X-Git-Url: https://git.rohieb.name/openwrt.git/blobdiff_plain/f52d66ff00b24111f87c274d3d7085ef2e1d27b1..28398504ad0bb396806c5499248e3a947851333e:/package/iptables/files/firewall.init

diff --git a/package/iptables/files/firewall.init b/package/iptables/files/firewall.init
index 731485bcd..6f1ba8b15 100755
--- a/package/iptables/files/firewall.init
+++ b/package/iptables/files/firewall.init
@@ -2,12 +2,13 @@
 # Copyright (C) 2006 OpenWrt.org
 
 ## Please make changes in /etc/firewall.user
-
+START=45
 start() {
 	include /lib/network
 	scan_interfaces
 	
 	config_get WAN wan ifname
+	config_get WANDEV wan device
 	config_get LAN lan ifname
 	
 	## CLEAR TABLES
@@ -25,6 +26,7 @@ start() {
 	
 	iptables -N LAN_ACCEPT
 	[ -z "$WAN" ] || iptables -A LAN_ACCEPT -i "$WAN" -j RETURN
+	[ -z "$WANDEV" -o "$WANDEV" = "$WAN" ] || iptables -A LAN_ACCEPT -i "$WANDEV" -j RETURN
 	iptables -A LAN_ACCEPT -j ACCEPT
 	
 	### INPUT
@@ -85,7 +87,7 @@ start() {
 	iptables -A FORWARD -j forwarding_rule
 	
 	# allow
-	iptables -A FORWARD -i br0 -o br0 -j ACCEPT
+	iptables -A FORWARD -i $LAN -o $LAN -j ACCEPT
 	[ -z "$WAN" ] || iptables -A FORWARD -i $LAN -o $WAN -j ACCEPT
 	
 	# reject (what to do with anything not allowed earlier)
@@ -99,6 +101,7 @@ start() {
 	## USER RULES
 	[ -f /etc/firewall.user ] && . /etc/firewall.user
 	[ -n "$WAN" -a -e /etc/config/firewall ] && {
+		export WAN
 		awk -f /usr/lib/common.awk -f /usr/lib/firewall.awk /etc/config/firewall | ash
 	}
 }