firewall3: update init.d script to make use of procd

add validation data Signed-off-by: John Crispin <blogic@openwrt.org> git-svn-id: svn://svn.openwrt.org/openwrt/trunk@39617 3c298f89-4303-0410-b956-a3cf2f4a3e73
author: John Crispin <blogic@openwrt.org> 2014-02-18 13:33:47 +0000
committer: John Crispin <blogic@openwrt.org> 2014-02-18 13:33:47 +0000
commit: 7027da552c776ac29d3d5583984288eb09e89faf (patch)
tree: 786dbd71a33553b9602a32c88c1e1ffaeeda2255 /package/network/config/firewall
parent: 3854547a4a2b4a0db2901caa72bd723f8feb7221 (diff)
download: upstream-7027da552c776ac29d3d5583984288eb09e89faf.tar.gz
upstream-7027da552c776ac29d3d5583984288eb09e89faf.tar.bz2
upstream-7027da552c776ac29d3d5583984288eb09e89faf.zip
1 files changed, 49 insertions, 9 deletions
diff --git a/package/network/config/firewall/files/firewall.init b/package/network/config/firewall/files/firewall.init
index 64e3a8c12b..8abbf68254 100755
--- a/package/network/config/firewall/files/firewall.init
+++ b/package/network/config/firewall/files/firewall.init
@@ -1,25 +1,65 @@
 #!/bin/sh /etc/rc.common
 
 START=19
+USE_PROCD=1
+QUIET=""
 
-boot() {
-	# Be silent on boot, firewall might be started by hotplug already,
-	# so don't complain in syslog.
-	fw3 -q start
+validate_firewall_redirect()
+{
+	uci_validate_section firewall redirect "${1}" \
+		'proto:or("tcp", "udp", "tcpudp")' \
+		'src:string' \
+		'src_ip:ipaddr' \
+		'src_dport:string' \
+		'dest:string' \
+		'dest_ip:ipaddr' \
+		'dest_port:string' \
+		'target:or("SNAT", "DNAT")'
+	
+	return $?
 }
 
-start() {
-	fw3 start
+validate_firewall_rule()
+{
+	uci_validate_section firewall rule "${1}" \
+		'proto:string' \
+		'src:string' \
+		'dest:string' \
+		'src_port:string' \
+		'dest_port:string' \
+		'target:string'
+	
+	return $?
 }
 
-stop() {
-	fw3 flush
+service_triggers() {
+	procd_add_reload_trigger firewall	
+
+	procd_open_validate
+	validate_firewall_redirect
+	validate_firewall_rule
+	procd_close_validate
 }
 
 restart() {
 	fw3 restart
 }
 
-reload() {
+start_service() {
+	fw3 ${QUIET} start
+}
+
+stop_service() {
+	fw3 flush
+}
+
+reload_service() {
 	fw3 reload
 }
+
+boot() {
+	# Be silent on boot, firewall might be started by hotplug already,
+	# so don't complain in syslog.
+	QUIET=1
+	start
+}
author	John Crispin <blogic@openwrt.org>	2014-02-18 13:33:47 +0000
committer	John Crispin <blogic@openwrt.org>	2014-02-18 13:33:47 +0000
commit	7027da552c776ac29d3d5583984288eb09e89faf (patch)
tree	786dbd71a33553b9602a32c88c1e1ffaeeda2255 /package/network/config/firewall
parent	3854547a4a2b4a0db2901caa72bd723f8feb7221 (diff)
download	upstream-7027da552c776ac29d3d5583984288eb09e89faf.tar.gz upstream-7027da552c776ac29d3d5583984288eb09e89faf.tar.bz2 upstream-7027da552c776ac29d3d5583984288eb09e89faf.zip