[8.09] merge r17580, r17581 and r17582
[openwrt/svn-archive/archive.git] / package / firewall / files / 20-firewall
1 . /lib/firewall/uci_firewall.sh
2 unset ZONE
3 config_get ifname $INTERFACE ifname
4 [ "$ifname" == "lo" ] && exit 0
5
6 load_zones() {
7 local name
8 local network
9 config_get name $1 name
10 config_get network $1 network
11 [ -z "$network" ] && network=$name
12 for n in $network; do
13 [ "$n" = "$INTERFACE" ] && ZONE="$ZONE $name"
14 done
15 }
16
17 config_foreach load_zones zone
18
19 [ -z "$ZONE" ] && exit 0
20
21 [ ifup = "$ACTION" ] && {
22 for z in $ZONE; do
23 local loaded
24 config_get loaded core loaded
25 [ -n "$loaded" ] && addif "$INTERFACE" "$ifname" "$z"
26 done
27 }
28
29 [ ifdown = "$ACTION" ] && {
30 local up
31 config_get up "$INTERFACE" up
32
33 for z in $ZONE; do
34 [ "$up" == "1" ] && delif "$INTERFACE" "$ifname" "$z"
35 done
36 }