    This commit adds a possibility to set a iptables adding callback
    function for each firewall rule. The adding callback prototype is the
    same as __connman_iptables_append() and __connman_iptables_insert() and
    is defined as connman_iptables_manage_cb_t in connman.h.
    This is used with general, dynamic and tethering rules. With general
    rules the rules are appended to the end. With dynamic and tethering
    rules the rules are inserted on top of the managed chain. The logic
    behind this is that the general rules can be defined as the base rules
    and service specific rules override the general rules.
firewall.c 71.1 KB