rules.pl: Use new load_set() function to load a given set name

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>

diff --git a/config/firewall/rules.pl b/config/firewall/rules.pl
index 3350e7eb0bb1e469323573cd47ad31d9d99c4c89..273175ae5454dcd5d86c69f4ec017dd7241253b3 100644 (file)
--- a/config/firewall/rules.pl
+++ b/config/firewall/rules.pl
@@ -440,15 +440,7 @@ sub buildrules {
 
                                                # Call function to load the networks list for this country,
                                                # in case it is not loaded yet.
-                                               unless($ipset_loaded_sets{$loc_src}) {
-                                                       # Print debug notice.
-                                                       print "Loading set $loc_src\n" if ($DEBUG);
-
-                                                       &Location::Functions::load_location($loc_src);
-
-                                                       # Mark the set as loaded.
-                                                       $ipset_loaded_sets{$loc_src} = "1";
-                                               }
+                                               &load_set($loc_src);
 
                                                push(@source_options, $source);
                                        } elsif($source) {
@@ -464,15 +456,7 @@ sub buildrules {
 
                                                # Call function to load the networks list for this country,
                                                # if it is not loaded yet.
-                                               unless($ipset_loaded_sets{$loc_dst}) {
-                                                       # Print debug notice.
-                                                       print "Loading set $loc_dst\n" if ($DEBUG);
-
-                                                       &Location::Functions::load_location($loc_dst);
-
-                                                       # Mark the set as loaded.
-                                                       $ipset_loaded_sets{$loc_dst} = "1";
-                                               }
+                                               &load_set($loc_dst);
 
                                                push(@destination_options,  $destination);
                                        } elsif ($destination) {
@@ -719,17 +703,8 @@ sub locationblock {
        # is enabled.
        foreach my $location (@locations) {
                if(exists $locationsettings{$location} && $locationsettings{$location} eq "on") {
-                       # Call function to load the networks list for this country, if not
-                       # loaded yet.
-                       unless($ipset_loaded_sets{$location}) {
-                               # Print debug notice.
-                               print "Loading set $location\n" if ($DEBUG);
-
-                               &Location::Functions::load_location($location);
-
-                               # Mark the set as loaded.
-                               $ipset_loaded_sets{$location} = "1";
-                       }
+                       # Call function to load the networks list for this country.
+                       &load_set($location);
 
                        # Call iptables and create rule to use the loaded ipset list.
                        run("$IPTABLES -A LOCATIONBLOCK -m set --match-set $location src -j DROP");
@@ -751,15 +726,7 @@ sub drop_hostile_networks () {
        return unless($RED_DEV);
 
        # Call function to load the network list of hostile networks, if not loaded yet.
-       unless ($ipset_loaded_sets{$HOSTILE_CCODE}) {
-               # Print debug notice.
-               print "Loading set $HOSTILE_CCODE\n" if ($DEBUG);
-
-               &Location::Functions::load_location($HOSTILE_CCODE);
-
-               # Mark the set as loaded.
-               $ipset_loaded_sets{$HOSTILE_CCODE} = "1";
-       }
+       &load_set($HOSTILE_CCODE);
 
        # Check traffic in incoming/outgoing direction and drop if it matches
        run("$IPTABLES -A HOSTILE -i $RED_DEV -m set --match-set $HOSTILE_CCODE src -j HOSTILE_DROP");