fff-firewall: Add network to procd_add_reload_trigger
fff-firewall depends on network.wan.ifname. By adding network, changes there will invoke a firewall reload called by "reload-config". Scripts that play with "network" do not need pay attention to the firewall if "reload-config" is used. Signed-off-by: Robert Langhammer <rlanghammer@web.de>
This commit is contained in:
parent
f6c1e4da52
commit
ecc8719215
|
|
@ -1,7 +1,7 @@
|
|||
include $(TOPDIR)/rules.mk
|
||||
|
||||
PKG_NAME:=fff-firewall
|
||||
PKG_RELEASE:=5
|
||||
PKG_RELEASE:=6
|
||||
|
||||
PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)
|
||||
|
||||
|
|
|
|||
|
|
@ -7,22 +7,37 @@ USE_PROCD=1
|
|||
SERVICE_WRITE_PID=1
|
||||
SERVICE_DAEMONIZE=1
|
||||
|
||||
FIREWALL_DIR=/usr/lib/firewall.d
|
||||
|
||||
service_triggers()
|
||||
{
|
||||
procd_add_reload_trigger "fff-firewall"
|
||||
local script name
|
||||
|
||||
script=$(readlink -f "$initscript")
|
||||
name=$(basename ${script:-$initscript})
|
||||
|
||||
procd_add_reload_trigger "fff-firewall" "network"
|
||||
}
|
||||
|
||||
start_service()
|
||||
{
|
||||
local file
|
||||
|
||||
IF_WAN=$(uci get network.wan.ifname)
|
||||
|
||||
for file in ${FIREWALL_DIR}/*; do
|
||||
if [ -f "$file" ]; then
|
||||
. "$file"
|
||||
fi
|
||||
done
|
||||
procd_open_instance firewall
|
||||
procd_set_param command /usr/sbin/fff-firewall
|
||||
procd_close_instance
|
||||
}
|
||||
|
||||
reload_service()
|
||||
{
|
||||
echo "Explicitly restarting firewall"
|
||||
start
|
||||
}
|
||||
|
||||
stop_service()
|
||||
{
|
||||
ebtables -F
|
||||
ebtables -X
|
||||
|
||||
iptables -F
|
||||
iptables -X
|
||||
|
||||
ip6tables -F
|
||||
ip6tables -X
|
||||
}
|
||||
|
|
|
|||
|
|
@ -0,0 +1,11 @@
|
|||
#!/bin/sh
|
||||
|
||||
FIREWALL_DIR=/usr/lib/firewall.d
|
||||
IF_WAN=$(uci get network.wan.ifname)
|
||||
for file in ${FIREWALL_DIR}/*; do
|
||||
echo "running $file"
|
||||
if [ -f "$file" ]; then
|
||||
. "$file"
|
||||
fi
|
||||
done
|
||||
|
||||
Loading…
Reference in New Issue