summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorblogic <blogic@3c298f89-4303-0410-b956-a3cf2f4a3e73>2008-08-11 20:46:17 +0000
committerblogic <blogic@3c298f89-4303-0410-b956-a3cf2f4a3e73>2008-08-11 20:46:17 +0000
commit4905eac3af7551044a074d4d7c3894c34488fd65 (patch)
tree5f13d050c58c822e001343acf9eb1534137f0dcb
parent671fedb27c673d83f253a938e743619601615709 (diff)
uci firewall
- remove implicit creation of zones, based on network interfaces git-svn-id: svn://svn.openwrt.org/openwrt/trunk@12281 3c298f89-4303-0410-b956-a3cf2f4a3e73
-rw-r--r--package/firewall/files/new/20-firewall4
-rwxr-xr-xpackage/firewall/files/new/uci_firewall.sh6
2 files changed, 1 insertions, 9 deletions
diff --git a/package/firewall/files/new/20-firewall b/package/firewall/files/new/20-firewall
index a8ce17c97..217e3f66b 100644
--- a/package/firewall/files/new/20-firewall
+++ b/package/firewall/files/new/20-firewall
@@ -20,9 +20,7 @@ load_zones() {
config_foreach load_zones zone
-IFACE=$(find_config $INTERFACE)
-[ -n "$IFACE" ] &&
- list_contains ZONE $IFACE || ZONE="$ZONE $IFACE"
+[ -z "$ZONE" ] && exit 0
[ ifup = "$ACTION" ] && {
for z in $ZONE; do
diff --git a/package/firewall/files/new/uci_firewall.sh b/package/firewall/files/new/uci_firewall.sh
index dcb9c100b..e1683e9cf 100755
--- a/package/firewall/files/new/uci_firewall.sh
+++ b/package/firewall/files/new/uci_firewall.sh
@@ -91,10 +91,6 @@ load_synflood() {
$IPTABLES -A INPUT -p tcp --syn -j SYN_FLOOD
}
-create_network_zone() {
- create_zone "$1" "$1"
-}
-
fw_defaults() {
load_policy $1
DEF_INPUT=$input
@@ -261,8 +257,6 @@ fw_init() {
config_foreach fw_defaults defaults
echo "Loading zones"
config_foreach fw_zone zone
- echo "Loading interfaces"
- config_foreach create_network_zone interface
echo "Loading rules"
config_foreach fw_rule rule
echo "Loading forwarding"