diff options
Diffstat (limited to 'package/firewall/files/lib/fw.sh')
-rw-r--r-- | package/firewall/files/lib/fw.sh | 30 |
1 files changed, 29 insertions, 1 deletions
diff --git a/package/firewall/files/lib/fw.sh b/package/firewall/files/lib/fw.sh index 1dd5227c16..553642070c 100644 --- a/package/firewall/files/lib/fw.sh +++ b/package/firewall/files/lib/fw.sh @@ -155,7 +155,14 @@ fw__exec() { # <action> <family> <table> <chain> <target> <position> { <rules> } fi fi while [ $# -gt 1 ]; do - echo -n "$1" + case "$app:$1" in + ip6tables:--icmp-type) echo -n "--icmpv6-type" ;; + ip6tables:icmp|ip6tables:ICMP) echo -n "icmpv6" ;; + iptables:--icmpv6-type) echo -n "--icmp-type" ;; + iptables:icmpv6) echo -n "icmp" ;; + *:}|*:{) shift; continue ;; + *) echo -n "$1" ;; + esac echo -ne "\0" shift done | xargs -0 ${FW_TRACE:+-t} \ @@ -180,3 +187,24 @@ fw_get_port_range() { fi } +fw_get_family_mode() { + local hint="$1" + local zone="$2" + local mode="$3" + + local ipv4 ipv6 + [ -n "$FW_ZONES4$FW_ZONES6" ] && { + list_contains FW_ZONES4 $zone && ipv4=1 || ipv4=0 + list_contains FW_ZONES6 $zone && ipv6=1 || ipv6=0 + } || { + ipv4=$(uci_get_state firewall core ${zone}_ipv4 0) + ipv6=$(uci_get_state firewall core ${zone}_ipv6 0) + } + + case "$hint:$ipv4:$ipv6" in + *4:1:*|*:1:0) echo 4 ;; + *6:*:1|*:0:1) echo 6 ;; + *) echo $mode ;; + esac +} + |