diff options
author | nbd <nbd@3c298f89-4303-0410-b956-a3cf2f4a3e73> | 2009-12-09 14:04:37 +0000 |
---|---|---|
committer | nbd <nbd@3c298f89-4303-0410-b956-a3cf2f4a3e73> | 2009-12-09 14:04:37 +0000 |
commit | 6b2e482b317dd94119a2a8f0b101ebd4c1c07753 (patch) | |
tree | e067fb015a738eceec1a28529c9d67073d008ce0 /package | |
parent | 8f027803a00c75e8608744d2a2f0e5237626f778 (diff) |
firewall: get rid of recursive shell script inclusion to improve hush compatibility
git-svn-id: svn://svn.openwrt.org/openwrt/trunk@18716 3c298f89-4303-0410-b956-a3cf2f4a3e73
Diffstat (limited to 'package')
-rw-r--r-- | package/firewall/files/20-firewall | 33 | ||||
-rwxr-xr-x | package/firewall/files/uci_firewall.sh | 50 |
2 files changed, 46 insertions, 37 deletions
diff --git a/package/firewall/files/20-firewall b/package/firewall/files/20-firewall index 1cfc1b9c0e..4b89326b51 100644 --- a/package/firewall/files/20-firewall +++ b/package/firewall/files/20-firewall @@ -2,35 +2,4 @@ unset ZONE config_get ifname $INTERFACE ifname [ "$ifname" == "lo" ] && exit 0 - -load_zones() { - local name - local network - config_get name $1 name - config_get network $1 network - [ -z "$network" ] && network=$name - for n in $network; do - [ "$n" = "$INTERFACE" ] && ZONE="$ZONE $name" - done -} - -config_foreach load_zones zone - -[ -z "$ZONE" ] && exit 0 - -[ ifup = "$ACTION" ] && { - for z in $ZONE; do - local loaded - config_get loaded core loaded - [ -n "$loaded" ] && addif "$INTERFACE" "$ifname" "$z" - done -} - -[ ifdown = "$ACTION" ] && { - local up - config_get up "$INTERFACE" up - - for z in $ZONE; do - [ "$up" == "1" ] && delif "$INTERFACE" "$ifname" "$z" - done -} +fw_event "$ACTION" "$INTERFACE" diff --git a/package/firewall/files/uci_firewall.sh b/package/firewall/files/uci_firewall.sh index 478b95c931..21485cb5d1 100755 --- a/package/firewall/files/uci_firewall.sh +++ b/package/firewall/files/uci_firewall.sh @@ -402,13 +402,52 @@ fw_include() { [ -e $path ] && . $path } +get_interface_zones() { + local interface="$2" + local name + local network + config_get name $1 name + config_get network $1 network + [ -z "$network" ] && network=$name + for n in $network; do + [ "$n" = "$interface" ] && append add_zone "$name" + done +} + +fw_event() { + local action="$1" + local interface="$2" + local ifname="$(sh -c ". /etc/functions.sh; config_load network; config_get "$interface" ifname")" + local up + + [ -z "$ifname" ] && return 0 + config_foreach get_interface_zones zone "$interface" + [ -z "$add_zone" ] && return 0 + + case "$action" in + ifup) + for z in $add_zone; do + local loaded + config_get loaded core loaded + [ -n "$loaded" ] && addif "$interface" "$ifname" "$z" + done + ;; + ifdown) + config_get up "$interface" up + + for z in $ZONE; do + [ "$up" == "1" ] && delif "$interface" "$ifname" "$z" + done + ;; + esac +} + fw_addif() { local up local ifname config_get up $1 up - config_get ifname $1 ifname [ -n "$up" ] || return 0 - (ACTION="ifup" INTERFACE="$1" . /etc/hotplug.d/iface/20-firewall) + fw_event ifup "$1" } fw_custom_chains() { @@ -465,9 +504,10 @@ fw_init() { config_foreach fw_zone_defaults zone uci_set_state firewall core loaded 1 config_foreach fw_check_notrack zone - unset CONFIG_APPEND - config_load network - config_foreach fw_addif interface + INTERFACES="$(sh -c '. /etc/functions.sh; config_load network; config_foreach echo interface')" + for interface in $INTERFACES; do + fw_addif "$interface" + done } fw_stop() { |