mirror of
git://projects.qi-hardware.com/openwrt-xburst.git
synced 2024-09-13 07:24:15 +03:00
24931686cd
- fix ip6tables rules when icmp_type option is set - add "family" option to zones, forwardings, redirects and rules to selectively apply rules to iptables and/or ip6tables git-svn-id: svn://svn.openwrt.org/openwrt/trunk@21508 3c298f89-4303-0410-b956-a3cf2f4a3e73
44 lines
1.0 KiB
Bash
44 lines
1.0 KiB
Bash
# Copyright (C) 2009-2010 OpenWrt.org
|
|
|
|
fw_config_get_forwarding() {
|
|
[ "${forwarding_NAME}" != "$1" ] || return
|
|
fw_config_get_section "$1" forwarding { \
|
|
string _name "$1" \
|
|
string name "" \
|
|
string src "" \
|
|
string dest "" \
|
|
string family "" \
|
|
} || return
|
|
[ -n "$forwarding_name" ] || forwarding_name=$forwarding__name
|
|
}
|
|
|
|
fw_load_forwarding() {
|
|
fw_config_get_forwarding "$1"
|
|
|
|
fw_callback pre forwarding
|
|
|
|
local chain=forward
|
|
[ -n "$forwarding_src" ] && {
|
|
chain=zone_${forwarding_src}_forward
|
|
}
|
|
|
|
local target=ACCEPT
|
|
[ -n "$forwarding_dest" ] && {
|
|
target=zone_${forwarding_dest}_ACCEPT
|
|
}
|
|
|
|
local mode=$(fw_get_family_mode ${forwarding_family:-x} ${forwarding_dest:-${forwarding_src:--}} i)
|
|
|
|
fw add $mode f $chain $target ^
|
|
|
|
# propagate masq zone flag
|
|
[ -n "$forwarding_src" ] && list_contains CONNTRACK_ZONES $forwarding_src && {
|
|
append CONNTRACK_ZONES $forwarding_dest
|
|
}
|
|
[ -n "$forwarding_dest" ] && list_contains CONNTRACK_ZONES $forwarding_dest && {
|
|
append CONNTRACK_ZONES $forwarding_src
|
|
}
|
|
|
|
fw_callback post forwarding
|
|
}
|