diff options
-rwxr-xr-x | package/network/config/firewall/files/firewall.init | 58 |
1 files changed, 49 insertions, 9 deletions
diff --git a/package/network/config/firewall/files/firewall.init b/package/network/config/firewall/files/firewall.init index 64e3a8c12b..8abbf68254 100755 --- a/package/network/config/firewall/files/firewall.init +++ b/package/network/config/firewall/files/firewall.init @@ -1,25 +1,65 @@ #!/bin/sh /etc/rc.common START=19 +USE_PROCD=1 +QUIET="" -boot() { - # Be silent on boot, firewall might be started by hotplug already, - # so don't complain in syslog. - fw3 -q start +validate_firewall_redirect() +{ + uci_validate_section firewall redirect "${1}" \ + 'proto:or("tcp", "udp", "tcpudp")' \ + 'src:string' \ + 'src_ip:ipaddr' \ + 'src_dport:string' \ + 'dest:string' \ + 'dest_ip:ipaddr' \ + 'dest_port:string' \ + 'target:or("SNAT", "DNAT")' + + return $? } -start() { - fw3 start +validate_firewall_rule() +{ + uci_validate_section firewall rule "${1}" \ + 'proto:string' \ + 'src:string' \ + 'dest:string' \ + 'src_port:string' \ + 'dest_port:string' \ + 'target:string' + + return $? } -stop() { - fw3 flush +service_triggers() { + procd_add_reload_trigger firewall + + procd_open_validate + validate_firewall_redirect + validate_firewall_rule + procd_close_validate } restart() { fw3 restart } -reload() { +start_service() { + fw3 ${QUIET} start +} + +stop_service() { + fw3 flush +} + +reload_service() { fw3 reload } + +boot() { + # Be silent on boot, firewall might be started by hotplug already, + # so don't complain in syslog. + QUIET=1 + start +} |