1 # Copyright (C) 2009-2010 OpenWrt.org
3 FW_LIBDIR
=${FW_LIBDIR:-/lib/firewall}
14 echo "firewall already loaded" >&2
18 lock
/var
/lock
/firewall.start
20 uci_set_state firewall core
"" firewall_state
26 echo "Loading defaults"
27 fw_config_once fw_load_defaults defaults
30 config_foreach fw_load_zone zone
32 echo "Loading forwardings"
33 config_foreach fw_load_forwarding forwarding
35 echo "Loading redirects"
36 config_foreach fw_load_redirect redirect
39 config_foreach fw_load_rule rule
41 echo "Loading includes"
42 config_foreach fw_load_include include
44 [ -n "$FW_NOTRACK_DISABLED" ] && {
45 echo "Optimizing conntrack"
46 config_foreach fw_load_notrack_zone zone
49 echo "Loading interfaces"
50 config_foreach fw_configure_interface interface add
54 uci_set_state firewall core loaded
1
56 lock
-u /var
/lock
/firewall.start
68 uci_revert_state firewall
72 for h
in $FW_HOOKS; do unset $h; done
88 local bool
=$
(uci_get_state firewall.core.loaded
)
89 return $
((! ${bool:-0}))
94 echo "Error:" "$@" >&2
97 lock
-u /var
/lock
/firewall.start
107 logger
-t firewall
-p user.
$level "$@"
112 [ -z "$FW_INITIALIZED" ] ||
return 0
114 .
$FW_LIBDIR/config.sh
117 fw_config_append firewall
119 local hooks
="core stop defaults zone notrack synflood"
121 for file in $FW_LIBDIR/core_
*.sh
; do
123 hk
=$
(basename $file .sh
)
127 for file in $FW_LIBDIR/*.sh
; do
128 lib
=$
(basename $file .sh
)
129 lib
=${lib##[0-9][0-9]_}
131 core
*|fw|config|uci_firewall
) continue ;;
135 for pp
in pre post
; do
136 type ${lib}_${pp}_${hk}_cb
>/dev
/null
&& {
137 append FW_CB_
${pp}_${hk} ${lib}
138 append FW_HOOKS FW_CB_
${pp}_
${hk}
144 fw_callback post init