uci firewall

- remove implicit creation of zones, based on network interfaces git-svn-id: svn://svn.openwrt.org/openwrt/trunk@12281 3c298f89-4303-0410-b956-a3cf2f4a3e73
2024-10-02 16:31:40 +03:00 · 2008-08-11 20:46:17 +00:00 · 2008-08-11 20:46:17 +00:00 · 4905eac3af
commit 4905eac3af
parent 671fedb27c
2 changed files with 1 additions and 9 deletions
--- a/package/firewall/files/new/20-firewall
+++ b/package/firewall/files/new/20-firewall
@ -20,9 +20,7 @@ load_zones() {

 config_foreach load_zones zone

-IFACE=$(find_config $INTERFACE)
-[ -n "$IFACE" ] && 
-	list_contains ZONE $IFACE || ZONE="$ZONE $IFACE"
+[ -z "$ZONE" ] && exit 0

 [ ifup = "$ACTION" ] && {
 	for z in $ZONE; do 
--- a/package/firewall/files/new/uci_firewall.sh
+++ b/package/firewall/files/new/uci_firewall.sh
@ -91,10 +91,6 @@ load_synflood() {
 	$IPTABLES -A INPUT -p tcp --syn -j SYN_FLOOD
 }

-create_network_zone() {
-	create_zone "$1" "$1"
-}
-
 fw_defaults() {
 	load_policy $1
 	DEF_INPUT=$input
@ -261,8 +257,6 @@ fw_init() {
 	config_foreach fw_defaults defaults
 	echo "Loading zones"
 	config_foreach fw_zone zone
-	echo "Loading interfaces"
-	config_foreach create_network_zone interface
 	echo "Loading rules"
 	config_foreach fw_rule rule
 	echo "Loading forwarding"