• Jussi Laakkonen's avatar
    [connman] D-Bus method to reload firewall configurations. JB#44071 · 10b56298
    Jussi Laakkonen authored
    This commit adds a D-Bus method "Reload" to net.connman.Firewall
    interface using path "/". With this method call firewall.c is requested
    to load all new configurations from CONFIGDIR/firewall.d/. Access to the
    method is granted for root and privileged.
    The config files must have a firewall.conf suffix and if the file is read
    properly the rules will be taken into use immediatedly. This is done for
    all connected services also, which get the new rules added into their
    firewall and enabled in iptables. If a service is not connected
    (firewall is not enabled) the rules are just added to the end.
    No sorting of rules is done yet. The rules are read in firewall
    configuration file order (alphabetical) only when connman is (re)started.
    This also contains a change to read each firewall configuration file
    into a sorted list. This list is first used to check if the
    configuration file is already used or not. If configuration file is
    already read, it will not be re-read.
firewall.c 63.7 KB