-#!/bin/sh
-
-miniupnpd_add_rules() {
- local zone="$1"
- local network="$2"
- local iface="$3"
-
- miniupnpd_remove_rules
-
- logger -t miniupnpd "adding firewall rules for $iface to zone $zone"
-
- iptables -t nat -N MINIUPNPD 2>/dev/null
- iptables -t nat -I zone_${zone}_prerouting -i $iface -j MINIUPNPD
- iptables -t filter -N MINIUPNPD 2>/dev/null
- iptables -t filter -I zone_${zone}_forward -i $iface ! -o $iface -j MINIUPNPD
-
- uci_set_state upnpd state "" state
- uci_set_state upnpd state zone "$zone"
- uci_set_state upnpd state ifname "$iface"
- uci_set_state upnpd state network "$network"
-}
-
-miniupnpd_remove_rules() {
- local zone="$(uci_get_state upnpd state zone)"
- local iface="$(uci_get_state upnpd state ifname)"
-
- [ -n "$zone" ] && [ -n "$iface" ] && {
- logger -t miniupnpd "removing firewall rules for $iface from zone $zone"
-
- while iptables -t nat -D zone_${zone}_prerouting \
- -i $iface -j MINIUPNPD 2>/dev/null; do :; done
-
- while iptables -t filter -D zone_${zone}_forward \
- -i $iface ! -o $iface -j MINIUPNPD 2>/dev/null; do :; done
- }
-
- uci_revert_state upnpd
-}
-
-/etc/init.d/miniupnpd enabled && [ -n "`pidof miniupnpd`" ] && {
-
- local extif="$(uci_get upnpd config external_iface)"
- local curif="$(uci_get_state upnpd state network)"
-
- if [ "$ACTION" = "add" ] && [ "$INTERFACE" = "$extif" ]; then
- miniupnpd_add_rules "$ZONE" "$INTERFACE" "$DEVICE"
- elif [ "$ACTION" = "remove" ] && [ "$INTERFACE" = "$curif" ]; then
- miniupnpd_remove_rules
- fi
-}