[server] Added FLUSH_IPFW_AT_INIT and FLUSH_IPFW_AT_EXIT
authorMichael Rash <mbr@cipherdyne.org>
Sat, 11 Aug 2012 01:48:02 +0000 (21:48 -0400)
committerMichael Rash <mbr@cipherdyne.org>
Sat, 11 Aug 2012 01:48:02 +0000 (21:48 -0400)
commit0af3bd0ee10768f6838aafe9fdc66187e5be9ee4
tree2f008570194581e7a29cf9a321fc15ed22e012fb
parentc6f3fde5371c1be48d8e1bc7e17dde89e19d02fc
[server] Added FLUSH_IPFW_AT_INIT and FLUSH_IPFW_AT_EXIT

Added FLUSH_IPFW_AT_INIT and FLUSH_IPFW_AT_EXIT for ipfw firewalls to emulate
the corresponding functionality that is implemented for iptables firewalls.

Bug fix for ipfw firewalls to ensure that if the ipfw expire set is zero, then
do not disable this set whenever the FLUSH_IPFW* variables are enabled.

These changes were suggested by Jonathan Schulz.
server/cmd_opts.h
server/config_init.c
server/fw_util_ipfw.c
server/fwknopd.conf
server/fwknopd_common.h