firewall3 - a C implementation of the current firewall scripts

SVN-Revision: 35643

diff --git a/package/network/config/firewall3/Makefile b/package/network/config/firewall3/Makefile
new file mode 100644 (file)
index 0000000..063e554
--- /dev/null
+++ b/package/network/config/firewall3/Makefile
@@ -0,0 +1,45 @@
+#
+# Copyright (C) 2013 OpenWrt.org
+#
+# This is free software, licensed under the GNU General Public License v2.
+# See /LICENSE for more information.
+#
+
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=firewall3
+PKG_VERSION:=2013-02-17
+PKG_RELEASE:=$(PKG_SOURCE_VERSION)
+
+PKG_SOURCE_PROTO:=git
+PKG_SOURCE_URL:=git://nbd.name/firewall3.git
+PKG_SOURCE_SUBDIR:=$(PKG_NAME)-$(PKG_VERSION)
+PKG_SOURCE_VERSION:=a32e331a11034403df2e26807df9195435b6fb8a
+PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.gz
+PKG_MAINTAINER:=Jo-Philipp Wich <jow@openwrt.org>
+
+
+include $(INCLUDE_DIR)/package.mk
+include $(INCLUDE_DIR)/cmake.mk
+
+define Package/firewall3
+  SECTION:=net
+  CATEGORY:=Network
+  TITLE:=UCI C Firewall
+  DEPENDS:=+libubox +libubus +libuci
+endef
+
+define Package/firewall3/description
+ This package provides a config-compatible C implementation of the UCI firewall.
+endef
+
+define Package/firewall3/install
+       $(INSTALL_DIR) $(1)/sbin
+       $(INSTALL_BIN) $(PKG_BUILD_DIR)/firewall3 $(1)/sbin/fw3
+       $(INSTALL_DIR) $(1)/etc/init.d
+       $(INSTALL_BIN) ./files/firewall.init $(1)/etc/init.d/firewall
+       $(INSTALL_DIR) $(1)/etc/hotplug.d/iface
+       $(INSTALL_DATA) ./files/firewall.hotplug $(1)/etc/hotplug.d/iface/20-firewall
+endef
+
+$(eval $(call BuildPackage,firewall3))

diff --git a/package/network/config/firewall3/files/firewall.hotplug b/package/network/config/firewall3/files/firewall.hotplug
new file mode 100644 (file)
index 0000000..a173b13
--- /dev/null
+++ b/package/network/config/firewall3/files/firewall.hotplug
@@ -0,0 +1,8 @@
+#!/bin/sh
+
+[ "$ACTION" = ifup ] || exit 0
+
+fw3 -q network "$INTERFACE" >/dev/null || exit 0
+
+logger -t firewall "Restarting firewall due to ifup of $INTERFACE ($DEVICE)"
+fw3 -q restart

diff --git a/package/network/config/firewall3/files/firewall.init b/package/network/config/firewall3/files/firewall.init
new file mode 100755 (executable)
index 0000000..bddbadd
--- /dev/null
+++ b/package/network/config/firewall3/files/firewall.init
@@ -0,0 +1,17 @@
+#!/bin/sh /etc/rc.common
+
+START=19
+
+boot() {
+       # Be silent on boot, firewall might be started by hotplug already,
+       # so don't complain in syslog.
+       fw3 -q start
+}
+
+start() {
+       fw3 start
+}
+
+stop() {
+       fw3 stop
+}