diff options
author | blogic <blogic@3c298f89-4303-0410-b956-a3cf2f4a3e73> | 2008-08-11 20:46:17 +0000 |
---|---|---|
committer | blogic <blogic@3c298f89-4303-0410-b956-a3cf2f4a3e73> | 2008-08-11 20:46:17 +0000 |
commit | 4905eac3af7551044a074d4d7c3894c34488fd65 (patch) | |
tree | 5f13d050c58c822e001343acf9eb1534137f0dcb | |
parent | 671fedb27c673d83f253a938e743619601615709 (diff) |
uci firewall
- remove implicit creation of zones, based on network interfaces
git-svn-id: svn://svn.openwrt.org/openwrt/trunk@12281 3c298f89-4303-0410-b956-a3cf2f4a3e73
-rw-r--r-- | package/firewall/files/new/20-firewall | 4 | ||||
-rwxr-xr-x | package/firewall/files/new/uci_firewall.sh | 6 |
2 files changed, 1 insertions, 9 deletions
diff --git a/package/firewall/files/new/20-firewall b/package/firewall/files/new/20-firewall index a8ce17c97..217e3f66b 100644 --- a/package/firewall/files/new/20-firewall +++ b/package/firewall/files/new/20-firewall @@ -20,9 +20,7 @@ load_zones() { config_foreach load_zones zone -IFACE=$(find_config $INTERFACE) -[ -n "$IFACE" ] && - list_contains ZONE $IFACE || ZONE="$ZONE $IFACE" +[ -z "$ZONE" ] && exit 0 [ ifup = "$ACTION" ] && { for z in $ZONE; do diff --git a/package/firewall/files/new/uci_firewall.sh b/package/firewall/files/new/uci_firewall.sh index dcb9c100b..e1683e9cf 100755 --- a/package/firewall/files/new/uci_firewall.sh +++ b/package/firewall/files/new/uci_firewall.sh @@ -91,10 +91,6 @@ load_synflood() { $IPTABLES -A INPUT -p tcp --syn -j SYN_FLOOD } -create_network_zone() { - create_zone "$1" "$1" -} - fw_defaults() { load_policy $1 DEF_INPUT=$input @@ -261,8 +257,6 @@ fw_init() { config_foreach fw_defaults defaults echo "Loading zones" config_foreach fw_zone zone - echo "Loading interfaces" - config_foreach create_network_zone interface echo "Loading rules" config_foreach fw_rule rule echo "Loading forwarding" |