firewall3: update init.d script to make use of procd

add validation data

Signed-off-by: John Crispin <blogic@openwrt.org>

git-svn-id: svn://svn.openwrt.org/openwrt/trunk@39617 3c298f89-4303-0410-b956-a3cf2f4a3e73

1 files changed, 49 insertions, 9 deletions

diff --git a/package/network/config/firewall/files/firewall.init b/package/network/config/firewall/files/firewall.init
index 64e3a8c12b..8abbf68254 100755
--- a/package/network/config/firewall/files/firewall.init
+++ b/package/network/config/firewall/files/firewall.init
@@ -1,25 +1,65 @@
 #!/bin/sh /etc/rc.common
 
 START=19
+USE_PROCD=1
+QUIET=""
 
-boot() {
-	# Be silent on boot, firewall might be started by hotplug already,
-	# so don't complain in syslog.
-	fw3 -q start
+validate_firewall_redirect()
+{
+	uci_validate_section firewall redirect "${1}" \
+		'proto:or("tcp", "udp", "tcpudp")' \
+		'src:string' \
+		'src_ip:ipaddr' \
+		'src_dport:string' \
+		'dest:string' \
+		'dest_ip:ipaddr' \
+		'dest_port:string' \
+		'target:or("SNAT", "DNAT")'
+	
+	return $?
 }
 
-start() {
-	fw3 start
+validate_firewall_rule()
+{
+	uci_validate_section firewall rule "${1}" \
+		'proto:string' \
+		'src:string' \
+		'dest:string' \
+		'src_port:string' \
+		'dest_port:string' \
+		'target:string'
+	
+	return $?
 }
 
-stop() {
-	fw3 flush
+service_triggers() {
+	procd_add_reload_trigger firewall	
+
+	procd_open_validate
+	validate_firewall_redirect
+	validate_firewall_rule
+	procd_close_validate
 }
 
 restart() {
 	fw3 restart
 }
 
-reload() {
+start_service() {
+	fw3 ${QUIET} start
+}
+
+stop_service() {
+	fw3 flush
+}
+
+reload_service() {
 	fw3 reload
 }
+
+boot() {
+	# Be silent on boot, firewall might be started by hotplug already,
+	# so don't complain in syslog.
+	QUIET=1
+	start
+}