From 49ecc2c9b70c9f80786c256c503b9ab67c59d9b7 Mon Sep 17 00:00:00 2001
From: Stefan Schantl <stefan.schantl@ipfire.org>
Date: Sat, 15 Apr 2023 15:17:21 +0200
Subject: [PATCH] rules.pl: Use new load_set() function to load a given set
 name

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
---
 config/firewall/rules.pl | 43 +++++-----------------------------------
 1 file changed, 5 insertions(+), 38 deletions(-)

diff --git a/config/firewall/rules.pl b/config/firewall/rules.pl
index e0039c068..5b476cb33 100644
--- a/config/firewall/rules.pl
+++ b/config/firewall/rules.pl
@@ -441,15 +441,7 @@ sub buildrules {
 
 						# Call function to load the networks list for this country,
 						# in case it is not loaded yet.
-						unless($ipset_loaded_sets{$loc_src}) {
-							# Print debug notice.
-							print "Loading set $loc_src\n" if ($DEBUG);
-
-							&Location::Functions::load_location($loc_src);
-
-							# Mark the set as loaded.
-							$ipset_loaded_sets{$loc_src} = "1";
-						}
+						&load_set($loc_src);
 
 						push(@source_options, $source);
 					} elsif($source) {
@@ -465,15 +457,7 @@ sub buildrules {
 
 						# Call function to load the networks list for this country,
 						# if it is not loaded yet.
-						unless($ipset_loaded_sets{$loc_dst}) {
-							# Print debug notice.
-							print "Loading set $loc_dst\n" if ($DEBUG);
-
-							&Location::Functions::load_location($loc_dst);
-
-							# Mark the set as loaded.
-							$ipset_loaded_sets{$loc_dst} = "1";
-						}
+						&load_set($loc_dst);
 
 						push(@destination_options,  $destination);
 					} elsif ($destination) {
@@ -720,17 +704,8 @@ sub locationblock {
 	# is enabled.
 	foreach my $location (@locations) {
 		if(exists $locationsettings{$location} && $locationsettings{$location} eq "on") {
-			# Call function to load the networks list for this country, if not
-			# loaded yet.
-			unless($ipset_loaded_sets{$location}) {
-				# Print debug notice.
-				print "Loading set $location\n" if ($DEBUG);
-
-				&Location::Functions::load_location($location);
-
-				# Mark the set as loaded.
-				$ipset_loaded_sets{$location} = "1";
-			}
+			# Call function to load the networks list for this country.
+			&load_set($location);
 
 			# Call iptables and create rule to use the loaded ipset list.
 			run("$IPTABLES -A LOCATIONBLOCK -m set --match-set $location src -j DROP");
@@ -752,15 +727,7 @@ sub drop_hostile_networks () {
 	return unless($RED_DEV);
 
 	# Call function to load the network list of hostile networks, if not loaded yet.
-	unless ($ipset_loaded_sets{$HOSTILE_CCODE}) {
-		# Print debug notice.
-		print "Loading set $HOSTILE_CCODE\n" if ($DEBUG);
-
-		&Location::Functions::load_location($HOSTILE_CCODE);
-
-		# Mark the set as loaded.
-		$ipset_loaded_sets{$HOSTILE_CCODE} = "1";
-	}
+	&load_set($HOSTILE_CCODE);
 
 	# Check traffic in incoming/outgoing direction and drop if it matches
 	run("$IPTABLES -A HOSTILE -i $RED_DEV -m set --match-set $HOSTILE_CCODE src -j HOSTILE_DROP_IN");
-- 
2.39.5