ASR_BASE
Change-Id: Icf3719cc0afe3eeb3edc7fa80a2eb5199ca9dda1
diff --git a/package/network/config/firewall/files/firewall.init b/package/network/config/firewall/files/firewall.init
new file mode 100755
index 0000000..a9462a8
--- /dev/null
+++ b/package/network/config/firewall/files/firewall.init
@@ -0,0 +1,97 @@
+#!/bin/sh /etc/rc.common
+
+START=12
+USE_PROCD=1
+QUIET=""
+
+validate_firewall_redirect()
+{
+ uci_validate_section firewall redirect "${1}" \
+ 'proto:or(uinteger, string)' \
+ 'src:string' \
+ 'src_ip:cidr' \
+ 'src_dport:or(port, portrange)' \
+ 'dest:string' \
+ 'dest_ip:cidr' \
+ 'dest_port:or(port, portrange)' \
+ 'target:or("SNAT", "DNAT")'
+}
+
+validate_firewall_rule()
+{
+ uci_validate_section firewall rule "${1}" \
+ 'proto:or(uinteger, string)' \
+ 'src:string' \
+ 'dest:string' \
+ 'src_port:or(port, portrange)' \
+ 'dest_port:or(port, portrange)' \
+ 'target:string'
+}
+
+service_triggers() {
+ procd_add_reload_trigger firewall
+
+ procd_open_validate
+ validate_firewall_redirect
+ validate_firewall_rule
+ procd_close_validate
+}
+
+restart() {
+ fw3 restart
+}
+
+start_service() {
+ fw3 ${QUIET} start
+}
+
+stop_service() {
+ fw3 flush
+}
+
+reload_service() {
+ fw3 reload
+}
+
+boot() {
+ # Be silent on boot, firewall might be started by hotplug already,
+ # so don't complain in syslog.
+ PIPE=`uci get cmdline.PIPE 2> /dev/null`
+ PRODMODE=`uci get cmdline.PROD 2> /dev/null`
+ [ "$PRODMODE" == "0" ] && {
+ for i in $(seq 0 20)
+ do
+ if [ "$PIPE" != "1" ]; then
+ for j in $(seq 0 7)
+ do
+ local var=`ifconfig ccinet$j | grep "inet addr" | awk '{print $2}'`
+ local ipaddr=`echo ${var##*:}`
+ local ip6addr=`ifconfig ccinet$j | grep "inet6 addr" | grep "Global" | awk '{print $3}'`
+ if [ "$ipaddr" -o "$ip6addr" ]; then
+ break
+ fi
+ done
+ if [ "$ipaddr" -o "$ip6addr" ]; then
+ echo "wan$j ipaddr: $ipaddr" > /dev/kmsg
+ echo "wan$j ip6addr: $ip6addr" > /dev/kmsg
+ break
+ else
+ sleep 1
+ fi
+ else
+ local ipaddr=`ifconfig br-lan | grep "inet addr" | awk '{print $2}'`
+ local dhcp_range=`cat /tmp/etc/dnsmasq.conf | grep "dhcp-range"`
+ if [ -z "$ipaddr" -o -z "$dhcp_range" ]; then
+ sleep 1
+ else
+ echo "$ipaddr" > /dev/kmsg
+ echo "$dhcp_range" > /dev/kmsg
+ break
+ fi
+ fi
+ done
+ }
+
+ QUIET=-q
+ start
+}