diff options
author | Jo-Philipp Wich <jow@openwrt.org> | 2010-05-01 18:22:01 +0000 |
---|---|---|
committer | Jo-Philipp Wich <jow@openwrt.org> | 2010-05-01 18:22:01 +0000 |
commit | 64175a0ded3a2f390d985452c0bcb11350bac3e5 (patch) | |
tree | c2bf3d0e96906797339230fbdb5c75a268fb9f1e /package/firewall/files/lib/core_forwarding.sh | |
parent | 29da0b6c6cb1a2db0f0f05cbc346ed9963feecff (diff) | |
download | master-187ad058-64175a0ded3a2f390d985452c0bcb11350bac3e5.tar.gz master-187ad058-64175a0ded3a2f390d985452c0bcb11350bac3e5.tar.bz2 master-187ad058-64175a0ded3a2f390d985452c0bcb11350bac3e5.zip |
[package] firewall:
- replace uci firewall with a modular dual stack implementation developed by Malte S. Stretz
- bump version to 2
git-svn-id: svn://svn.openwrt.org/openwrt/trunk@21286 3c298f89-4303-0410-b956-a3cf2f4a3e73
Diffstat (limited to 'package/firewall/files/lib/core_forwarding.sh')
-rw-r--r-- | package/firewall/files/lib/core_forwarding.sh | 40 |
1 files changed, 40 insertions, 0 deletions
diff --git a/package/firewall/files/lib/core_forwarding.sh b/package/firewall/files/lib/core_forwarding.sh new file mode 100644 index 0000000000..766e48e38e --- /dev/null +++ b/package/firewall/files/lib/core_forwarding.sh @@ -0,0 +1,40 @@ +# Copyright (C) 2009-2010 OpenWrt.org + +fw_config_get_forwarding() { + [ "${forwarding_NAME}" != "$1" ] || return + fw_config_get_section "$1" forwarding { \ + string _name "$1" \ + string name "" \ + string src "" \ + string dest "" \ + } || return + [ -n "$forwarding_name" ] || forwarding_name=$forwarding__name +} + +fw_load_forwarding() { + fw_config_get_forwarding "$1" + + fw_callback pre forwarding + + local chain=forward + [ -n "$forwarding_src" ] && { + chain=zone_${forwarding_src}_forward + } + + local target=ACCEPT + [ -n "$forwarding_dest" ] && { + target=zone_${forwarding_dest}_ACCEPT + } + + fw add i f $chain $target ^ + + # propagate masq zone flag + [ -n "$forwarding_src" ] && list_contains CONNTRACK_ZONES $forwarding_src && { + append CONNTRACK_ZONES $forwarding_dest + } + [ -n "$forwarding_dest" ] && list_contains CONNTRACK_ZONES $forwarding_dest && { + append CONNTRACK_ZONES $forwarding_src + } + + fw_callback post forwarding +} |