projects / openwrt.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 1764da6)
add firewall protection for wan_device in addition to wan_ifname (fixes #852)
authornbd <nbd@3c298f89-4303-0410-b956-a3cf2f4a3e73>
Sun, 15 Oct 2006 23:04:23 +0000 (23:04 +0000)
committernbd <nbd@3c298f89-4303-0410-b956-a3cf2f4a3e73>
Sun, 15 Oct 2006 23:04:23 +0000 (23:04 +0000)
git-svn-id: svn://svn.openwrt.org/openwrt/trunk@5136 3c298f89-4303-0410-b956-a3cf2f4a3e73

package/iptables/files/firewall.init patch | blob | history

diff --git a/package/iptables/files/firewall.init b/package/iptables/files/firewall.init
index 1e39d05..4e8317d 100755 (executable)
--- a/package/iptables/files/firewall.init
+++ b/package/iptables/files/firewall.init
@@ -8,6 +8,7 @@ start() {
        scan_interfaces
        
        config_get WAN wan ifname
+       config_get WANDEV wan device
        config_get LAN lan ifname
        
        ## CLEAR TABLES
@@ -25,6 +26,7 @@ start() {
        
        iptables -N LAN_ACCEPT
        [ -z "$WAN" ] || iptables -A LAN_ACCEPT -i "$WAN" -j RETURN
+       [ -z "$WANDEV" -o "$WANDEV" = "$WAN" ] || iptables -A LAN_ACCEPT -i "$WANDEV" -j RETURN
        iptables -A LAN_ACCEPT -j ACCEPT
        
        ### INPUT
OpenWrt main development branch