package/network/config/firewall/files/firewall.init

   1 #!/bin/sh /etc/rc.common
   2
   3 START=19
   4 USE_PROCD=1
   5 QUIET=""
   6
   7 validate_firewall_redirect()
   8 {
   9         uci_validate_section firewall redirect "${1}" \
  10                 'proto:or("tcp", "udp", "tcpudp")' \
  11                 'src:string' \
  12                 'src_ip:ipaddr' \
  13                 'src_dport:string' \
  14                 'dest:string' \
  15                 'dest_ip:ipaddr' \
  16                 'dest_port:string' \
  17                 'target:or("SNAT", "DNAT")'
  18
  19         return $?
  20 }
  21
  22 validate_firewall_rule()
  23 {
  24         uci_validate_section firewall rule "${1}" \
  25                 'proto:string' \
  26                 'src:string' \
  27                 'dest:string' \
  28                 'src_port:string' \
  29                 'dest_port:string' \
  30                 'target:string'
  31
  32         return $?
  33 }
  34
  35 service_triggers() {
  36         procd_add_reload_trigger firewall
  37
  38         procd_open_validate
  39         validate_firewall_redirect
  40         validate_firewall_rule
  41         procd_close_validate
  42 }
  43
  44 restart() {
  45         fw3 restart
  46 }
  47
  48 start_service() {
  49         fw3 ${QUIET} start
  50 }
  51
  52 stop_service() {
  53         fw3 flush
  54 }
  55
  56 reload_service() {
  57         fw3 reload
  58 }
  59
  60 boot() {
  61         # Be silent on boot, firewall might be started by hotplug already,
  62         # so don't complain in syslog.
  63         QUIET=1
  64         start
  65 }