Commit 21dfad1d authored by Jussi Laakkonen's avatar Jussi Laakkonen

[connman] Fix ordering of dynamic and tethering firewall rules. JB#43924

This fixes the ordering of the dynamic and tethering rules in firewall.c
so the rules are setup in proper order in iptables. Rules for the
services (dynamic) and tethering are inserted on top of iptables and
they are thus, processed in order but added in reverse (3 rules, insert
0, insert 1 and insert 2 changed to insert 2, insert 1, insert 0 so rule
order is 0,1,2 in iptables). This changes the sorting in these cases to
be reverse in comparison to appending, which is the default action. When
dynamic or tethering rules are added, a reverse sorting function is

This does not solve the issue of having the rules in improper order when
new rules are added, rules are reloaded and taken into use for an
service that is already on. The order is fixed after the service, e.g.,
WiFi is re-connected.

Changed the 'type' names into more descriptive 'family'. Changed to use
GINT_TO_POINTER in firewall failsafe when iterating chains instead of
const char*.
parent 14d7482c
This diff is collapsed.
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment