aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorFelix Fietkau <nbd@openwrt.org>2014-07-02 19:18:23 +0000
committerFelix Fietkau <nbd@openwrt.org>2014-07-02 19:18:23 +0000
commit8ef67937f1ec48298d48f8abc120bf513c691a99 (patch)
treee3352efb93567ba7050238cdae43a3634e47c1da
parent218ae8eb0021e869160133ef3f0f8e82ffae62db (diff)
downloadupstream-8ef67937f1ec48298d48f8abc120bf513c691a99.tar.gz
upstream-8ef67937f1ec48298d48f8abc120bf513c691a99.tar.bz2
upstream-8ef67937f1ec48298d48f8abc120bf513c691a99.zip
igmpproxy: automatically add firewall rules for multicast routing based on the current config
Signed-off-by: Felix Fietkau <nbd@openwrt.org> git-svn-id: svn://svn.openwrt.org/openwrt/trunk@41483 3c298f89-4303-0410-b956-a3cf2f4a3e73
-rw-r--r--package/network/services/igmpproxy/files/igmpproxy.init47
1 files changed, 47 insertions, 0 deletions
diff --git a/package/network/services/igmpproxy/files/igmpproxy.init b/package/network/services/igmpproxy/files/igmpproxy.init
index fb0333f048..8c15814712 100644
--- a/package/network/services/igmpproxy/files/igmpproxy.init
+++ b/package/network/services/igmpproxy/files/igmpproxy.init
@@ -65,6 +65,40 @@ igmp_add_network() {
procd_add_interface_trigger "interface.*" $network /etc/init.d/igmpproxy restart
}
+igmp_add_firewall_routing() {
+ config_get network $1 network
+ config_get direction $1 direction
+
+ [[ "$direction" = "downstream" ]] || return 0
+
+ json_add_object ""
+ json_add_string type rule
+ json_add_string src "$upstream"
+ json_add_string dest "$network"
+ json_add_string family ipv4
+ json_add_string proto udp
+ json_add_string dest_ip "224.0.0.0/4"
+ json_add_string target ACCEPT
+ json_close_object
+}
+
+igmp_add_firewall_network() {
+ config_get network $1 network
+ config_get direction $1 direction
+
+ json_add_object ""
+ json_add_string type rule
+ json_add_string src "$network"
+ json_add_string proto igmp
+ json_add_string target ACCEPT
+ json_close_object
+
+ [[ "$direction" = "upstream" ]] && {
+ upstream="$network"
+ config_foreach igmp_add_firewall_routing phyint
+ }
+}
+
service_triggers() {
procd_add_reload_trigger "igmpproxy"
}
@@ -83,5 +117,18 @@ start_service() {
procd_open_trigger
config_foreach igmp_add_network phyint
procd_close_trigger
+
+ procd_open_data
+
+ json_add_array firewall
+ config_foreach igmp_add_firewall_network phyint
+ json_close_array
+
+ procd_close_data
+
procd_close_instance
}
+
+service_started() {
+ procd_set_config_changed firewall
+}