-void deleteChainReference(char *chain) {
- char str[STRING_SIZE];
-
- sprintf(str, "/sbin/iptables -D INPUT -j %sINPUT", chain);
- executeCommand(str);
-}
-
-void deleteChain(char *chain) {
- char str[STRING_SIZE];
-
- sprintf(str, "/sbin/iptables -X %sINPUT", chain);
- executeCommand(str);
-}
-
-void deleteAllChains(void) {
- // not an elegant solution, but to avoid timing problems with undeleted chain references
- deleteChainReference(OVPNRED);
- deleteChainReference(OVPNBLUE);
- deleteChainReference(OVPNORANGE);
- flushChain(OVPNRED);
- flushChain(OVPNBLUE);
- flushChain(OVPNORANGE);
- deleteChain(OVPNRED);
- deleteChain(OVPNBLUE);
- deleteChain(OVPNORANGE);
-}
-
-void createChainReference(char *chain) {
- char str[STRING_SIZE];
- sprintf(str, "/sbin/iptables -I INPUT %s -j %sINPUT", "14", chain);
- executeCommand(str);
-}
-
-void createChain(char *chain) {
- char str[STRING_SIZE];
- sprintf(str, "/sbin/iptables -N %sINPUT", chain);
- executeCommand(str);
-}
-
-void createAllChains(void) {
- // create chain and chain references
- if (!strcmp(enableorange, "on")) {
- if (strlen(orangeif)) {
- createChain(OVPNORANGE);
- createChainReference(OVPNORANGE);
- } else {
- fprintf(stderr, "OpenVPN enabled on orange but no orange interface found\n");
- //exit(1);
- }
- }
-
- if (!strcmp(enableblue, "on")) {
- if (strlen(blueif)) {
- createChain(OVPNBLUE);
- createChainReference(OVPNBLUE);
- } else {
- fprintf(stderr, "OpenVPN enabled on blue but no blue interface found\n");
- //exit(1);
- }
- }
-
- if (!strcmp(enablered, "on")) {
- if (strlen(redif)) {
- createChain(OVPNRED);
- createChainReference(OVPNRED);
- } else {
- fprintf(stderr, "OpenVPN enabled on red but no red interface found\n");
- //exit(1);
- }
- }
-}
-