diff options
author | John Crispin <john@openwrt.org> | 2008-08-11 20:46:17 +0000 |
---|---|---|
committer | John Crispin <john@openwrt.org> | 2008-08-11 20:46:17 +0000 |
commit | 0f5cbca010c00b483bf7678ab7fa59dfafcd58d3 (patch) | |
tree | cabc65d29c86ca7841cae5d2f64499f7c4a86556 | |
parent | 5745e536d410a5f3b4a1e261a627cb98eb5e7e35 (diff) | |
download | upstream-0f5cbca010c00b483bf7678ab7fa59dfafcd58d3.tar.gz upstream-0f5cbca010c00b483bf7678ab7fa59dfafcd58d3.tar.bz2 upstream-0f5cbca010c00b483bf7678ab7fa59dfafcd58d3.zip |
uci firewall - remove implicit creation of zones, based on network interfaces
SVN-Revision: 12281
-rw-r--r-- | package/firewall/files/new/20-firewall | 4 | ||||
-rwxr-xr-x | package/firewall/files/new/uci_firewall.sh | 6 |
2 files changed, 1 insertions, 9 deletions
diff --git a/package/firewall/files/new/20-firewall b/package/firewall/files/new/20-firewall index a8ce17c976..217e3f66bb 100644 --- a/package/firewall/files/new/20-firewall +++ b/package/firewall/files/new/20-firewall @@ -20,9 +20,7 @@ load_zones() { config_foreach load_zones zone -IFACE=$(find_config $INTERFACE) -[ -n "$IFACE" ] && - list_contains ZONE $IFACE || ZONE="$ZONE $IFACE" +[ -z "$ZONE" ] && exit 0 [ ifup = "$ACTION" ] && { for z in $ZONE; do diff --git a/package/firewall/files/new/uci_firewall.sh b/package/firewall/files/new/uci_firewall.sh index dcb9c100bf..e1683e9cf0 100755 --- a/package/firewall/files/new/uci_firewall.sh +++ b/package/firewall/files/new/uci_firewall.sh @@ -91,10 +91,6 @@ load_synflood() { $IPTABLES -A INPUT -p tcp --syn -j SYN_FLOOD } -create_network_zone() { - create_zone "$1" "$1" -} - fw_defaults() { load_policy $1 DEF_INPUT=$input @@ -261,8 +257,6 @@ fw_init() { config_foreach fw_defaults defaults echo "Loading zones" config_foreach fw_zone zone - echo "Loading interfaces" - config_foreach create_network_zone interface echo "Loading rules" config_foreach fw_rule rule echo "Loading forwarding" |