projects
/
openwrt
/
svn-archive
/
archive.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
|
inline
| side by side (from parent 1:
b5e745c
)
adds 5 new chains to the uci firewall that can be used to hook custom rules
author
John Crispin
<john@openwrt.org>
Wed, 27 Aug 2008 12:03:48 +0000
(12:03 +0000)
committer
John Crispin
<john@openwrt.org>
Wed, 27 Aug 2008 12:03:48 +0000
(12:03 +0000)
SVN-Revision: 12395
package/firewall/files/uci_firewall.sh
patch
|
blob
|
history
diff --git
a/package/firewall/files/uci_firewall.sh
b/package/firewall/files/uci_firewall.sh
index 99663c67717d2402c52a13cec601d9a23b07a39a..f6e82bcb69fea3ac8992daa508e7eb6cb0492eaf 100755
(executable)
--- a/
package/firewall/files/uci_firewall.sh
+++ b/
package/firewall/files/uci_firewall.sh
@@
-261,6
+261,19
@@
fw_addif() {
(ACTION="ifup" INTERFACE="$1" . /etc/hotplug.d/iface/20-firewall)
}
(ACTION="ifup" INTERFACE="$1" . /etc/hotplug.d/iface/20-firewall)
}
+fw_custom_chains() {
+ $IPTABLES -N input_rule
+ $IPTABLES -N output_rule
+ $IPTABLES -N forward_rule
+ $IPTABLES -N prerouting_rule -t nat
+ $IPTABLES -N postrouting_rule -t nat
+ $IPTABLES -A INPUT -j input_rule
+ $IPTABLES -A OUTPUT -j output_rule
+ $IPTABLES -A FORWARD -j forward_rule
+ $IPTABLES -A PREROUTING -t nat -j prerouting_rule
+ $IPTABLES -A POSTROUTING -t nat -j postrouting_rule
+}
+
fw_init() {
echo "Loading defaults"
config_foreach fw_defaults defaults
fw_init() {
echo "Loading defaults"
config_foreach fw_defaults defaults
@@
-274,7
+287,9
@@
fw_init() {
config_foreach fw_redirect redirect
echo "Loading includes"
config_foreach fw_include include
config_foreach fw_redirect redirect
echo "Loading includes"
config_foreach fw_include include
-
+ echo "Adding custom chains"
+ fw_custom_chains
+
uci_set_state firewall core "" firewall_state
uci_set_state firewall core loaded 1
unset CONFIG_APPEND
uci_set_state firewall core "" firewall_state
uci_set_state firewall core loaded 1
unset CONFIG_APPEND