From: Stefan Schantl <stefan.schantl@ipfire.org>
Date: Sat, 15 Apr 2023 13:17:21 +0000 (+0200)
Subject: rules.pl: Use new load_set() function to load a given set name
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=45ab832097f86c67fe0196c533a899568a04e404;p=people%2Fstevee%2Fipfire-2.x.git

rules.pl: Use new load_set() function to load a given set name

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
---

diff --git a/config/firewall/rules.pl b/config/firewall/rules.pl
index 3350e7eb0b..273175ae54 100644
--- a/config/firewall/rules.pl
+++ b/config/firewall/rules.pl
@@ -440,15 +440,7 @@ sub buildrules {
 
 						# Call function to load the networks list for this country,
 						# in case it is not loaded yet.
-						unless($ipset_loaded_sets{$loc_src}) {
-							# Print debug notice.
-							print "Loading set $loc_src\n" if ($DEBUG);
-
-							&Location::Functions::load_location($loc_src);
-
-							# Mark the set as loaded.
-							$ipset_loaded_sets{$loc_src} = "1";
-						}
+						&load_set($loc_src);
 
 						push(@source_options, $source);
 					} elsif($source) {
@@ -464,15 +456,7 @@ sub buildrules {
 
 						# Call function to load the networks list for this country,
 						# if it is not loaded yet.
-						unless($ipset_loaded_sets{$loc_dst}) {
-							# Print debug notice.
-							print "Loading set $loc_dst\n" if ($DEBUG);
-
-							&Location::Functions::load_location($loc_dst);
-
-							# Mark the set as loaded.
-							$ipset_loaded_sets{$loc_dst} = "1";
-						}
+						&load_set($loc_dst);
 
 						push(@destination_options,  $destination);
 					} elsif ($destination) {
@@ -719,17 +703,8 @@ sub locationblock {
 	# is enabled.
 	foreach my $location (@locations) {
 		if(exists $locationsettings{$location} && $locationsettings{$location} eq "on") {
-			# Call function to load the networks list for this country, if not
-			# loaded yet.
-			unless($ipset_loaded_sets{$location}) {
-				# Print debug notice.
-				print "Loading set $location\n" if ($DEBUG);
-
-				&Location::Functions::load_location($location);
-
-				# Mark the set as loaded.
-				$ipset_loaded_sets{$location} = "1";
-			}
+			# Call function to load the networks list for this country.
+			&load_set($location);
 
 			# Call iptables and create rule to use the loaded ipset list.
 			run("$IPTABLES -A LOCATIONBLOCK -m set --match-set $location src -j DROP");
@@ -751,15 +726,7 @@ sub drop_hostile_networks () {
 	return unless($RED_DEV);
 
 	# Call function to load the network list of hostile networks, if not loaded yet.
-	unless ($ipset_loaded_sets{$HOSTILE_CCODE}) {
-		# Print debug notice.
-		print "Loading set $HOSTILE_CCODE\n" if ($DEBUG);
-
-		&Location::Functions::load_location($HOSTILE_CCODE);
-
-		# Mark the set as loaded.
-		$ipset_loaded_sets{$HOSTILE_CCODE} = "1";
-	}
+	&load_set($HOSTILE_CCODE);
 
 	# Check traffic in incoming/outgoing direction and drop if it matches
 	run("$IPTABLES -A HOSTILE -i $RED_DEV -m set --match-set $HOSTILE_CCODE src -j HOSTILE_DROP");