From: Jo-Philipp Wich <jow@openwrt.org>
Date: Sun, 17 Feb 2013 19:26:52 +0000 (+0000)
Subject: firewall3 - a C implementation of the current firewall scripts
X-Git-Url: http://git.openwrt.org/?p=openwrt%2Fsvn-archive%2Farchive.git;a=commitdiff_plain;hb=664be5bfc7c4f4ad9a8ec4b098e32504c5807e49

firewall3 - a C implementation of the current firewall scripts

SVN-Revision: 35643
---

diff --git a/package/network/config/firewall3/Makefile b/package/network/config/firewall3/Makefile
new file mode 100644
index 0000000000..063e554677
--- /dev/null
+++ b/package/network/config/firewall3/Makefile
@@ -0,0 +1,45 @@
+#
+# Copyright (C) 2013 OpenWrt.org
+#
+# This is free software, licensed under the GNU General Public License v2.
+# See /LICENSE for more information.
+#
+
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=firewall3
+PKG_VERSION:=2013-02-17
+PKG_RELEASE:=$(PKG_SOURCE_VERSION)
+
+PKG_SOURCE_PROTO:=git
+PKG_SOURCE_URL:=git://nbd.name/firewall3.git
+PKG_SOURCE_SUBDIR:=$(PKG_NAME)-$(PKG_VERSION)
+PKG_SOURCE_VERSION:=a32e331a11034403df2e26807df9195435b6fb8a
+PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.gz
+PKG_MAINTAINER:=Jo-Philipp Wich <jow@openwrt.org>
+
+
+include $(INCLUDE_DIR)/package.mk
+include $(INCLUDE_DIR)/cmake.mk
+
+define Package/firewall3
+  SECTION:=net
+  CATEGORY:=Network
+  TITLE:=UCI C Firewall
+  DEPENDS:=+libubox +libubus +libuci
+endef
+
+define Package/firewall3/description
+ This package provides a config-compatible C implementation of the UCI firewall.
+endef
+
+define Package/firewall3/install
+	$(INSTALL_DIR) $(1)/sbin
+	$(INSTALL_BIN) $(PKG_BUILD_DIR)/firewall3 $(1)/sbin/fw3
+	$(INSTALL_DIR) $(1)/etc/init.d
+	$(INSTALL_BIN) ./files/firewall.init $(1)/etc/init.d/firewall
+	$(INSTALL_DIR) $(1)/etc/hotplug.d/iface
+	$(INSTALL_DATA) ./files/firewall.hotplug $(1)/etc/hotplug.d/iface/20-firewall
+endef
+
+$(eval $(call BuildPackage,firewall3))
diff --git a/package/network/config/firewall3/files/firewall.hotplug b/package/network/config/firewall3/files/firewall.hotplug
new file mode 100644
index 0000000000..a173b130bf
--- /dev/null
+++ b/package/network/config/firewall3/files/firewall.hotplug
@@ -0,0 +1,8 @@
+#!/bin/sh
+
+[ "$ACTION" = ifup ] || exit 0
+
+fw3 -q network "$INTERFACE" >/dev/null || exit 0
+
+logger -t firewall "Restarting firewall due to ifup of $INTERFACE ($DEVICE)"
+fw3 -q restart
diff --git a/package/network/config/firewall3/files/firewall.init b/package/network/config/firewall3/files/firewall.init
new file mode 100755
index 0000000000..bddbadd880
--- /dev/null
+++ b/package/network/config/firewall3/files/firewall.init
@@ -0,0 +1,17 @@
+#!/bin/sh /etc/rc.common
+
+START=19
+
+boot() {
+	# Be silent on boot, firewall might be started by hotplug already,
+	# so don't complain in syslog.
+	fw3 -q start
+}
+
+start() {
+	fw3 start
+}
+
+stop() {
+	fw3 stop
+}