package/firewall/files/20-firewall


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39

. /lib/firewall/uci_firewall.sh
unset ZONE
config_get ifname $INTERFACE ifname
INTERFACE=$ifname
[ "$INTERFACE" == "lo" ] && exit 0
load_zones() {
	local name
	local network
	config_get name $1 name
	config_get network $1 network
	[ -z "$network" ] && network=$name 
	for n in $network; do
		local ifname
		config_get ifname $n ifname
		list_contains ifname $INTERFACE && { 
			list_contains ZONE $name || ZONE="$ZONE $name"
		}
	done
}

config_foreach load_zones zone

[ -z "$ZONE" ] && exit 0

[ ifup = "$ACTION" ] && {
	for z in $ZONE; do 
		local loaded
		config_get loaded core loaded
		[ -n "$loaded" ] && addif $INTERFACE $z
	done
}

[ ifdown = "$ACTION" ] && {
	for z in $ZONE; do 
		local up
		config_get up $z up
		[ "$up" == "1" ] && delif $INTERFACE $z
	done
}