projects / openwrt.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
add firewall protection for wan_device in addition to wan_ifname (fixes #852)
[openwrt.git] / package / iptables / files / firewall.init
diff --git a/package/iptables/files/firewall.init b/package/iptables/files/firewall.init
index 731485b..4e8317d 100755 (executable)
--- a/package/iptables/files/firewall.init
+++ b/package/iptables/files/firewall.init
@@ -2,12 +2,13 @@
 # Copyright (C) 2006 OpenWrt.org
 
 ## Please make changes in /etc/firewall.user
-
+START=45
 start() {
        include /lib/network
        scan_interfaces
        
        config_get WAN wan ifname
+       config_get WANDEV wan device
        config_get LAN lan ifname
        
        ## CLEAR TABLES
@@ -25,6 +26,7 @@ start() {
        
        iptables -N LAN_ACCEPT
        [ -z "$WAN" ] || iptables -A LAN_ACCEPT -i "$WAN" -j RETURN
+       [ -z "$WANDEV" -o "$WANDEV" = "$WAN" ] || iptables -A LAN_ACCEPT -i "$WANDEV" -j RETURN
        iptables -A LAN_ACCEPT -j ACCEPT
        
        ### INPUT
Personal OpenWRT clone
This page took 0.032075 seconds and 4 git commands to generate.