Show
Ignore:
Timestamp:
08/09/04 19:06:24 (9 years ago)
Author:
alexcv
Message:

Firewall sets rules for all auth servers.

Files:
1 modified

Legend:

Unmodified
Added
Removed

  • trunk/wifidog/src/fw_iptables.c

    r176 r180  
    4646 
    4747extern pthread_mutex_t  client_list_mutex; 
     48extern pthread_mutex_t  config_mutex; 
    4849 
    4950/** 
     
    7778iptables_fw_init(void) 
    7879{ 
    79   s_config *config = config_get_config(); 
     80    s_config *config; 
     81    t_auth_serv *auth_server; 
     82    
     83    config = config_get_config(); 
    8084    fw_quiet = 0; 
     85     
    8186    iptables_do_command("-t nat -N " TABLE_WIFIDOG_VALIDATE); 
    8287    iptables_do_command("-t nat -A " TABLE_WIFIDOG_VALIDATE " -d %s -j ACCEPT", config->gw_address); 
    83     iptables_do_command("-t nat -A " TABLE_WIFIDOG_VALIDATE " -d %s -j ACCEPT", config->auth_servers->authserv_hostname); 
     88 
     89    pthread_mutex_lock(&config_mutex); 
     90     
     91    for (auth_server = config->auth_servers; auth_server != NULL; 
     92                    auth_server = auth_server->next) { 
     93        iptables_do_command("-t nat -A " TABLE_WIFIDOG_VALIDATE " -d %s -j ACCEPT", auth_server->authserv_hostname); 
     94    } 
     95     
     96    pthread_mutex_unlock(&config_mutex); 
     97     
    8498    iptables_do_command("-t nat -A " TABLE_WIFIDOG_VALIDATE " -p udp --dport 67 -j ACCEPT"); 
    8599    iptables_do_command("-t nat -A " TABLE_WIFIDOG_VALIDATE " -p tcp --dport 67 -j ACCEPT"); 
     
    97111    iptables_do_command("-t nat -N " TABLE_WIFIDOG_UNKNOWN); 
    98112    iptables_do_command("-t nat -A " TABLE_WIFIDOG_UNKNOWN " -d %s -j ACCEPT", config->gw_address); 
    99     iptables_do_command("-t nat -A " TABLE_WIFIDOG_UNKNOWN " -d %s -j ACCEPT", config->auth_servers->authserv_hostname); 
     113 
     114    pthread_mutex_lock(&config_mutex); 
     115     
     116    for (auth_server = config->auth_servers; auth_server != NULL; 
     117                    auth_server = auth_server->next) { 
     118        iptables_do_command("-t nat -A " TABLE_WIFIDOG_UNKNOWN " -d %s -j ACCEPT", auth_server->authserv_hostname); 
     119    } 
     120 
     121    pthread_mutex_unlock(&config_mutex); 
     122 
    100123    iptables_do_command("-t nat -A " TABLE_WIFIDOG_UNKNOWN " -p udp --dport 67 -j ACCEPT"); 
    101124    iptables_do_command("-t nat -A " TABLE_WIFIDOG_UNKNOWN " -p tcp --dport 67 -j ACCEPT");