projects / openwrt / svn-archive / archive.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (from parent 1: b5e745c)
adds 5 new chains to the uci firewall that can be used to hook custom rules
authorJohn Crispin <john@openwrt.org>
Wed, 27 Aug 2008 12:03:48 +0000 (12:03 +0000)
committerJohn Crispin <john@openwrt.org>
Wed, 27 Aug 2008 12:03:48 +0000 (12:03 +0000)
SVN-Revision: 12395

package/firewall/files/uci_firewall.sh patch | blob | history

diff --git a/package/firewall/files/uci_firewall.sh b/package/firewall/files/uci_firewall.sh
index 99663c67717d2402c52a13cec601d9a23b07a39a..f6e82bcb69fea3ac8992daa508e7eb6cb0492eaf 100755 (executable)
--- a/package/firewall/files/uci_firewall.sh
+++ b/package/firewall/files/uci_firewall.sh
@@ -261,6 +261,19 @@ fw_addif() {
        (ACTION="ifup" INTERFACE="$1" . /etc/hotplug.d/iface/20-firewall)
 }
 
        (ACTION="ifup" INTERFACE="$1" . /etc/hotplug.d/iface/20-firewall)
 }
 
+fw_custom_chains() {
+       $IPTABLES -N input_rule
+       $IPTABLES -N output_rule
+       $IPTABLES -N forward_rule
+       $IPTABLES -N prerouting_rule -t nat
+       $IPTABLES -N postrouting_rule -t nat
+       $IPTABLES -A INPUT -j input_rule
+       $IPTABLES -A OUTPUT -j output_rule
+       $IPTABLES -A FORWARD -j forward_rule
+       $IPTABLES -A PREROUTING -t nat -j prerouting_rule
+       $IPTABLES -A POSTROUTING -t nat -j postrouting_rule
+}
+
 fw_init() {
        echo "Loading defaults"
        config_foreach fw_defaults defaults
 fw_init() {
        echo "Loading defaults"
        config_foreach fw_defaults defaults
@@ -274,7 +287,9 @@ fw_init() {
        config_foreach fw_redirect redirect
        echo "Loading includes"
        config_foreach fw_include include
        config_foreach fw_redirect redirect
        echo "Loading includes"
        config_foreach fw_include include
-       
+       echo "Adding custom chains"
+       fw_custom_chains
+
        uci_set_state firewall core "" firewall_state 
        uci_set_state firewall core loaded 1
        unset CONFIG_APPEND
        uci_set_state firewall core "" firewall_state 
        uci_set_state firewall core loaded 1
        unset CONFIG_APPEND
OpenWrt SVN history