1 # Copyright (C) 2009-2010 OpenWrt.org
3 FW_LIBDIR=${FW_LIBDIR:-/lib/firewall}
14 echo "firewall already loaded" >&2
18 uci_set_state firewall core "" firewall_state
24 echo "Loading defaults"
25 fw_config_once fw_load_defaults defaults
28 config_foreach fw_load_zone zone
30 echo "Loading forwardings"
31 config_foreach fw_load_forwarding forwarding
34 config_foreach fw_load_rule rule
36 echo "Loading redirects"
37 config_foreach fw_load_redirect redirect
39 echo "Loading includes"
40 config_foreach fw_load_include include
42 [ -z "$FW_NOTRACK_DISABLED" ] && {
43 echo "Optimizing conntrack"
44 config_foreach fw_load_notrack_zone zone
47 echo "Loading interfaces"
48 config_foreach fw_configure_interface interface add
52 uci_set_state firewall core zones "$FW_ZONES"
53 uci_set_state firewall core loaded 1
62 config_get z core zones
64 config_get n core "${z}_networks"
66 config_get i core "${n}_ifname"
67 [ -n "$i" ] && env -i ACTION=remove ZONE="$z" \
68 INTERFACE="$n" DEVICE="$i" /sbin/hotplug-call firewall
71 config_get i core "${z}_tcpmss"
73 fw del i m FORWARD zone_${z}_MSSFIX
74 fw del i m zone_${z}_MSSFIX
82 uci_revert_state firewall
86 for h in $FW_HOOKS; do unset $h; done
102 local bool=$(uci_get_state firewall.core.loaded)
103 return $((! ${bool:-0}))
108 echo "Error:" "$@" >&2
116 [ -n "$2" ] && shift || level=notice
117 [ "$level" != error ] || echo "Error: $@" >&2
118 logger -t firewall -p user.$level "$@"
123 [ -z "$FW_INITIALIZED" ] || return 0
125 . $FW_LIBDIR/config.sh
128 fw_config_append firewall
130 local hooks="core stop defaults zone notrack synflood"
132 for file in $FW_LIBDIR/core_*.sh; do
134 hk=$(basename $file .sh)
138 for file in $FW_LIBDIR/*.sh; do
139 lib=$(basename $file .sh)
140 lib=${lib##[0-9][0-9]_}
142 core*|fw|config|uci_firewall) continue ;;
146 for pp in pre post; do
147 type ${lib}_${pp}_${hk}_cb >/dev/null && {
148 append FW_CB_${pp}_${hk} ${lib}
149 append FW_HOOKS FW_CB_${pp}_${hk}
155 fw_callback post init
projects / openwrt.git / blob