1 # Copyright (C) 2009-2010 OpenWrt.org
3 FW_LIBDIR=${FW_LIBDIR:-/lib/firewall}
14 echo "firewall already loaded" >&2
18 uci_set_state firewall core "" firewall_state
24 echo "Loading defaults"
25 fw_config_once fw_load_defaults defaults
28 config_foreach fw_load_zone zone
30 echo "Loading forwardings"
31 config_foreach fw_load_forwarding forwarding
33 echo "Loading redirects"
34 config_foreach fw_load_redirect redirect
37 config_foreach fw_load_rule rule
39 echo "Loading includes"
40 config_foreach fw_load_include include
42 [ -z "$FW_NOTRACK_DISABLED" ] && {
43 echo "Optimizing conntrack"
44 config_foreach fw_load_notrack_zone zone
47 echo "Loading interfaces"
48 config_foreach fw_configure_interface interface add
52 uci_set_state firewall core loaded 1
64 uci_revert_state firewall
68 for h in $FW_HOOKS; do unset $h; done
84 local bool=$(uci_get_state firewall.core.loaded)
85 return $((! ${bool:-0}))
90 echo "Error:" "$@" >&2
102 logger -t firewall -p user.$level "$@"
107 [ -z "$FW_INITIALIZED" ] || return 0
109 . $FW_LIBDIR/config.sh
112 fw_config_append firewall
114 local hooks="core stop defaults zone notrack synflood"
116 for file in $FW_LIBDIR/core_*.sh; do
118 hk=$(basename $file .sh)
122 for file in $FW_LIBDIR/*.sh; do
123 lib=$(basename $file .sh)
124 lib=${lib##[0-9][0-9]_}
126 core*|fw|config|uci_firewall) continue ;;
130 for pp in pre post; do
131 type ${lib}_${pp}_${hk}_cb >/dev/null && {
132 append FW_CB_${pp}_${hk} ${lib}
133 append FW_HOOKS FW_CB_${pp}_${hk}
139 fw_callback post init