aboutsummaryrefslogtreecommitdiffstats
path: root/package/network/config/firewall/files/firewall.init
diff options
context:
space:
mode:
Diffstat (limited to 'package/network/config/firewall/files/firewall.init')
-rwxr-xr-xpackage/network/config/firewall/files/firewall.init61
1 files changed, 61 insertions, 0 deletions
diff --git a/package/network/config/firewall/files/firewall.init b/package/network/config/firewall/files/firewall.init
new file mode 100755
index 0000000..ee3ed1a
--- /dev/null
+++ b/package/network/config/firewall/files/firewall.init
@@ -0,0 +1,61 @@
+#!/bin/sh /etc/rc.common
+
+START=19
+USE_PROCD=1
+QUIET=""
+
+validate_firewall_redirect()
+{
+ uci_validate_section firewall redirect "${1}" \
+ 'proto:or(uinteger, string)' \
+ 'src:string' \
+ 'src_ip:cidr' \
+ 'src_dport:or(port, portrange)' \
+ 'dest:string' \
+ 'dest_ip:cidr' \
+ 'dest_port:or(port, portrange)' \
+ 'target:or("SNAT", "DNAT")'
+}
+
+validate_firewall_rule()
+{
+ uci_validate_section firewall rule "${1}" \
+ 'proto:or(uinteger, string)' \
+ 'src:string' \
+ 'dest:string' \
+ 'src_port:or(port, portrange)' \
+ 'dest_port:or(port, portrange)' \
+ 'target:string'
+}
+
+service_triggers() {
+ procd_add_reload_trigger firewall
+
+ procd_open_validate
+ validate_firewall_redirect
+ validate_firewall_rule
+ procd_close_validate
+}
+
+restart() {
+ fw3 restart
+}
+
+start_service() {
+ fw3 ${QUIET} start
+}
+
+stop_service() {
+ fw3 flush
+}
+
+reload_service() {
+ fw3 reload
+}
+
+boot() {
+ # Be silent on boot, firewall might be started by hotplug already,
+ # so don't complain in syslog.
+ QUIET=-q
+ start
+}