared_chains_delete(const char *chain_input, const char *ch } _nm_unused static void -_share_iptables_set_shared(gboolean add, const char *ip_iface, in_addr_t addr, guint plen) +_share_iptables_set_shared(gboolean up, const char *ip_iface, in_addr_t addr, guint plen) { gs_free char *comment_name = NULL; gs_free char *chain_input = NULL; @@ -320,13 +320,13 @@ _share_iptables_set_shared(gboolean add, const char *ip_iface, in_addr_t addr, g chain_input = _share_iptables_get_name(TRUE, "nm-sh-in", ip_iface); chain_forward = _share_iptables_get_name(TRUE, "nm-sh-fw", ip_iface); - if (add) + if (up) _share_iptables_set_shared_chains_add(chain_input, chain_forward, ip_iface, addr, plen); _share_iptables_call("" IPTABLES_PATH "", "--table", "filter", - add ? "--insert" : "--delete", + up ? "--insert" : "--delete", "INPUT", "--in-interface", ip_iface, @@ -340,7 +340,7 @@ _share_iptables_set_shared(gboolean add, const char *ip_iface, in_addr_t addr, g _share_iptables_call("" IPTABLES_PATH "", "--table", "filter", - add ? "--insert" : "--delete", + up ? "--insert" : "--delete", "FORWARD", "--jump", chain_forward, @@ -349,7 +349,7 @@ _share_iptables_set_shared(gboolean add, const char *ip_iface, in_addr_t addr, g "--comment", comment_name); - if (!add) + if (!up) _share_iptables_set_shared_chains_delete(chain_input, chain_forward); } @@ -599,7 +599,7 @@ _fw_nft_call_sync(GBytes *stdin_buf, GError **error) /*****************************************************************************/ static void -_fw_nft_set(gboolean add, const char *ip_iface, in_addr_t addr, guint8 plen) +_fw_nft_set(gboolean up, const char *ip_iface, in_addr_t addr, guint8 plen) { nm_auto_str_buf NMStrBuf strbuf = NM_STR_BUF_INIT(NM_UTILS_GET_NEXT_REALLOC_SIZE_1000, FALSE); gs_unref_bytes GBytes *stdin_buf = NULL; @@ -614,9 +614,9 @@ _fw_nft_set(gboolean add, const char *ip_iface, in_addr_t addr, guint8 plen) #define _append(p_strbuf, fmt, ...) nm_str_buf_append_printf((p_strbuf), "" fmt "\n", ##__VA_ARGS__) _append(&strbuf, "add table ip %s", table_name); - _append(&strbuf, "%s table ip %s", add ? "flush" : "delete", table_name); + _append(&strbuf, "%s table ip %s", up ? "flush" : "delete", table_name); - if (add) { + if (up) { _append(&strbuf, "add chain ip %s nat_postrouting {" " type nat hook postrouting priority 100; policy accept; " @@ -720,15 +720,15 @@ nm_firewall_config_free(NMFirewallConfig *self) } void -nm_firewall_config_apply(NMFirewallConfig *self, gboolean shared) +nm_firewall_config_apply(NMFirewallConfig *self, gboolean up) { switch (nm_firewall_utils_get_backend()) { case NM_FIREWALL_BACKEND_IPTABLES: - _share_iptables_set_masquerade(shared, self->ip_iface, self->addr, self->plen); - _share_iptables_set_shared(shared, self->ip_iface, self->addr, self->plen); + _share_iptables_set_masquerade(up, self->ip_iface, self->addr, self->plen); + _share_iptables_set_shared(up, self->ip_iface, self->addr, self->plen); break; case NM_FIREWALL_BACKEND_NFTABLES: - _fw_nft_set(shared, self->ip_iface, self->addr, self->plen); + _fw_nft_set(up, self->ip_iface, self->addr, self->plen); break; case NM_FIREWALL_BACKEND_NONE: break; diff --git a/src/core/nm-firewall-utils.h b/src/core/nm-firewall-utils.h index 3d6c8a6962..7ef5222751 100644 --- a/src/core/nm-firewall-utils.h +++ b/src/core/nm-firewall-utils.h @@ -24,6 +24,6 @@ NMFirewallConfig *nm_firewall_config_new(const char *ip_iface, in_addr_t addr, g void nm_firewall_config_free(NMFirewallConfig *self); -void nm_firewall_config_apply(NMFirewallConfig *self, gboolean shared); +void nm_firewall_config_apply(NMFirewallConfig *self, gboolean up); #endif /* __NM_FIREWALL_UTILS_H__ */ |