1
0
mirror of git://projects.qi-hardware.com/openwrt-xburst.git synced 2024-12-18 17:54:04 +02:00
openwrt-xburst/package/firewall/files/20-firewall
nbd 312627976e firewall: allow multiple interfaces to be part of one zone, fix the sanity checks for that
git-svn-id: svn://svn.openwrt.org/openwrt/trunk@14058 3c298f89-4303-0410-b956-a3cf2f4a3e73
2009-01-16 17:39:03 +00:00

36 lines
690 B
Plaintext

. /lib/firewall/uci_firewall.sh
unset ZONE
config_get ifname $INTERFACE ifname
[ "$ifname" == "lo" ] && exit 0
load_zones() {
local name
local network
config_get name $1 name
config_get network $1 network
[ -z "$network" ] && network=$name
for n in $network; do
[ "$n" = "$INTERFACE" ] && ZONE="$ZONE $name"
done
}
config_foreach load_zones zone
[ -z "$ZONE" ] && exit 0
[ ifup = "$ACTION" ] && {
for z in $ZONE; do
local loaded
config_get loaded core loaded
[ -n "$loaded" ] && addif "$INTERFACE" "$ifname" "$z"
done
}
[ ifdown = "$ACTION" ] && {
for z in $ZONE; do
local up
config_get up $z up
[ "$up" == "1" ] && delif "$INTERFACE" "$ifname" "$z"
done
}