1
0
mirror of git://projects.qi-hardware.com/openwrt-xburst.git synced 2024-12-25 10:45:11 +02:00

add firewall protection for wan_device in addition to wan_ifname (fixes #852)

git-svn-id: svn://svn.openwrt.org/openwrt/trunk@5136 3c298f89-4303-0410-b956-a3cf2f4a3e73
This commit is contained in:
nbd 2006-10-15 23:04:23 +00:00
parent 1764da6cc8
commit b7c53bf001

View File

@ -8,6 +8,7 @@ start() {
scan_interfaces scan_interfaces
config_get WAN wan ifname config_get WAN wan ifname
config_get WANDEV wan device
config_get LAN lan ifname config_get LAN lan ifname
## CLEAR TABLES ## CLEAR TABLES
@ -25,6 +26,7 @@ start() {
iptables -N LAN_ACCEPT iptables -N LAN_ACCEPT
[ -z "$WAN" ] || iptables -A LAN_ACCEPT -i "$WAN" -j RETURN [ -z "$WAN" ] || iptables -A LAN_ACCEPT -i "$WAN" -j RETURN
[ -z "$WANDEV" -o "$WANDEV" = "$WAN" ] || iptables -A LAN_ACCEPT -i "$WANDEV" -j RETURN
iptables -A LAN_ACCEPT -j ACCEPT iptables -A LAN_ACCEPT -j ACCEPT
### INPUT ### INPUT