aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJohn Crispin <john@openwrt.org>2008-08-11 20:46:17 +0000
committerJohn Crispin <john@openwrt.org>2008-08-11 20:46:17 +0000
commit0f5cbca010c00b483bf7678ab7fa59dfafcd58d3 (patch)
treecabc65d29c86ca7841cae5d2f64499f7c4a86556
parent5745e536d410a5f3b4a1e261a627cb98eb5e7e35 (diff)
downloadupstream-0f5cbca010c00b483bf7678ab7fa59dfafcd58d3.tar.gz
upstream-0f5cbca010c00b483bf7678ab7fa59dfafcd58d3.tar.bz2
upstream-0f5cbca010c00b483bf7678ab7fa59dfafcd58d3.zip
uci firewall - remove implicit creation of zones, based on network interfaces
SVN-Revision: 12281
-rw-r--r--package/firewall/files/new/20-firewall4
-rwxr-xr-xpackage/firewall/files/new/uci_firewall.sh6
2 files changed, 1 insertions, 9 deletions
diff --git a/package/firewall/files/new/20-firewall b/package/firewall/files/new/20-firewall
index a8ce17c976..217e3f66bb 100644
--- a/package/firewall/files/new/20-firewall
+++ b/package/firewall/files/new/20-firewall
@@ -20,9 +20,7 @@ load_zones() {
config_foreach load_zones zone
-IFACE=$(find_config $INTERFACE)
-[ -n "$IFACE" ] &&
- list_contains ZONE $IFACE || ZONE="$ZONE $IFACE"
+[ -z "$ZONE" ] && exit 0
[ ifup = "$ACTION" ] && {
for z in $ZONE; do
diff --git a/package/firewall/files/new/uci_firewall.sh b/package/firewall/files/new/uci_firewall.sh
index dcb9c100bf..e1683e9cf0 100755
--- a/package/firewall/files/new/uci_firewall.sh
+++ b/package/firewall/files/new/uci_firewall.sh
@@ -91,10 +91,6 @@ load_synflood() {
$IPTABLES -A INPUT -p tcp --syn -j SYN_FLOOD
}
-create_network_zone() {
- create_zone "$1" "$1"
-}
-
fw_defaults() {
load_policy $1
DEF_INPUT=$input
@@ -261,8 +257,6 @@ fw_init() {
config_foreach fw_defaults defaults
echo "Loading zones"
config_foreach fw_zone zone
- echo "Loading interfaces"
- config_foreach create_network_zone interface
echo "Loading rules"
config_foreach fw_rule rule
echo "Loading forwarding"