aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorFelix Fietkau <nbd@openwrt.org>2014-07-02 19:18:23 +0000
committerFelix Fietkau <nbd@openwrt.org>2014-07-02 19:18:23 +0000
commite9b8f24ded839dd58f43e510e25a952a2f0656b3 (patch)
tree3b9781783c1811fc3a7c50d12bd114fa2ca1af61
parent5aef137f9eb3a3236bdb7f50af887ff63368da2f (diff)
downloadupstream-e9b8f24ded839dd58f43e510e25a952a2f0656b3.tar.gz
upstream-e9b8f24ded839dd58f43e510e25a952a2f0656b3.tar.bz2
upstream-e9b8f24ded839dd58f43e510e25a952a2f0656b3.zip
igmpproxy: automatically add firewall rules for multicast routing based on the current config
Signed-off-by: Felix Fietkau <nbd@openwrt.org> SVN-Revision: 41483
-rw-r--r--package/network/services/igmpproxy/files/igmpproxy.init47
1 files changed, 47 insertions, 0 deletions
diff --git a/package/network/services/igmpproxy/files/igmpproxy.init b/package/network/services/igmpproxy/files/igmpproxy.init
index fb0333f048..8c15814712 100644
--- a/package/network/services/igmpproxy/files/igmpproxy.init
+++ b/package/network/services/igmpproxy/files/igmpproxy.init
@@ -65,6 +65,40 @@ igmp_add_network() {
procd_add_interface_trigger "interface.*" $network /etc/init.d/igmpproxy restart
}
+igmp_add_firewall_routing() {
+ config_get network $1 network
+ config_get direction $1 direction
+
+ [[ "$direction" = "downstream" ]] || return 0
+
+ json_add_object ""
+ json_add_string type rule
+ json_add_string src "$upstream"
+ json_add_string dest "$network"
+ json_add_string family ipv4
+ json_add_string proto udp
+ json_add_string dest_ip "224.0.0.0/4"
+ json_add_string target ACCEPT
+ json_close_object
+}
+
+igmp_add_firewall_network() {
+ config_get network $1 network
+ config_get direction $1 direction
+
+ json_add_object ""
+ json_add_string type rule
+ json_add_string src "$network"
+ json_add_string proto igmp
+ json_add_string target ACCEPT
+ json_close_object
+
+ [[ "$direction" = "upstream" ]] && {
+ upstream="$network"
+ config_foreach igmp_add_firewall_routing phyint
+ }
+}
+
service_triggers() {
procd_add_reload_trigger "igmpproxy"
}
@@ -83,5 +117,18 @@ start_service() {
procd_open_trigger
config_foreach igmp_add_network phyint
procd_close_trigger
+
+ procd_open_data
+
+ json_add_array firewall
+ config_foreach igmp_add_firewall_network phyint
+ json_close_array
+
+ procd_close_data
+
procd_close_instance
}
+
+service_started() {
+ procd_set_config_changed firewall
+}