1 # Copyright (C) 2009-2010 OpenWrt.org
2 # Copyright (C) 2009 Malte S. Stretz
11 [ "${-#*x}" == "$-" ] && {
26 fw__exec() { # <action> <family> <table> <chain> <target> <position> { <rules> }
27 local cmd fam tab chn tgt pos
29 for i in cmd fam tab chn tgt pos; do
30 if [ "$1" -a "$1" != '{' ]; then
39 export FW_${fam}_ERROR=$1
44 fw $cmd 4 $tab $chn $tgt $pos "$@"
45 fw $cmd 6 $tab $chn $tgt $pos "$@"
46 fw__rc $((FW_4_ERROR | FW_6_ERROR))
52 while [ "$1" != '}' ]; do
60 if [ "${ip4:-4}" == "${ip6:-6}" ]; then
61 echo "fw: can't mix ip4 and ip6" >&2
64 local ver=${ip4:+4}${ip6:+6}
66 fw $cmd ${ver:-i} $tab $chn $tgt $pos "$@"
72 if [ $tab == '-' ]; then
73 type $app > /dev/null 2> /dev/null
78 eval "mod=\$FW_${fam}_${tab}"
84 4) mod=iptable_${tab} ;;
85 6) mod=ip6table_${tab} ;;
88 grep "^${mod} " /proc/modules > /dev/null
90 export FW_${fam}_${tab}=$mod
96 eval "err=\$FW_${fam}_ERROR"
105 i) fw__dualip "$@"; return ;;
106 I) fw__autoip "$@"; return ;;
109 -) fw $cmd i $tab $chn $tgt $pos "$@"; return ;;
119 case "$cmd:$chn:$tgt:$pos" in
120 add:*:-:*) cmd=new-chain ;;
121 add:*:*:-) cmd=append ;;
122 add:*:*:$) cmd=append ;;
123 add:*:*:*) cmd=insert ;;
124 del:-:*:*) cmd=delete-chain; fw flush $fam $tab ;;
125 del:*:-:*) cmd=delete-chain; fw flush $fam $tab $chn ;;
126 del:*:*:*) cmd=delete ;;
128 policy:*) pol=$tgt; tgt=- ;;
129 has:*) fw__has; return ;;
130 err:*) fw__err; return ;;
131 list:*) cmd="numeric --verbose --$cmd" ;;
146 if ! fw__has - family || ! fw__has $tab ; then
147 export FW_${fam}_ERROR=0
151 if [ $# -gt 0 ]; then
153 if [ $cmd == delete ]; then
157 while [ $# -gt 1 ]; do
161 done | xargs -0 ${FW_TRACE:+-t} \
162 $app --table ${tab} --${cmd} ${chn} ${pol} ${pos} ${tgt:+--jump "$tgt"}
166 fw_get_port_range() {
170 fw_get_port_range "${ports}-${3}" $delim
174 local first=${ports%-*}
175 local last=${ports#*-}
176 if [ "$first" != "$last" ]; then
177 echo "$first$delim$last"