summaryrefslogtreecommitdiff
path: root/package/iptables/files/firewall.init
diff options
context:
space:
mode:
authorFelix Fietkau <nbd@openwrt.org>2006-10-15 23:04:23 +0000
committerFelix Fietkau <nbd@openwrt.org>2006-10-15 23:04:23 +0000
commitafd6539a653f4127d816f225b9b793fccb848ff2 (patch)
tree425569a8180b5d13c4f9b59e3db1babe9aa64713 /package/iptables/files/firewall.init
parent5ef8d0eae75ab9c2372048d7bd8866fa89af5263 (diff)
downloadmtk-20170518-afd6539a653f4127d816f225b9b793fccb848ff2.zip
mtk-20170518-afd6539a653f4127d816f225b9b793fccb848ff2.tar.gz
mtk-20170518-afd6539a653f4127d816f225b9b793fccb848ff2.tar.bz2
add firewall protection for wan_device in addition to wan_ifname (fixes #852)
SVN-Revision: 5136
Diffstat (limited to 'package/iptables/files/firewall.init')
-rwxr-xr-xpackage/iptables/files/firewall.init2
1 files changed, 2 insertions, 0 deletions
diff --git a/package/iptables/files/firewall.init b/package/iptables/files/firewall.init
index 1e39d05..4e8317d 100755
--- a/package/iptables/files/firewall.init
+++ b/package/iptables/files/firewall.init
@@ -8,6 +8,7 @@ start() {
scan_interfaces
config_get WAN wan ifname
+ config_get WANDEV wan device
config_get LAN lan ifname
## CLEAR TABLES
@@ -25,6 +26,7 @@ start() {
iptables -N LAN_ACCEPT
[ -z "$WAN" ] || iptables -A LAN_ACCEPT -i "$WAN" -j RETURN
+ [ -z "$WANDEV" -o "$WANDEV" = "$WAN" ] || iptables -A LAN_ACCEPT -i "$WANDEV" -j RETURN
iptables -A LAN_ACCEPT -j ACCEPT
### INPUT