projects
/
openwrt.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
add firewall protection for wan_device in addition to wan_ifname (fixes #852)
[openwrt.git]
/
package
/
iptables
/
files
/
firewall.init
diff --git
a/package/iptables/files/firewall.init
b/package/iptables/files/firewall.init
index
731485b
..
4e8317d
100755
(executable)
--- a/
package/iptables/files/firewall.init
+++ b/
package/iptables/files/firewall.init
@@
-2,12
+2,13
@@
# Copyright (C) 2006 OpenWrt.org
## Please make changes in /etc/firewall.user
# Copyright (C) 2006 OpenWrt.org
## Please make changes in /etc/firewall.user
-
+START=45
start() {
include /lib/network
scan_interfaces
config_get WAN wan ifname
start() {
include /lib/network
scan_interfaces
config_get WAN wan ifname
+ config_get WANDEV wan device
config_get LAN lan ifname
## CLEAR TABLES
config_get LAN lan ifname
## CLEAR TABLES
@@
-25,6
+26,7
@@
start() {
iptables -N LAN_ACCEPT
[ -z "$WAN" ] || iptables -A LAN_ACCEPT -i "$WAN" -j RETURN
iptables -N LAN_ACCEPT
[ -z "$WAN" ] || iptables -A LAN_ACCEPT -i "$WAN" -j RETURN
+ [ -z "$WANDEV" -o "$WANDEV" = "$WAN" ] || iptables -A LAN_ACCEPT -i "$WANDEV" -j RETURN
iptables -A LAN_ACCEPT -j ACCEPT
### INPUT
iptables -A LAN_ACCEPT -j ACCEPT
### INPUT
This page took
0.023137 seconds
and
4
git commands to generate.