Hi,
I'm working on adding some firewall rules using the UCI C API, and see that randomly, my rules are not deleted although uci_delete, uci_save and uci_commit all returns UCI_OK.
I have to fetch again the UCI entries not deleted and delete them again in a loop, until all of them are effectively deleted.
Am I doing something wrong ?
Thanks.
Hi there,
Could you please share small snippet of the code where you do the deletion.
Thanks
Sure !
if (!(option_copy = strdup(option))) {
return UCI_ERR_MEM;
}
struct uci_ptr ptr = {0};
if ((ret = uci_lookup_ptr(ctx, &ptr, option_copy, true)) != UCI_OK) {
UCI_LOG_ERR("failed uci_lookup_ptr %s", option);
} else if ((ret = uci_delete(ctx, &ptr)) != UCI_OK) {
UCI_LOG_ERR("failed uci_delete %s", option);
} else if ((ret = uci_save(ctx, ptr.p)) != UCI_OK) {
UCI_LOG_ERR("failed uci_save %s", option);
}
free(option_copy);
return ret;
And here's a log output showing that I have to delete 3 times the same b.net rule before it disappears:
update_blacklist []
hosts to delete: [a.com b.net c.org]
sections to delete: [cfg1392bd cfg1292bd cfg1092bd]
delete existing rule firewall.cfg1392bd for host a.com
delete existing rule firewall.cfg1292bd for host b.net
delete existing rule firewall.cfg1092bd for host c.org
commit deleted rule
hosts to delete: [b.net]
sections to delete: [cfg1192bd]
delete existing rule firewall.cfg1192bd for host b.net
commit deleted rule
hosts to delete: [b.net]
sections to delete: [cfg1092bd]
delete existing rule firewall.cfg1092bd for host b.net
commit deleted rule
succesfully [ /etc/init.d/firewall restart ]
blacklist updated
Got the answer: We must reload a package when adding a new section, like it is done in the cli.
This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.