From 2511f6c99c206d6bf99dcdc821d1a22152c93508 Mon Sep 17 00:00:00 2001 From: Matthias Schiffer Date: Sat, 28 Sep 2013 22:03:20 +0200 Subject: [PATCH] Add ebtables package --- gluon/gluon-ebtables/Makefile | 36 +++++++++ .../files/etc/init.d/gluon-ebtables | 74 +++++++++++++++++++ .../files/lib/gluon/ebtables/.keep | 0 3 files changed, 110 insertions(+) create mode 100644 gluon/gluon-ebtables/Makefile create mode 100755 gluon/gluon-ebtables/files/etc/init.d/gluon-ebtables create mode 100644 gluon/gluon-ebtables/files/lib/gluon/ebtables/.keep diff --git a/gluon/gluon-ebtables/Makefile b/gluon/gluon-ebtables/Makefile new file mode 100644 index 0000000..64a18e7 --- /dev/null +++ b/gluon/gluon-ebtables/Makefile @@ -0,0 +1,36 @@ +include $(TOPDIR)/rules.mk + +PKG_NAME:=gluon-ebtables +PKG_VERSION:=0.3.2.99 +PKG_RELEASE:=1 + +PKG_BUILD_DIR := $(BUILD_DIR)/$(PKG_NAME) + +include $(INCLUDE_DIR)/package.mk + +define Package/gluon-ebtables + SECTION:=gluon + CATEGORY:=Gluon + TITLE:=Ebtables support + DEPENDS:=+gluon-core +ebtables +kmod-ebtables-ipv4 +kmod-ebtables-ipv6 +endef + +define Package/gluon-ebtables/description + Gluon community wifi mesh firmware framework: ebtables support +endef + +define Build/Prepare + mkdir -p $(PKG_BUILD_DIR) +endef + +define Build/Configure +endef + +define Build/Compile +endef + +define Package/gluon-ebtables/install + $(CP) ./files/* $(1)/ +endef + +$(eval $(call BuildPackage,gluon-ebtables)) diff --git a/gluon/gluon-ebtables/files/etc/init.d/gluon-ebtables b/gluon/gluon-ebtables/files/etc/init.d/gluon-ebtables new file mode 100755 index 0000000..cbc3d6a --- /dev/null +++ b/gluon/gluon-ebtables/files/etc/init.d/gluon-ebtables @@ -0,0 +1,74 @@ +#!/bin/sh /etc/rc.common +# Copyright (C) 2013 Project Gluon +# +# Firewall script for inserting and removing ebtables rules. +# +# Example format, for filtering any IPv4 multicast packets to the SSDP UDP port: +# rule FORWARD --logical-out br-client -d Multicast -p IPv4 --ip-protocol udp --ip-destination-port 5355 -j DROP +# +# Removing all rules: +# $ ./firewall-ebtables stop +# Inserting all rules: +# $ ./firewall-ebtables start +# Inserting a specific rule file: +# $ ./firewall-ebtables start /lib/gluon/ebtables/100-mcast-chain +# Removing a specific rule file: +# $ ./firewall-ebtables stop /lib/gluon/ebtables/100-mcast-chain + + +START=19 +STOP=91 + + +exec_file() { + local file="$1" + + sh -c " + eval 'rule() { + $EBTABLES_RULE + }' + eval 'chain() { + $EBTABLES_CHAIN + }' + source \"$1\" + " - "$file" +} + +exec_all() { + local sort_arg="$1" + + local old_ifs="$IFS" + IFS=' +' + for file in `find /lib/gluon/ebtables -type f | sort $sort_arg`; do + exec_file "$file" + done + IFS="$old_ifs" +} + + +start() { + ( + export EBTABLES_RULE='ebtables -A "$@"' + export EBTABLES_CHAIN='ebtables -N "$1" -P "$2"' + + if [ -z "$1" ]; then + exec_all '' + else + exec_file "$1" + fi + ) +} + +stop() { + ( + export EBTABLES_RULE='ebtables -D "$@"' + export EBTABLES_CHAIN='ebtables -X "$1"' + + if [ -z "$1" ]; then + exec_all '-r' + else + exec_file "$1" + fi + ) +} diff --git a/gluon/gluon-ebtables/files/lib/gluon/ebtables/.keep b/gluon/gluon-ebtables/files/lib/gluon/ebtables/.keep new file mode 100644 index 0000000..e69de29