X-Git-Url: https://git.archive.openwrt.org/?p=project%2Fluci.git;a=blobdiff_plain;f=applications%2Fluci-siitwizard%2Fluasrc%2Fmodel%2Fcbi%2Fsiitwizard.lua;h=ca6ed20f887c2ca6ff9aba14d3fd259f92ecc5d3;hp=a6b4050cef9ce8238df02f4ce0734f599e4fa0ae;hb=e1bd71a8250c20df1833cf35874cc496ca842bf2;hpb=3ecec3ddbf9bdec6cab0a775f4f419ec4a862369

diff --git a/applications/luci-siitwizard/luasrc/model/cbi/siitwizard.lua b/applications/luci-siitwizard/luasrc/model/cbi/siitwizard.lua
index a6b4050ce..ca6ed20f8 100644
--- a/applications/luci-siitwizard/luasrc/model/cbi/siitwizard.lua
+++ b/applications/luci-siitwizard/luasrc/model/cbi/siitwizard.lua
@@ -21,8 +21,8 @@ f = SimpleForm("siitwizward", "4over6-Assistent",
  "Dieser Assistent unterstÃ¼zt bei der Einrichtung von IPv4-over-IPv6 Translation.")
 
 mode = f:field(ListValue, "mode", "Betriebsmodus")
-mode:value("gateway", "Gateway")
 mode:value("client", "Client")
+mode:value("gateway", "Gateway")
 
 dev = f:field(ListValue, "device", "WLAN-GerÃ¤t")
 uci:foreach("wireless", "wifi-device",
@@ -168,8 +168,57 @@ function mode.write(self, section, value)
 			siit_prefix .. "/" .. (96 + lan_net:prefix())
 		):add(lan_net[2])
 
+		-- ipv4 <-> siit route
+		uci:delete_all("network", "route",
+			function(s) return s.interface == "siit0" end)
+
+		uci:section("network", "route", nil, {
+			interface = "siit0",
+			target    = "0.0.0.0",
+			netmask   = "0.0.0.0"
+		})
 	end
 
+	-- setup the firewall
+	uci:delete_all("firewall", "zone",
+		function(s) return (
+			s['.name'] == "siit0" or s.name == "siit0" or
+			s.network == "siit0" or	s['.name'] == wifi_device or
+			s.name == wifi_device or s.network == wifi_device
+		) end)
+
+	uci:delete_all("firewall", "forwarding",
+		function(s) return (
+			s.src == wifi_device and s.dest == "siit0" or
+			s.dest == wifi_device and s.src == "siit0"
+		) end)
+
+	uci:section("firewall", "zone", "siit0", {
+		name    = "siit0",
+		network = "siit0",
+		input   = "ACCEPT",
+		output  = "ACCEPT",
+		forward = "ACCEPT"
+	})
+
+	uci:section("firewall", "zone", wifi_device, {
+		name    = wifi_device,
+		network = wifi_device,
+		input   = "ACCEPT",
+		output  = "ACCEPT",
+		forward = "ACCEPT"
+	})
+
+	uci:section("firewall", "forwarding", nil, {
+		src  = wifi_device,
+		dest = "siit0"
+	})
+
+	uci:section("firewall", "forwarding", nil, {
+		src  = "siit0",
+		dest = wifi_device
+	})
+
 	-- siit0 interface
 	uci:delete_all("network", "interface",
 		function(s) return ( s.ifname == "siit0" ) end)
@@ -225,6 +274,7 @@ function mode.write(self, section, value)
 	})
 
 	uci:save("wireless")
+	uci:save("firewall")
 	uci:save("network")
 	uci:save("olsrd")
 end