diff options
author | jow <jow@3c298f89-4303-0410-b956-a3cf2f4a3e73> | 2013-02-17 19:26:52 +0000 |
---|---|---|
committer | jow <jow@3c298f89-4303-0410-b956-a3cf2f4a3e73> | 2013-02-17 19:26:52 +0000 |
commit | 1243445314586718395f39efd605808fe001b5ca (patch) | |
tree | bc271d531ccba42e3c952886e86f7e70a244d7f5 | |
parent | 9bb2a18ead3153d57a4e3ef169c04315a6b171fa (diff) |
firewall3 - a C implementation of the current firewall scripts
git-svn-id: svn://svn.openwrt.org/openwrt/trunk@35643 3c298f89-4303-0410-b956-a3cf2f4a3e73
-rw-r--r-- | package/network/config/firewall3/Makefile | 45 | ||||
-rw-r--r-- | package/network/config/firewall3/files/firewall.hotplug | 8 | ||||
-rwxr-xr-x | package/network/config/firewall3/files/firewall.init | 17 |
3 files changed, 70 insertions, 0 deletions
diff --git a/package/network/config/firewall3/Makefile b/package/network/config/firewall3/Makefile new file mode 100644 index 0000000000..063e554677 --- /dev/null +++ b/package/network/config/firewall3/Makefile @@ -0,0 +1,45 @@ +# +# Copyright (C) 2013 OpenWrt.org +# +# This is free software, licensed under the GNU General Public License v2. +# See /LICENSE for more information. +# + +include $(TOPDIR)/rules.mk + +PKG_NAME:=firewall3 +PKG_VERSION:=2013-02-17 +PKG_RELEASE:=$(PKG_SOURCE_VERSION) + +PKG_SOURCE_PROTO:=git +PKG_SOURCE_URL:=git://nbd.name/firewall3.git +PKG_SOURCE_SUBDIR:=$(PKG_NAME)-$(PKG_VERSION) +PKG_SOURCE_VERSION:=a32e331a11034403df2e26807df9195435b6fb8a +PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.gz +PKG_MAINTAINER:=Jo-Philipp Wich <jow@openwrt.org> + + +include $(INCLUDE_DIR)/package.mk +include $(INCLUDE_DIR)/cmake.mk + +define Package/firewall3 + SECTION:=net + CATEGORY:=Network + TITLE:=UCI C Firewall + DEPENDS:=+libubox +libubus +libuci +endef + +define Package/firewall3/description + This package provides a config-compatible C implementation of the UCI firewall. +endef + +define Package/firewall3/install + $(INSTALL_DIR) $(1)/sbin + $(INSTALL_BIN) $(PKG_BUILD_DIR)/firewall3 $(1)/sbin/fw3 + $(INSTALL_DIR) $(1)/etc/init.d + $(INSTALL_BIN) ./files/firewall.init $(1)/etc/init.d/firewall + $(INSTALL_DIR) $(1)/etc/hotplug.d/iface + $(INSTALL_DATA) ./files/firewall.hotplug $(1)/etc/hotplug.d/iface/20-firewall +endef + +$(eval $(call BuildPackage,firewall3)) diff --git a/package/network/config/firewall3/files/firewall.hotplug b/package/network/config/firewall3/files/firewall.hotplug new file mode 100644 index 0000000000..a173b130bf --- /dev/null +++ b/package/network/config/firewall3/files/firewall.hotplug @@ -0,0 +1,8 @@ +#!/bin/sh + +[ "$ACTION" = ifup ] || exit 0 + +fw3 -q network "$INTERFACE" >/dev/null || exit 0 + +logger -t firewall "Restarting firewall due to ifup of $INTERFACE ($DEVICE)" +fw3 -q restart diff --git a/package/network/config/firewall3/files/firewall.init b/package/network/config/firewall3/files/firewall.init new file mode 100755 index 0000000000..bddbadd880 --- /dev/null +++ b/package/network/config/firewall3/files/firewall.init @@ -0,0 +1,17 @@ +#!/bin/sh /etc/rc.common + +START=19 + +boot() { + # Be silent on boot, firewall might be started by hotplug already, + # so don't complain in syslog. + fw3 -q start +} + +start() { + fw3 start +} + +stop() { + fw3 stop +} |