2 # Freifunk Firewall addons
7 # Apply advanced settings
11 local tcp_window_scaling
12 local accept_redirects
13 local accept_source_route
15 config_get_bool tcp_ecn
$1 tcp_ecn
1
16 config_get ip_conntrack_max
$1 ip_conntrack_max
17 config_get_bool tcp_westwood
$1 tcp_westwood
0
18 config_get_bool tcp_window_scaling
$1 tcp_window_scaling
1
19 config_get_bool accept_redirects
$1 accept_redirects
0
20 config_get_bool accept_source_route
$1 accept_source_route
0
22 logger
-t firewall.freifunk
"tcp_ecn is $tcp_ecn"
23 logger
-t firewall.freifunk
"tcp_window_scaling is $tcp_window_scaling"
24 logger
-t firewall.freifunk
"accept_redirects is $accept_redirects"
25 logger
-t firewall.freifunk
"accept_source_route is $accept_source_route"
27 sysctl
-w net.ipv4.tcp_ecn
=$tcp_ecn >/dev
/null
28 sysctl
-w net.ipv4.tcp_window_scaling
=$tcp_window_scaling >/dev
/null
29 sysctl
-w net.ipv4.tcp_westwood
=$tcp_westwood >/dev
/null
30 sysctl
-w net.ipv4.ip_conntrack_max
=$ip_conntrack_max >/dev
/null
32 for f
in /proc
/sys
/net
/ipv
4/conf
/*/accept_redirects
; do
33 echo $accept_redirects > $f
36 for f
in /proc
/sys
/net
/ipv
4/conf
/*/accept_source_route
; do
37 echo $accept_source_route > $f
41 config_foreach apply_advanced advanced
45 # Apply fixes for masquerading rules
51 [ -n "$up" ] ||
return 0
52 (ACTION
="ifup" INTERFACE
="$1" .
/etc
/hotplug.d
/iface
/22-firewall-nat-fix )
55 uci_set_state firewall core loaded
1
56 config_foreach fw_addif interface
57 config_foreach apply_nat_fix interface
59 [ -x /etc
/init.d
/luci_splash
] && ( sleep 3; /etc
/init.d
/luci_splash restart
)&
61 [ -x /etc
/init.d
/freifunk-p2pblock
] && /etc
/init.d
/freifunk-p2pblock enabled
&& \
62 ( sleep 3; /etc
/init.d
/freifunk-p2pblock restart
)&