- -- Get the network information
- bindport, rtprange, ipaddr, externhost = get_network_info()
-
- commit = false
- -- Only if externhost is set, do we control firewall rules.
- if externhost ~= nil and bindport ~= nil and rtprange ~= nil then
- -- Insert empty PBX-SIP and PBX-RTP rules if not present.
- insert_empty_sip_rtp_rules ("firewall", "rule")
-
- -- Iterate through the firewall rules, and if the dest_port and dest_ip setting of the\
- -- SIP and RTP rule do not match what we want configured, set all the entries in the rule\
- -- appropriately.
- m.uci:foreach("firewall", "rule",
- function(s1)
- if s1._name == 'PBX-SIP' then
- if s1.dest_port ~= bindport then
- m.uci:set("firewall", s1['.name'], "dest_port", bindport)
- m.uci:set("firewall", s1['.name'], "src", "wan")
- m.uci:set("firewall", s1['.name'], "proto", "udp")
- m.uci:set("firewall", s1['.name'], "target", "ACCEPT")
- commit = true
- end
- elseif s1._name == 'PBX-RTP' then
- if s1.dest_port ~= rtprange then
- m.uci:set("firewall", s1['.name'], "dest_port", rtprange)
- m.uci:set("firewall", s1['.name'], "src", "wan")
- m.uci:set("firewall", s1['.name'], "proto", "udp")
- m.uci:set("firewall", s1['.name'], "target", "ACCEPT")
- commit = true
- end
- end
- end)
- else
- -- We delete the firewall rules if one or more of the necessary parameters are not set.
- sip_rule_name=nil
- rtp_rule_name=nil
-
- -- First discover the configuration names of the rules.
- m.uci:foreach("firewall", "rule",
- function(s1)
- if s1._name == 'PBX-SIP' then
- sip_rule_name = s1['.name']
- elseif s1._name == 'PBX-RTP' then
- rtp_rule_name = s1['.name']
- end
- end)
-
- -- Then, using the names, actually delete the rules.
- if sip_rule_name ~= nil then
- m.uci:delete("firewall", sip_rule_name)
- commit = true
- end
- if rtp_rule_name ~= nil then
- m.uci:delete("firewall", rtp_rule_name)
- commit = true
- end
- end
-
- -- If something changed, then we commit the firewall config.
- if commit == true then m.uci:commit("firewall") end
+ -- Get the network information
+ bindport, rtprange, ipaddr, externhost = get_network_info()
+
+ commit = false
+ -- Only if externhost is set, do we control firewall rules.
+ if externhost ~= nil and bindport ~= nil and rtprange ~= nil then
+ -- Insert empty PBX-SIP and PBX-RTP rules if not present.
+ insert_empty_sip_rtp_rules ("firewall", "rule")
+
+ -- Iterate through the firewall rules, and if the dest_port and dest_ip setting of the\
+ -- SIP and RTP rule do not match what we want configured, set all the entries in the rule\
+ -- appropriately.
+ m.uci:foreach("firewall", "rule",
+ function(s1)
+ if s1._name == 'PBX-SIP' then
+ if s1.dest_port ~= bindport then
+ m.uci:set("firewall", s1['.name'], "dest_port", bindport)
+ m.uci:set("firewall", s1['.name'], "src", "wan")
+ m.uci:set("firewall", s1['.name'], "proto", "udp")
+ m.uci:set("firewall", s1['.name'], "target", "ACCEPT")
+ commit = true
+ end
+ elseif s1._name == 'PBX-RTP' then
+ if s1.dest_port ~= rtprange then
+ m.uci:set("firewall", s1['.name'], "dest_port", rtprange)
+ m.uci:set("firewall", s1['.name'], "src", "wan")
+ m.uci:set("firewall", s1['.name'], "proto", "udp")
+ m.uci:set("firewall", s1['.name'], "target", "ACCEPT")
+ commit = true
+ end
+ end
+ end)
+ else
+ -- We delete the firewall rules if one or more of the necessary parameters are not set.
+ sip_rule_name=nil
+ rtp_rule_name=nil
+
+ -- First discover the configuration names of the rules.
+ m.uci:foreach("firewall", "rule",
+ function(s1)
+ if s1._name == 'PBX-SIP' then
+ sip_rule_name = s1['.name']
+ elseif s1._name == 'PBX-RTP' then
+ rtp_rule_name = s1['.name']
+ end
+ end)
+
+ -- Then, using the names, actually delete the rules.
+ if sip_rule_name ~= nil then
+ m.uci:delete("firewall", sip_rule_name)
+ commit = true
+ end
+ if rtp_rule_name ~= nil then
+ m.uci:delete("firewall", rtp_rule_name)
+ commit = true
+ end
+ end
+
+ -- If something changed, then we commit the firewall config.
+ if commit == true then m.uci:commit("firewall") end