@@ -313,38 +313,54 @@ private bool CreateOrUpdateRule(bool drop, int priority, string ruleIP4, string
313313 doc . Load ( zoneFile ) ;
314314
315315 // grab rule for ip4 and ip6
316- if ( doc . SelectSingleNode ( $ "//rule/source[@ipset='{ ruleIP4 } ']") is not XmlElement xmlElement4 )
316+ if ( doc . SelectSingleNode ( $ "//rule/source[@ipset='{ ruleIP4 } ']") is not XmlElement ruleElement4 )
317317 {
318- xmlElement4 = doc . CreateElement ( "rule" ) ;
319- doc . DocumentElement . AppendChild ( xmlElement4 ) ;
318+ ruleElement4 = doc . CreateElement ( "rule" ) ;
319+ doc . DocumentElement . AppendChild ( ruleElement4 ) ;
320320 }
321321 else
322322 {
323- xmlElement4 . IsEmpty = true ;
323+ // go from source to rule element
324+ ruleElement4 = ruleElement4 . ParentNode as XmlElement ;
325+ foreach ( var oldChild in ruleElement4 . ChildNodes )
326+ {
327+ if ( oldChild is XmlElement childElement )
328+ {
329+ ruleElement4 . RemoveChild ( childElement ) ;
330+ }
331+ }
324332 }
325- if ( doc . SelectSingleNode ( $ "//rule/source[@ipset='{ ruleIP6 } ']") is not XmlElement xmlElement6 )
333+ if ( doc . SelectSingleNode ( $ "//rule/source[@ipset='{ ruleIP6 } ']") is not XmlElement ruleElement6 )
326334 {
327- xmlElement6 = doc . CreateElement ( "rule" ) ;
328- doc . DocumentElement . AppendChild ( xmlElement6 ) ;
335+ ruleElement6 = doc . CreateElement ( "rule" ) ;
336+ doc . DocumentElement . AppendChild ( ruleElement6 ) ;
329337 }
330338 else
331339 {
332- xmlElement6 . IsEmpty = true ;
340+ // go from source to rule element
341+ ruleElement6 = ruleElement6 . ParentNode as XmlElement ;
342+ foreach ( var oldChild in ruleElement6 . ChildNodes )
343+ {
344+ if ( oldChild is XmlElement childElement )
345+ {
346+ ruleElement6 . RemoveChild ( childElement ) ;
347+ }
348+ }
333349 }
334350
335351 // assign rule attributes
336352 var action = drop ? "drop" : "accept" ;
337353 var priorityString = priority . ToString ( ) ;
338- xmlElement4 . SetAttribute ( "priority" , priorityString ) ;
339- xmlElement6 . SetAttribute ( "priority" , priorityString ) ;
354+ ruleElement4 . SetAttribute ( "priority" , priorityString ) ;
355+ ruleElement6 . SetAttribute ( "priority" , priorityString ) ;
340356
341357 // create and add source element
342358 var source4 = doc . CreateElement ( "source" ) ;
343359 source4 . SetAttribute ( "ipset" , ruleIP4 ) ;
344360 var source6 = doc . CreateElement ( "source" ) ;
345361 source6 . SetAttribute ( "ipset" , ruleIP6 ) ;
346- xmlElement4 . AppendChild ( source4 ) ;
347- xmlElement6 . AppendChild ( source6 ) ;
362+ ruleElement4 . AppendChild ( source4 ) ;
363+ ruleElement6 . AppendChild ( source6 ) ;
348364
349365 // create and add port elements for each port entry
350366 var ports = allowedPorts ;
@@ -362,8 +378,8 @@ private bool CreateOrUpdateRule(bool drop, int priority, string ruleIP4, string
362378 var port6 = doc . CreateElement ( "port" ) ;
363379 port6 . SetAttribute ( "port" , port . ToString ( ) ) ;
364380 port6 . SetAttribute ( "protocol" , "tcp" ) ;
365- xmlElement4 . AppendChild ( port4 ) ;
366- xmlElement6 . AppendChild ( port6 ) ;
381+ ruleElement4 . AppendChild ( port4 ) ;
382+ ruleElement6 . AppendChild ( port6 ) ;
367383 }
368384 }
369385
@@ -372,15 +388,15 @@ private bool CreateOrUpdateRule(bool drop, int priority, string ruleIP4, string
372388 {
373389 var drop4 = doc . CreateElement ( "drop" ) ;
374390 var drop6 = doc . CreateElement ( "drop" ) ;
375- xmlElement4 . AppendChild ( drop4 ) ;
376- xmlElement6 . AppendChild ( drop6 ) ;
391+ ruleElement4 . AppendChild ( drop4 ) ;
392+ ruleElement6 . AppendChild ( drop6 ) ;
377393 }
378394 else
379395 {
380396 var accept4 = doc . CreateElement ( "accept" ) ;
381397 var accept6 = doc . CreateElement ( "accept" ) ;
382- xmlElement4 . AppendChild ( accept4 ) ;
383- xmlElement6 . AppendChild ( accept6 ) ;
398+ ruleElement4 . AppendChild ( accept4 ) ;
399+ ruleElement6 . AppendChild ( accept6 ) ;
384400 }
385401
386402 // write the zone file back out and reload the firewall
0 commit comments