diff options
-rw-r--r-- | package/firewall/Makefile | 2 | ||||
-rw-r--r-- | package/firewall/files/firewall.hotplug | 16 | ||||
-rwxr-xr-x | package/firewall/files/firewall.init | 4 | ||||
-rw-r--r-- | package/firewall/files/lib/core.sh | 5 | ||||
-rw-r--r-- | package/firewall/files/lib/core_interface.sh | 12 |
5 files changed, 12 insertions, 27 deletions
diff --git a/package/firewall/Makefile b/package/firewall/Makefile index 3b37c87..1a7216c 100644 --- a/package/firewall/Makefile +++ b/package/firewall/Makefile @@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=firewall PKG_VERSION:=2 -PKG_RELEASE:=2 +PKG_RELEASE:=3 include $(INCLUDE_DIR)/package.mk diff --git a/package/firewall/files/firewall.hotplug b/package/firewall/files/firewall.hotplug index bc75e42..ac84695 100644 --- a/package/firewall/files/firewall.hotplug +++ b/package/firewall/files/firewall.hotplug @@ -3,26 +3,20 @@ # HOTPLUG_TYPE=iface, triggered by various scripts when an interface # is configured (ACTION=ifup) or deconfigured (ACTION=ifdown). The # interface is available as INTERFACE, the real device as DEVICE. -. /etc/functions.sh [ "$DEVICE" == "lo" ] && exit 0 +. /etc/functions.sh . /lib/firewall/core.sh -fw_init -# Wait for firewall if startup is in progress -lock -w /var/lock/firewall.start +fw_init +fw_is_loaded || exit 0 case "$ACTION" in ifup) - fw_is_loaded && { - fw_configure_interface "$INTERFACE" add "$DEVICE" & - } || { - /etc/init.d/firewall enabled && fw_start & - } + fw_configure_interface "$INTERFACE" add "$DEVICE" & ;; ifdown) - fw_is_loaded && fw_configure_interface "$INTERFACE" del "$DEVICE" & + fw_configure_interface "$INTERFACE" del "$DEVICE" & ;; esac - diff --git a/package/firewall/files/firewall.init b/package/firewall/files/firewall.init index d04804d..a2fd0a0 100755 --- a/package/firewall/files/firewall.init +++ b/package/firewall/files/firewall.init @@ -1,5 +1,5 @@ #!/bin/sh /etc/rc.common -# Copyright (C) 2008 OpenWrt.org +# Copyright (C) 2008-2010 OpenWrt.org START=45 @@ -10,8 +10,6 @@ fw() { fw_$1 } -boot() { :; } - start() { fw start } diff --git a/package/firewall/files/lib/core.sh b/package/firewall/files/lib/core.sh index 5f06ffe..5880cd3 100644 --- a/package/firewall/files/lib/core.sh +++ b/package/firewall/files/lib/core.sh @@ -15,8 +15,6 @@ fw_start() { exit 1 } - lock /var/lock/firewall.start - uci_set_state firewall core "" firewall_state fw_clear DROP @@ -52,8 +50,6 @@ fw_start() { fw_callback post core uci_set_state firewall core loaded 1 - - lock -u /var/lock/firewall.start } fw_stop() { @@ -94,7 +90,6 @@ fw_die() { echo "Error:" "$@" >&2 fw_log error "$@" fw_stop - lock -u /var/lock/firewall.start exit 1 } diff --git a/package/firewall/files/lib/core_interface.sh b/package/firewall/files/lib/core_interface.sh index 9da6739..9b35c8b 100644 --- a/package/firewall/files/lib/core_interface.sh +++ b/package/firewall/files/lib/core_interface.sh @@ -5,14 +5,12 @@ fw_configure_interface() { local action=$2 local ifname=$3 - local status; - config_get_bool status "$iface" up "0" - [ "$status" == 1 ] || return 0 - - [ -n "$ifname" ] || { - config_get ifname "$iface" ifname - ifname=${ifname:-$iface} + [ "$action" == "add" ] && { + local status=$(uci_get_state network "$iface" up 0) + [ "$status" == 1 ] || return 0 } + + [ -n "$ifname" ] || ifname=$(uci_get_state network "$iface" ifname "$iface") [ "$ifname" == "lo" ] && return 0 fw_callback pre interface |