• Jussi Laakkonen's avatar
    [connman] Dynamic firewall rules for tethering. JB#43927 JB#43928 · b938908e
    Jussi Laakkonen authored
    This commit adds use of dynamic rules for tethering. When tethering is
    enabled notifier calls tethering_changed which firewall.c reacts by
    enabling firewall rules to allow from the tethering interface:
     - Wifi: existing rules set for the group "tethering", all if none set
     - All others (e.g., usb tethering uses gadget type): All traffic
    
    Added a configuration group "tethering" which is identical to any other
    device in the configuration, same rules apply. These rules are enabled
    only for WiFi hotspot and used alone if they have been set. Empty
    "tethering" group rules results in the default rules (all traffic). The
    chain used does not matter, if there is at least only one rule, only
    that one is applied.
    
    If tethering ident is not set, plain "tethering_default" is used as
    identifier to save the firewall context into the dynamic rules.
    
    If tethering firewall cannot be created or enabled tethering is set off
    by calling connman_technology_tethering_notify() that generates a proper
    notification for UI to catch.
    
    Changed to use plain interface name (ifname) when cloning or setting
    interface info instead of struct connman_service. This way same
    functions can be used with other than service state changing notifier
    function. The ifname has to be passed as char* even though it is
    duplicated for each rule that is affected because of glib list traversal
    functions.
    b938908e
Name
Last commit
Last update
..
client Loading commit data...
doc Loading commit data...
gdbus Loading commit data...
gdhcp Loading commit data...
gsupplicant Loading commit data...
gweb Loading commit data...
include Loading commit data...
m4 Loading commit data...
plugins Loading commit data...
scripts Loading commit data...
src Loading commit data...
test Loading commit data...
tools Loading commit data...
unit Loading commit data...
vpn Loading commit data...
.gitignore Loading commit data...
.mailmap Loading commit data...
AUTHORS Loading commit data...
COPYING Loading commit data...
ChangeLog Loading commit data...
HACKING Loading commit data...
INSTALL Loading commit data...
Makefile.am Loading commit data...
Makefile.plugins Loading commit data...
NEWS Loading commit data...
README Loading commit data...
TODO Loading commit data...
acinclude.m4 Loading commit data...
bootstrap Loading commit data...
bootstrap-configure Loading commit data...
configure.ac Loading commit data...
connman.pc.in Loading commit data...