From 02b0c62f3379004cfbb6436b956c6ca75ee1d8f7 Mon Sep 17 00:00:00 2001 From: Jo-Philipp Wich Date: Sun, 17 Feb 2013 19:26:52 +0000 Subject: [PATCH] firewall3 - a C implementation of the current firewall scripts SVN-Revision: 35643 --- package/network/config/firewall3/Makefile | 45 +++++++++++++++++++ .../config/firewall3/files/firewall.hotplug | 8 ++++ .../config/firewall3/files/firewall.init | 17 +++++++ 3 files changed, 70 insertions(+) create mode 100644 package/network/config/firewall3/Makefile create mode 100644 package/network/config/firewall3/files/firewall.hotplug create mode 100755 package/network/config/firewall3/files/firewall.init diff --git a/package/network/config/firewall3/Makefile b/package/network/config/firewall3/Makefile new file mode 100644 index 0000000000..063e554677 --- /dev/null +++ b/package/network/config/firewall3/Makefile @@ -0,0 +1,45 @@ +# +# Copyright (C) 2013 OpenWrt.org +# +# This is free software, licensed under the GNU General Public License v2. +# See /LICENSE for more information. +# + +include $(TOPDIR)/rules.mk + +PKG_NAME:=firewall3 +PKG_VERSION:=2013-02-17 +PKG_RELEASE:=$(PKG_SOURCE_VERSION) + +PKG_SOURCE_PROTO:=git +PKG_SOURCE_URL:=git://nbd.name/firewall3.git +PKG_SOURCE_SUBDIR:=$(PKG_NAME)-$(PKG_VERSION) +PKG_SOURCE_VERSION:=a32e331a11034403df2e26807df9195435b6fb8a +PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.gz +PKG_MAINTAINER:=Jo-Philipp Wich + + +include $(INCLUDE_DIR)/package.mk +include $(INCLUDE_DIR)/cmake.mk + +define Package/firewall3 + SECTION:=net + CATEGORY:=Network + TITLE:=UCI C Firewall + DEPENDS:=+libubox +libubus +libuci +endef + +define Package/firewall3/description + This package provides a config-compatible C implementation of the UCI firewall. +endef + +define Package/firewall3/install + $(INSTALL_DIR) $(1)/sbin + $(INSTALL_BIN) $(PKG_BUILD_DIR)/firewall3 $(1)/sbin/fw3 + $(INSTALL_DIR) $(1)/etc/init.d + $(INSTALL_BIN) ./files/firewall.init $(1)/etc/init.d/firewall + $(INSTALL_DIR) $(1)/etc/hotplug.d/iface + $(INSTALL_DATA) ./files/firewall.hotplug $(1)/etc/hotplug.d/iface/20-firewall +endef + +$(eval $(call BuildPackage,firewall3)) diff --git a/package/network/config/firewall3/files/firewall.hotplug b/package/network/config/firewall3/files/firewall.hotplug new file mode 100644 index 0000000000..a173b130bf --- /dev/null +++ b/package/network/config/firewall3/files/firewall.hotplug @@ -0,0 +1,8 @@ +#!/bin/sh + +[ "$ACTION" = ifup ] || exit 0 + +fw3 -q network "$INTERFACE" >/dev/null || exit 0 + +logger -t firewall "Restarting firewall due to ifup of $INTERFACE ($DEVICE)" +fw3 -q restart diff --git a/package/network/config/firewall3/files/firewall.init b/package/network/config/firewall3/files/firewall.init new file mode 100755 index 0000000000..bddbadd880 --- /dev/null +++ b/package/network/config/firewall3/files/firewall.init @@ -0,0 +1,17 @@ +#!/bin/sh /etc/rc.common + +START=19 + +boot() { + # Be silent on boot, firewall might be started by hotplug already, + # so don't complain in syslog. + fw3 -q start +} + +start() { + fw3 start +} + +stop() { + fw3 stop +}