diff options
| -rw-r--r-- | package/firewall/Makefile | 2 | ||||
| -rw-r--r-- | package/firewall/files/lib/core.sh | 14 | ||||
| -rw-r--r-- | package/firewall/files/lib/core_interface.sh | 29 |
3 files changed, 42 insertions, 3 deletions
diff --git a/package/firewall/Makefile b/package/firewall/Makefile index 00badcb85..205f2098c 100644 --- a/package/firewall/Makefile +++ b/package/firewall/Makefile @@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=firewall PKG_VERSION:=2 -PKG_RELEASE:=13 +PKG_RELEASE:=14 include $(INCLUDE_DIR)/package.mk diff --git a/package/firewall/files/lib/core.sh b/package/firewall/files/lib/core.sh index 03a80c6f6..2178e0505 100644 --- a/package/firewall/files/lib/core.sh +++ b/package/firewall/files/lib/core.sh @@ -49,6 +49,7 @@ fw_start() { fw_callback post core + uci_set_state firewall core zones "$FW_ZONES" uci_set_state firewall core loaded 1 } @@ -57,6 +58,19 @@ fw_stop() { fw_callback pre stop + local old_zones z + config_get old_zones core zones + for z in $old_zones; do + local old_networks n i + config_get old_networks core "${z}_networks" + for n in $old_networks; do + config_get i core "${n}_ifname" + [ -n "$i" ] && env -i ACTION=remove ZONE="$z" \ + INTERFACE="$n" DEVICE="$i" \ + /sbin/hotplug-call firewall + done + done + fw_clear ACCEPT fw_callback post stop diff --git a/package/firewall/files/lib/core_interface.sh b/package/firewall/files/lib/core_interface.sh index 889dcc904..1a33cde1e 100644 --- a/package/firewall/files/lib/core_interface.sh +++ b/package/firewall/files/lib/core_interface.sh @@ -1,5 +1,24 @@ # Copyright (C) 2009-2010 OpenWrt.org +fw__uci_state_add() { + local var="$1" + local item="$2" + + local val="$(uci_get_state firewall core $var)" + uci_set_state firewall core $var "${val:+$val }$item" +} + +fw__uci_state_del() { + local var="$1" + local item="$2" + + local val=" $(uci_get_state firewall core $var) " + val="${val// $item / }" + val="${val# }" + val="${val% }" + uci_set_state firewall core $var "$val" +} + fw_configure_interface() { local iface=$1 local action=$2 @@ -83,7 +102,10 @@ fw_configure_interface() { fw__do_rules del $z $old_ifname $n done - [ -n "$old_subnets" ] || ACTION=remove ZONE="$z" INTERFACE="$iface" DEVICE="$ifname" /sbin/hotplug-call firewall + [ -n "$old_subnets" ] || { + fw__uci_state_del "${z}_networks" "$iface" + env -i ACTION=remove ZONE="$z" INTERFACE="$iface" DEVICE="$ifname" /sbin/hotplug-call firewall + } done local old_aliases @@ -139,7 +161,10 @@ fw_configure_interface() { fw__do_rules add ${zone_name} "$ifname" "$aliasnet" append new_zones $zone_name - [ -n "$aliasnet" ] || ACTION=add ZONE="$zone_name" INTERFACE="$iface" DEVICE="$ifname" /sbin/hotplug-call firewall + [ -n "$aliasnet" ] || { + fw__uci_state_add "${zone_name}_networks" "${zone_network}" + env -i ACTION=add ZONE="$zone_name" INTERFACE="$iface" DEVICE="$ifname" /sbin/hotplug-call firewall + } } config_foreach load_zone zone |