diff options
| author | Kaarle Ritvanen <kaarle.ritvanen@datakunkku.fi> | 2020-02-08 20:46:13 +0200 |
|---|---|---|
| committer | Kaarle Ritvanen <kaarle.ritvanen@datakunkku.fi> | 2020-02-08 20:46:13 +0200 |
| commit | 2b53b6eb971b0feeb8b40c99b5731596448f211e (patch) | |
| tree | 004e25e64be1b3f908b7ce0b5bb59513ea2dfc93 | |
| parent | 1b24c7d33729de43f2b5e76e47c76a94ce657a54 (diff) | |
| download | awall-2b53b6eb971b0feeb8b40c99b5731596448f211e.tar.bz2 awall-2b53b6eb971b0feeb8b40c99b5731596448f211e.tar.xz | |
PartialIPTables.flush: flush only tables known to kernelv1.7.1
| -rw-r--r-- | awall/iptables.lua | 42 |
1 files changed, 22 insertions, 20 deletions
diff --git a/awall/iptables.lua b/awall/iptables.lua index c6d429a..cb19ff8 100644 --- a/awall/iptables.lua +++ b/awall/iptables.lua @@ -170,28 +170,30 @@ end function M.PartialIPTables:flush() for _, family in ipairs(actfamilies()) do local cmd = families[family].cmd - for tbl, _ in pairs(builtin) do - local pid, stdin, stdout = lpc.run(cmd, '-t', tbl, '-S') - stdin:close() - local chains = {} - local rules = {} - for line in stdout:lines() do - if stringy.startswith(line, '-N awall-') then - table.insert(chains, line:sub(4, -1)) - else - local chain, target = line:match('^%-A (%u+) %-j (awall%-%u+)$') - if chain then table.insert(rules, {chain, '-j', target}) end + for tbl in io.lines(families[family].procfile) do + if builtin[tbl] then + local pid, stdin, stdout = lpc.run(cmd, '-t', tbl, '-S') + stdin:close() + local chains = {} + local rules = {} + for line in stdout:lines() do + if stringy.startswith(line, '-N awall-') then + table.insert(chains, line:sub(4, -1)) + else + local chain, target = line:match('^%-A (%u+) %-j (awall%-%u+)$') + if chain then table.insert(rules, {chain, '-j', target}) end + end end - end - stdout:close() - assert(lpc.wait(pid) == 0) + stdout:close() + assert(lpc.wait(pid) == 0) - local function exec(...) - assert(util.execute(cmd, '-t', tbl, table.unpack{...}) == 0) - end - for _, rule in ipairs(rules) do exec('-D', table.unpack(rule)) end - for _, opt in ipairs{'-F', '-X'} do - for _, chain in ipairs(chains) do exec(opt, chain) end + local function exec(...) + assert(util.execute(cmd, '-t', tbl, table.unpack{...}) == 0) + end + for _, rule in ipairs(rules) do exec('-D', table.unpack(rule)) end + for _, opt in ipairs{'-F', '-X'} do + for _, chain in ipairs(chains) do exec(opt, chain) end + end end end end |