Committer: Miika Komu <miika@xxxxxx> Date: Mon Feb 08 21:17:05 2010 +0200 Revision: 3558 Revision-id: miika@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx Branch nick: trunk Log: Missing a function to system-based opp mode, fixed. Modified: M firewall/firewall_control.c M firewall/sysopp.c M firewall/sysopp.h === modified file 'firewall/firewall_control.c' --- firewall/firewall_control.c 2010-02-08 17:56:56 +0000 +++ firewall/firewall_control.c 2010-02-08 19:17:05 +0000 @@ -194,9 +194,7 @@ if (system_based_opp_mode) { HIP_DEBUG("Flushing system-based opportunistic mode " \ "iptables chains\n"); -#if 0 hip_fw_flush_system_based_opp_chains(); -#endif } break; case SO_HIP_FIREWALL_STATUS: === modified file 'firewall/sysopp.c' --- firewall/sysopp.c 2010-01-19 09:28:42 +0000 +++ firewall/sysopp.c 2010-02-08 19:17:05 +0000 @@ -7,6 +7,14 @@ #include "lsi.h" #include "common_hipd_msg.h" +void hip_fw_flush_system_based_opp_chains(void) +{ + int err; + + err = system("iptables -F HIPFWOPP-INPUT"); + err = system("iptables -F HIPFWOPP-OUTPUT"); +} + /** * Checks whether a particular hit is one of the local ones. * Goes through all the local hits and compares with the given hit. === modified file 'firewall/sysopp.h' --- firewall/sysopp.h 2010-01-19 09:28:42 +0000 +++ firewall/sysopp.h 2010-02-08 19:17:05 +0000 @@ -6,5 +6,6 @@ int hip_fw_handle_outgoing_system_based_opp(const hip_fw_context_t *ctx, const int default_verdict); int hip_fw_sys_opp_set_peer_hit(const struct hip_common *msg); +void hip_fw_flush_system_based_opp_chains(void); #endif /* HIP_SYSOPP_H_ */