From: blogic Date: Tue, 18 Feb 2014 13:33:47 +0000 (+0000) Subject: firewall3: update init.d script to make use of procd X-Git-Tag: fast2504n-3.10.28-merged~41 X-Git-Url: https://git.enpas.org/?a=commitdiff_plain;h=0de46dae40a25acecc1ba0bf905341d074ea30d1;p=openwrt.git firewall3: update init.d script to make use of procd add validation data Signed-off-by: John Crispin git-svn-id: svn://svn.openwrt.org/openwrt/trunk@39617 3c298f89-4303-0410-b956-a3cf2f4a3e73 --- diff --git a/package/network/config/firewall/files/firewall.init b/package/network/config/firewall/files/firewall.init index 64e3a8c12b..8abbf68254 100755 --- a/package/network/config/firewall/files/firewall.init +++ b/package/network/config/firewall/files/firewall.init @@ -1,25 +1,65 @@ #!/bin/sh /etc/rc.common START=19 +USE_PROCD=1 +QUIET="" -boot() { - # Be silent on boot, firewall might be started by hotplug already, - # so don't complain in syslog. - fw3 -q start +validate_firewall_redirect() +{ + uci_validate_section firewall redirect "${1}" \ + 'proto:or("tcp", "udp", "tcpudp")' \ + 'src:string' \ + 'src_ip:ipaddr' \ + 'src_dport:string' \ + 'dest:string' \ + 'dest_ip:ipaddr' \ + 'dest_port:string' \ + 'target:or("SNAT", "DNAT")' + + return $? } -start() { - fw3 start +validate_firewall_rule() +{ + uci_validate_section firewall rule "${1}" \ + 'proto:string' \ + 'src:string' \ + 'dest:string' \ + 'src_port:string' \ + 'dest_port:string' \ + 'target:string' + + return $? } -stop() { - fw3 flush +service_triggers() { + procd_add_reload_trigger firewall + + procd_open_validate + validate_firewall_redirect + validate_firewall_rule + procd_close_validate } restart() { fw3 restart } -reload() { +start_service() { + fw3 ${QUIET} start +} + +stop_service() { + fw3 flush +} + +reload_service() { fw3 reload } + +boot() { + # Be silent on boot, firewall might be started by hotplug already, + # so don't complain in syslog. + QUIET=1 + start +}