don't drop all incoming connections if wan_ifname is not set
authorFelix Fietkau <nbd@openwrt.org>
Thu, 27 Apr 2006 14:55:04 +0000 (14:55 +0000)
committerFelix Fietkau <nbd@openwrt.org>
Thu, 27 Apr 2006 14:55:04 +0000 (14:55 +0000)
SVN-Revision: 3709

openwrt/package/iptables/files/firewall.init

index 3804d044f89fc90b62df60894bf056c091d4f483..a7cde95b5fd37862a799a2b8217b5568bb97226f 100755 (executable)
@@ -34,7 +34,7 @@ iptables -t nat -N postrouting_rule
   iptables -A INPUT -j input_rule
 
   # allow
-  [ -z "$WAN" ] || iptables -A INPUT -i \! $WAN        -j ACCEPT       # allow from lan/wifi interfaces 
+  iptables -A INPUT ${WAN:+-i \! $WAN} -j ACCEPT       # allow from all interfaces except for wan
   iptables -A INPUT -p icmp    -j ACCEPT       # allow ICMP
   iptables -A INPUT -p gre     -j ACCEPT       # allow GRE