summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorjow <jow@3c298f89-4303-0410-b956-a3cf2f4a3e73>2013-02-17 19:26:52 +0000
committerjow <jow@3c298f89-4303-0410-b956-a3cf2f4a3e73>2013-02-17 19:26:52 +0000
commit1243445314586718395f39efd605808fe001b5ca (patch)
treebc271d531ccba42e3c952886e86f7e70a244d7f5
parent9bb2a18ead3153d57a4e3ef169c04315a6b171fa (diff)
firewall3 - a C implementation of the current firewall scripts
git-svn-id: svn://svn.openwrt.org/openwrt/trunk@35643 3c298f89-4303-0410-b956-a3cf2f4a3e73
-rw-r--r--package/network/config/firewall3/Makefile45
-rw-r--r--package/network/config/firewall3/files/firewall.hotplug8
-rwxr-xr-xpackage/network/config/firewall3/files/firewall.init17
3 files changed, 70 insertions, 0 deletions
diff --git a/package/network/config/firewall3/Makefile b/package/network/config/firewall3/Makefile
new file mode 100644
index 0000000000..063e554677
--- /dev/null
+++ b/package/network/config/firewall3/Makefile
@@ -0,0 +1,45 @@
+#
+# Copyright (C) 2013 OpenWrt.org
+#
+# This is free software, licensed under the GNU General Public License v2.
+# See /LICENSE for more information.
+#
+
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=firewall3
+PKG_VERSION:=2013-02-17
+PKG_RELEASE:=$(PKG_SOURCE_VERSION)
+
+PKG_SOURCE_PROTO:=git
+PKG_SOURCE_URL:=git://nbd.name/firewall3.git
+PKG_SOURCE_SUBDIR:=$(PKG_NAME)-$(PKG_VERSION)
+PKG_SOURCE_VERSION:=a32e331a11034403df2e26807df9195435b6fb8a
+PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.gz
+PKG_MAINTAINER:=Jo-Philipp Wich <jow@openwrt.org>
+
+
+include $(INCLUDE_DIR)/package.mk
+include $(INCLUDE_DIR)/cmake.mk
+
+define Package/firewall3
+ SECTION:=net
+ CATEGORY:=Network
+ TITLE:=UCI C Firewall
+ DEPENDS:=+libubox +libubus +libuci
+endef
+
+define Package/firewall3/description
+ This package provides a config-compatible C implementation of the UCI firewall.
+endef
+
+define Package/firewall3/install
+ $(INSTALL_DIR) $(1)/sbin
+ $(INSTALL_BIN) $(PKG_BUILD_DIR)/firewall3 $(1)/sbin/fw3
+ $(INSTALL_DIR) $(1)/etc/init.d
+ $(INSTALL_BIN) ./files/firewall.init $(1)/etc/init.d/firewall
+ $(INSTALL_DIR) $(1)/etc/hotplug.d/iface
+ $(INSTALL_DATA) ./files/firewall.hotplug $(1)/etc/hotplug.d/iface/20-firewall
+endef
+
+$(eval $(call BuildPackage,firewall3))
diff --git a/package/network/config/firewall3/files/firewall.hotplug b/package/network/config/firewall3/files/firewall.hotplug
new file mode 100644
index 0000000000..a173b130bf
--- /dev/null
+++ b/package/network/config/firewall3/files/firewall.hotplug
@@ -0,0 +1,8 @@
+#!/bin/sh
+
+[ "$ACTION" = ifup ] || exit 0
+
+fw3 -q network "$INTERFACE" >/dev/null || exit 0
+
+logger -t firewall "Restarting firewall due to ifup of $INTERFACE ($DEVICE)"
+fw3 -q restart
diff --git a/package/network/config/firewall3/files/firewall.init b/package/network/config/firewall3/files/firewall.init
new file mode 100755
index 0000000000..bddbadd880
--- /dev/null
+++ b/package/network/config/firewall3/files/firewall.init
@@ -0,0 +1,17 @@
+#!/bin/sh /etc/rc.common
+
+START=19
+
+boot() {
+ # Be silent on boot, firewall might be started by hotplug already,
+ # so don't complain in syslog.
+ fw3 -q start
+}
+
+start() {
+ fw3 start
+}
+
+stop() {
+ fw3 stop
+}