PKG_NAME:=firewall
PKG_VERSION:=2
-PKG_RELEASE:=2
+PKG_RELEASE:=3
include $(INCLUDE_DIR)/package.mk
# HOTPLUG_TYPE=iface, triggered by various scripts when an interface
# is configured (ACTION=ifup) or deconfigured (ACTION=ifdown). The
# interface is available as INTERFACE, the real device as DEVICE.
-. /etc/functions.sh
[ "$DEVICE" == "lo" ] && exit 0
+. /etc/functions.sh
. /lib/firewall/core.sh
-fw_init
-# Wait for firewall if startup is in progress
-lock -w /var/lock/firewall.start
+fw_init
+fw_is_loaded || exit 0
case "$ACTION" in
ifup)
- fw_is_loaded && {
- fw_configure_interface "$INTERFACE" add "$DEVICE" &
- } || {
- /etc/init.d/firewall enabled && fw_start &
- }
+ fw_configure_interface "$INTERFACE" add "$DEVICE" &
;;
ifdown)
- fw_is_loaded && fw_configure_interface "$INTERFACE" del "$DEVICE" &
+ fw_configure_interface "$INTERFACE" del "$DEVICE" &
;;
esac
-
#!/bin/sh /etc/rc.common
-# Copyright (C) 2008 OpenWrt.org
+# Copyright (C) 2008-2010 OpenWrt.org
START=45
fw_$1
}
-boot() { :; }
-
start() {
fw start
}
exit 1
}
- lock /var/lock/firewall.start
-
uci_set_state firewall core "" firewall_state
fw_clear DROP
fw_callback post core
uci_set_state firewall core loaded 1
-
- lock -u /var/lock/firewall.start
}
fw_stop() {
echo "Error:" "$@" >&2
fw_log error "$@"
fw_stop
- lock -u /var/lock/firewall.start
exit 1
}
local action=$2
local ifname=$3
- local status;
- config_get_bool status "$iface" up "0"
- [ "$status" == 1 ] || return 0
-
- [ -n "$ifname" ] || {
- config_get ifname "$iface" ifname
- ifname=${ifname:-$iface}
+ [ "$action" == "add" ] && {
+ local status=$(uci_get_state network "$iface" up 0)
+ [ "$status" == 1 ] || return 0
}
+
+ [ -n "$ifname" ] || ifname=$(uci_get_state network "$iface" ifname "$iface")
[ "$ifname" == "lo" ] && return 0
fw_callback pre interface
projects / openwrt / svn-archive / archive.git / commitdiff