firewall3: update init.d script to make use of procd

add validation data

Signed-off-by: John Crispin <blogic@openwrt.org>
SVN-Revision: 39617

diff --git a/package/network/config/firewall/files/firewall.init b/package/network/config/firewall/files/firewall.init
index 64e3a8c12ba864bfd9b9f07e98687df84c41122d..8abbf68254933b47f03e8eb6f881f9353c5dd659 100755 (executable)
--- a/package/network/config/firewall/files/firewall.init
+++ b/package/network/config/firewall/files/firewall.init
@@ -1,25 +1,65 @@
 #!/bin/sh /etc/rc.common
 
 START=19
+USE_PROCD=1
+QUIET=""
 
-boot() {
-       # Be silent on boot, firewall might be started by hotplug already,
-       # so don't complain in syslog.
-       fw3 -q start
+validate_firewall_redirect()
+{
+       uci_validate_section firewall redirect "${1}" \
+               'proto:or("tcp", "udp", "tcpudp")' \
+               'src:string' \
+               'src_ip:ipaddr' \
+               'src_dport:string' \
+               'dest:string' \
+               'dest_ip:ipaddr' \
+               'dest_port:string' \
+               'target:or("SNAT", "DNAT")'
+       
+       return $?
 }
 
-start() {
-       fw3 start
+validate_firewall_rule()
+{
+       uci_validate_section firewall rule "${1}" \
+               'proto:string' \
+               'src:string' \
+               'dest:string' \
+               'src_port:string' \
+               'dest_port:string' \
+               'target:string'
+       
+       return $?
 }
 
-stop() {
-       fw3 flush
+service_triggers() {
+       procd_add_reload_trigger firewall       
+
+       procd_open_validate
+       validate_firewall_redirect
+       validate_firewall_rule
+       procd_close_validate
 }
 
 restart() {
        fw3 restart
 }
 
-reload() {
+start_service() {
+       fw3 ${QUIET} start
+}
+
+stop_service() {
+       fw3 flush
+}
+
+reload_service() {
        fw3 reload
 }
+
+boot() {
+       # Be silent on boot, firewall might be started by hotplug already,
+       # so don't complain in syslog.
+       QUIET=1
+       start
+}