- defer firewall start until the first interface is brought up by hotplug, fixes race conditions on slow devices
- create a file lock during firewall start and wait for it in hotplug events, prevents race conditions between start and addif
- start firewall actions in background from hotplug handler since the firewall itself fires further hotplug events which results in a deadlock if not forked off
- get loaded state direcly from the uci binary since updated value is not recognized by config_get after uci_set_state
- bump package revision to r2
SVN-Revision: 21486
PKG_NAME:=firewall
PKG_VERSION:=2
-PKG_RELEASE:=1
+PKG_RELEASE:=2
include $(INCLUDE_DIR)/package.mk
. /lib/firewall/core.sh
fw_init
-fw_is_loaded || exit 0
+
+# Wait for firewall if startup is in progress
+lock -w /var/lock/firewall.start
case "$ACTION" in
ifup)
- fw_configure_interface "$INTERFACE" add "$DEVICE" ;;
+ fw_is_loaded && {
+ fw_configure_interface "$INTERFACE" add "$DEVICE" &
+ } || {
+ /etc/init.d/firewall enabled && fw_start &
+ }
+ ;;
ifdown)
- fw_configure_interface "$INTERFACE" del "$DEVICE" ;;
+ fw_is_loaded && fw_configure_interface "$INTERFACE" del "$DEVICE" &
+ ;;
esac
+
fw_$1
}
+boot() { :; }
+
start() {
fw start
}
fw_start() {
fw_init
+ lock /var/lock/firewall.start
+
FW_DEFAULTS_APPLIED=
fw_is_loaded && {
fw_callback post core
uci_set_state firewall core loaded 1
+
+ lock -u /var/lock/firewall.start
}
fw_stop() {
}
fw_is_loaded() {
- local bool
- config_get_bool bool core loaded 0
- return $((! $bool))
+ local bool=$(uci -q -P /var/state get firewall.core.loaded)
+ return $((! ${bool:-0}))
}
projects / openwrt / svn-archive / archive.git / commitdiff