X-Git-Url: https://git.rohieb.name/openwrt.git/blobdiff_plain/b12a3e34a3cc1a92850a377c95296b2fb1f74133..f8c4b35cc4bb2e3ddba5aef51fc3327fe6bc3435:/package/firewall/files/lib/core_interface.sh

diff --git a/package/firewall/files/lib/core_interface.sh b/package/firewall/files/lib/core_interface.sh
index ed6a4b150..8023e7fb8 100644
--- a/package/firewall/files/lib/core_interface.sh
+++ b/package/firewall/files/lib/core_interface.sh
@@ -1,25 +1,34 @@
-# Copyright (C) 2009-2010 OpenWrt.org
+# Copyright (C) 2009-2011 OpenWrt.org
 
 fw__uci_state_add() {
 	local var="$1"
 	local item="$2"
 
-	local val=" $(uci_get_state firewall core $var) "
-	val="${val// $item / }"
-	val="${val# }"
-	val="${val% }"
-	uci_set_state firewall core $var "${val:+$val }$item"
+	local val="$(uci_get_state firewall core $var)"
+	local e1; for e1 in $item; do
+		local e2; for e2 in $val; do
+			[ "$e1" = "$e2" ] && e1=""
+		done
+		val="${val:+$val${e1:+ }}$e1"
+	done
+
+	uci_toggle_state firewall core $var "$val"
 }
 
 fw__uci_state_del() {
 	local var="$1"
 	local item="$2"
 
-	local val=" $(uci_get_state firewall core $var) "
-	val="${val// $item / }"
-	val="${val# }"
-	val="${val% }"
-	uci_set_state firewall core $var "$val"
+	local rest=""
+	local val="$(uci_get_state firewall core $var)"
+	local e1; for e1 in $val; do
+		local e2; for e2 in $item; do
+			[ "$e1" = "$e2" ] && e1=""
+		done
+		rest="${rest:+$rest${e1:+ }}$e1"
+	done
+
+	uci_toggle_state firewall core $var "$val"
 }
 
 fw_configure_interface() {
@@ -87,7 +96,9 @@ fw_configure_interface() {
 		fw $action $mode f ${chain}_REJECT reject $ { -o "$ifname" $onet }
 		fw $action $mode f ${chain}_REJECT reject $ { -i "$ifname" $inet }
 
-		fw $action $mode f ${chain}_MSSFIX TCPMSS  $ { -o "$ifname" -p tcp --tcp-flags SYN,RST SYN --clamp-mss-to-pmtu $onet }
+		[ "$(uci_get_state firewall core "${zone}_tcpmss")" == 1 ] && \
+			fw $action $mode m ${chain}_MSSFIX TCPMSS $ \
+				{ -o "$ifname" -p tcp --tcp-flags SYN,RST SYN --clamp-mss-to-pmtu $onet }
 
 		fw $action $mode f input   ${chain}         $ { -i "$ifname" $inet }
 		fw $action $mode f forward ${chain}_forward $ { -i "$ifname" $inet }
@@ -152,14 +163,14 @@ fw_configure_interface() {
 		fw_sysctl_interface $ifname
 		fw_callback post interface
 
-		uci_set_state firewall core "${iface}_aliases" "$aliases"
+		uci_toggle_state firewall core "${iface}_aliases" "$aliases"
 	} || {
 		local subnets=
 		config_get subnets core "${iface}_subnets"
 		append subnets "$aliasnet"
 
 		config_set core "${iface}_subnets" "$subnets"
-		uci_set_state firewall core "${iface}_subnets" "$subnets"
+		uci_toggle_state firewall core "${iface}_subnets" "$subnets"
 	}
 
 	local new_zones=
@@ -178,8 +189,8 @@ fw_configure_interface() {
 	}
 	config_foreach load_zone zone
 
-	uci_set_state firewall core "${iface}_zone" "$new_zones"
-	uci_set_state firewall core "${iface}_ifname" "$ifname"
+	uci_toggle_state firewall core "${iface}_zone" "$new_zones"
+	uci_toggle_state firewall core "${iface}_ifname" "$ifname"
 }
 
 fw_sysctl_interface() {