From: Daniel Wagner <daniel.wag...@bmw-carit.de> We need to see a bit more in detail what happens when CONNMAN_IPTABLES_DEBUG is not set, for example the removing/flushing during bootup.
Also remove the DBG() from parse_rule_spec() because all callers already have a DBG(). So not much additional information here. --- src/iptables.c | 37 +++++++++++++++++++++++++++---------- 1 file changed, 27 insertions(+), 10 deletions(-) diff --git a/src/iptables.c b/src/iptables.c index 2d3b054..9880130 100644 --- a/src/iptables.c +++ b/src/iptables.c @@ -160,6 +160,7 @@ struct connman_iptables_entry { }; struct connman_iptables { + char *name; int ipt_sock; struct ipt_getinfo *info; @@ -521,6 +522,8 @@ static int iptables_flush_chain(struct connman_iptables *table, struct connman_iptables_entry *entry; int builtin, removed = 0; + DBG("table %s chain %s", table->name, name); + chain_head = find_chain_head(table, name); if (chain_head == NULL) return -EINVAL; @@ -585,6 +588,8 @@ static int iptables_add_chain(struct connman_iptables *table, struct ipt_standard_target *standard; u_int16_t entry_head_size, entry_return_size; + DBG("table %s chain %s", table->name, name); + last = g_list_last(table->entries); /* @@ -652,6 +657,8 @@ static int iptables_delete_chain(struct connman_iptables *table, struct connman_iptables_entry *entry; GList *chain_head, *chain_tail; + DBG("table %s chain %s", table->name, name); + chain_head = find_chain_head(table, name); if (chain_head == NULL) return -EINVAL; @@ -806,6 +813,8 @@ static int iptables_insert_rule(struct connman_iptables *table, int builtin = -1, ret; GList *chain_head; + DBG("table %s chain %s", table->name, chain_name); + chain_head = find_chain_head(table, chain_name); if (chain_head == NULL) return -EINVAL; @@ -996,6 +1005,8 @@ static int iptables_delete_rule(struct connman_iptables *table, GList *chain_head, *chain_tail, *list; int builtin, removed; + DBG("table %s chain %s", table->name, chain_name); + removed = 0; chain_head = find_chain_head(table, chain_name); @@ -1060,6 +1071,8 @@ static int iptables_change_policy(struct connman_iptables *table, struct xt_standard_target *t; int verdict; + DBG("table %s chain %s policy %s", table->name, chain_name, policy); + verdict = target_to_verdict(policy); if (verdict == 0) return -EINVAL; @@ -1370,6 +1383,7 @@ static void table_cleanup(struct connman_iptables *table) } g_list_free(table->entries); + g_free(table->name); g_free(table->info); g_free(table->blob_entries); g_free(table); @@ -1398,10 +1412,6 @@ static struct connman_iptables *iptables_init(const char *table_name) g_free(module); - table = g_hash_table_lookup(table_hash, table_name); - if (table != NULL) - return table; - table = g_try_new0(struct connman_iptables, 1); if (table == NULL) return NULL; @@ -1448,8 +1458,6 @@ static struct connman_iptables *iptables_init(const char *table_name) table->info->underflow, table->blob_entries->size, add_entry, table); - g_hash_table_insert(table_hash, g_strdup(table_name), table); - if (debug_enabled == TRUE) dump_table(table); @@ -1663,7 +1671,18 @@ static struct connman_iptables *pre_load_table(const char *table_name, if (table != NULL) return table; - return iptables_init(table_name); + table = g_hash_table_lookup(table_hash, table_name); + if (table != NULL) + return table; + + table = iptables_init(table_name); + if (table == NULL) + return NULL; + + table->name = g_strdup(table_name); + g_hash_table_replace(table_hash, table->name, table); + + return table; } struct parse_context { @@ -1841,8 +1860,6 @@ static int parse_rule_spec(struct connman_iptables *table, connman_bool_t invert = FALSE; int len, c, err; - DBG(""); - ctx->ip = g_try_new0(struct ipt_ip, 1); if (ctx->ip == NULL) return -ENOMEM; @@ -2263,7 +2280,7 @@ int __connman_iptables_init(void) debug_enabled = TRUE; table_hash = g_hash_table_new_full(g_str_hash, g_str_equal, - g_free, remove_table); + NULL, remove_table); xtables_init_all(&iptables_globals, NFPROTO_IPV4); -- 1.8.1.3.566.gaa39828 _______________________________________________ connman mailing list connman@connman.net http://lists.connman.net/listinfo/connman