-# Copyright (C) 2009-2011 OpenWrt.org
+# Copyright (C) 2009-2012 OpenWrt.org
fw__uci_state_add() {
local var="$1"
local item="$2"
- local list="$(uci_get_state firewall core $var)"
- list=" ${list:+$list }"
-
- for item in $item; do
- case "$list" in
- "* $item *") continue;;
- *) list="$list$item ";;
- esac
+ local val="$(uci_get_state firewall core $var)"
+ local e1; for e1 in $item; do
+ local e2; for e2 in $val; do
+ [ "$e1" = "$e2" ] && e1=""
+ done
+ val="${val:+$val${e1:+ }}$e1"
done
- list="${list% }"
- list="${list# }"
-
- uci_revert_state firewall core $var
- uci_set_state firewall core $var "$list"
+ uci_toggle_state firewall core $var "$val"
}
fw__uci_state_del() {
local var="$1"
local item="$2"
- echo "del[$item]"
-
- local list val
- for val in $(uci_get_state firewall core "$var" | sort -u); do
- list="${list:+$list }$val"
- done
-
- echo "list[$list]"
-
- uci_revert_state firewall core $var
-
- [ -n "$list" ] && {
- list=" $list "
-
- for item in $item; do
- list="${list// $item / }"
+ local rest=""
+ local val="$(uci_get_state firewall core $var)"
+ local e1; for e1 in $val; do
+ local e2; for e2 in $item; do
+ [ "$e1" = "$e2" ] && e1=""
done
+ rest="${rest:+$rest${e1:+ }}$e1"
+ done
- list="${list# }"
- list="${list% }"
-
- echo "list2[$list]"
-
- uci_set_state firewall core $var "$list"
- }
+ uci_toggle_state firewall core $var "$rest"
}
fw_configure_interface() {
fw $action $mode f ${chain}_REJECT reject $ { -o "$ifname" $onet }
fw $action $mode f ${chain}_REJECT reject $ { -i "$ifname" $inet }
- fw $action $mode f ${chain}_MSSFIX TCPMSS $ { -o "$ifname" -p tcp --tcp-flags SYN,RST SYN --clamp-mss-to-pmtu $onet }
+ [ "$(uci_get_state firewall core "${zone}_tcpmss")" == 1 ] && \
+ fw $action $mode m ${chain}_MSSFIX TCPMSS $ \
+ { -o "$ifname" -p tcp --tcp-flags SYN,RST SYN --clamp-mss-to-pmtu $onet }
fw $action $mode f input ${chain} $ { -i "$ifname" $inet }
fw $action $mode f forward ${chain}_forward $ { -i "$ifname" $inet }
fw_sysctl_interface $ifname
fw_callback post interface
- uci_set_state firewall core "${iface}_aliases" "$aliases"
+ uci_toggle_state firewall core "${iface}_aliases" "$aliases"
} || {
local subnets=
config_get subnets core "${iface}_subnets"
append subnets "$aliasnet"
config_set core "${iface}_subnets" "$subnets"
- uci_set_state firewall core "${iface}_subnets" "$subnets"
+ uci_toggle_state firewall core "${iface}_subnets" "$subnets"
}
local new_zones=
}
config_foreach load_zone zone
- uci_set_state firewall core "${iface}_zone" "$new_zones"
- uci_set_state firewall core "${iface}_ifname" "$ifname"
+ uci_toggle_state firewall core "${iface}_zone" "$new_zones"
+ uci_toggle_state firewall core "${iface}_ifname" "$ifname"
}
fw_sysctl_interface() {
projects / openwrt.git / blobdiff