Merge pull request #8319 from brianjmurrell/shorewall-iface-update

[feed/packages.git] / net / shorewall-lite / files / hotplug_iface

diff --git a/net/shorewall-lite/files/hotplug_iface b/net/shorewall-lite/files/hotplug_iface
index 90ed80c8c5c2c8b2370db055f3934c2754a88cff..367cea6f48e000e96fb4624825b52b9d34980bd1 100644 (file)
--- a/net/shorewall-lite/files/hotplug_iface
+++ b/net/shorewall-lite/files/hotplug_iface
@@ -1,13 +1,19 @@
 #!/bin/sh
 
-# should restart shorewall when an interface comes up
+DEVICE=${DEVICE:-$(/sbin/uci -p /var/state get network."$INTERFACE".ifname)}
 
 case "$ACTION" in
     ifup)
-        /etc/init.d/shorewall-lite restart
+        if [ "$INTERFACE" = "lan" ]; then
+            /usr/sbin/shorewall -l start
+       elif [ "${INTERFACE:0:3}" = "wan" ] &&
+             [ "${INTERFACE:$((${#INTERFACE}-2)):2}" != "_6" ]; then
+           /etc/shorewall-lite/state/firewall enable "$DEVICE"
+       fi
         ;;
     ifdown)
-        # might need to restore some routing
-        /etc/init.d/shorewall-lite restart
+       if [ "${INTERFACE:0:3}" = "wan" ]; then
+           /etc/shorewall-lite/state/firewall disable "$DEVICE"
+       fi
         ;;
-esac
\ No newline at end of file
+esac