| b.liu | e958203 | 2025-04-17 19:18:16 +0800 | [diff] [blame^] | 1 | #!/bin/sh /etc/rc.common |
| 2 | |
| 3 | START=12 |
| 4 | USE_PROCD=1 |
| 5 | QUIET="" |
| 6 | |
| 7 | validate_firewall_redirect() |
| 8 | { |
| 9 | uci_validate_section firewall redirect "${1}" \ |
| 10 | 'proto:or(uinteger, string)' \ |
| 11 | 'src:string' \ |
| 12 | 'src_ip:cidr' \ |
| 13 | 'src_dport:or(port, portrange)' \ |
| 14 | 'dest:string' \ |
| 15 | 'dest_ip:cidr' \ |
| 16 | 'dest_port:or(port, portrange)' \ |
| 17 | 'target:or("SNAT", "DNAT")' |
| 18 | } |
| 19 | |
| 20 | validate_firewall_rule() |
| 21 | { |
| 22 | uci_validate_section firewall rule "${1}" \ |
| 23 | 'proto:or(uinteger, string)' \ |
| 24 | 'src:string' \ |
| 25 | 'dest:string' \ |
| 26 | 'src_port:or(port, portrange)' \ |
| 27 | 'dest_port:or(port, portrange)' \ |
| 28 | 'target:string' |
| 29 | } |
| 30 | |
| 31 | service_triggers() { |
| 32 | procd_add_reload_trigger firewall |
| 33 | |
| 34 | procd_open_validate |
| 35 | validate_firewall_redirect |
| 36 | validate_firewall_rule |
| 37 | procd_close_validate |
| 38 | } |
| 39 | |
| 40 | restart() { |
| 41 | fw3 restart |
| 42 | } |
| 43 | |
| 44 | start_service() { |
| 45 | fw3 ${QUIET} start |
| 46 | } |
| 47 | |
| 48 | stop_service() { |
| 49 | fw3 flush |
| 50 | } |
| 51 | |
| 52 | reload_service() { |
| 53 | fw3 reload |
| 54 | } |
| 55 | |
| 56 | boot() { |
| 57 | # Be silent on boot, firewall might be started by hotplug already, |
| 58 | # so don't complain in syslog. |
| 59 | PIPE=`uci get cmdline.PIPE 2> /dev/null` |
| 60 | PRODMODE=`uci get cmdline.PROD 2> /dev/null` |
| 61 | [ "$PRODMODE" == "0" ] && { |
| 62 | for i in $(seq 0 20) |
| 63 | do |
| 64 | if [ "$PIPE" != "1" ]; then |
| 65 | for j in $(seq 0 7) |
| 66 | do |
| 67 | local var=`ifconfig ccinet$j | grep "inet addr" | awk '{print $2}'` |
| 68 | local ipaddr=`echo ${var##*:}` |
| 69 | local ip6addr=`ifconfig ccinet$j | grep "inet6 addr" | grep "Global" | awk '{print $3}'` |
| 70 | if [ "$ipaddr" -o "$ip6addr" ]; then |
| 71 | break |
| 72 | fi |
| 73 | done |
| 74 | if [ "$ipaddr" -o "$ip6addr" ]; then |
| 75 | echo "wan$j ipaddr: $ipaddr" > /dev/kmsg |
| 76 | echo "wan$j ip6addr: $ip6addr" > /dev/kmsg |
| 77 | break |
| 78 | else |
| 79 | sleep 1 |
| 80 | fi |
| 81 | else |
| 82 | local ipaddr=`ifconfig br-lan | grep "inet addr" | awk '{print $2}'` |
| 83 | local dhcp_range=`cat /tmp/etc/dnsmasq.conf | grep "dhcp-range"` |
| 84 | if [ -z "$ipaddr" -o -z "$dhcp_range" ]; then |
| 85 | sleep 1 |
| 86 | else |
| 87 | echo "$ipaddr" > /dev/kmsg |
| 88 | echo "$dhcp_range" > /dev/kmsg |
| 89 | break |
| 90 | fi |
| 91 | fi |
| 92 | done |
| 93 | } |
| 94 | |
| 95 | QUIET=-q |
| 96 | start |
| 97 | } |