[OpenWrt-Devel] [PATCH] load running state after lock is acquired
Alin Nastac
alin.nastac at gmail.com
Fri Apr 29 09:00:01 EDT 2016
When running "/etc/init.d/firewall reload & fw3 -q restart", the
fw3 instance that handle the reload might try to read the running
state after firewall was stopped by the fw3 instance that does the
restarting. Since a NULL run_state will transform reload operation in
start operation, the resulted iptables chains will contain duplicate
sets of rules.
---
main.c | 13 +++++++++++--
1 file changed, 11 insertions(+), 2 deletions(-)
diff --git a/main.c b/main.c
index b953020..241da62 100644
--- a/main.c
+++ b/main.c
@@ -546,7 +546,6 @@ int main(int argc, char **argv)
}
build_state(false);
- build_state(true);
defs = &cfg_state->defaults;
if (optind >= argc)
@@ -577,12 +576,18 @@ int main(int argc, char **argv)
print_family = family;
fw3_pr_debug = true;
- rv = start();
+ if (fw3_lock())
+ {
+ build_state(true);
+ rv = start();
+ fw3_unlock();
+ }
}
else if (!strcmp(argv[optind], "start"))
{
if (fw3_lock())
{
+ build_state(true);
rv = start();
fw3_unlock();
}
@@ -591,6 +596,7 @@ int main(int argc, char **argv)
{
if (fw3_lock())
{
+ build_state(true);
rv = stop(false);
fw3_unlock();
}
@@ -599,6 +605,7 @@ int main(int argc, char **argv)
{
if (fw3_lock())
{
+ build_state(true);
rv = stop(true);
fw3_unlock();
}
@@ -607,6 +614,7 @@ int main(int argc, char **argv)
{
if (fw3_lock())
{
+ build_state(true);
stop(true);
rv = start();
fw3_unlock();
@@ -616,6 +624,7 @@ int main(int argc, char **argv)
{
if (fw3_lock())
{
+ build_state(true);
rv = reload();
fw3_unlock();
}
--
1.7.12.4
_______________________________________________
openwrt-devel mailing list
openwrt-devel at lists.openwrt.org
https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel
More information about the openwrt-devel
mailing list