packages/libs/firewall-mod-save/files/20_save.sh

#!/bin/sh

. /etc/functions.sh

save_print_table_chain() {
	local table="$1"
	local chain="$2"
	local fsave="$3"
	local fsavetmp="$fsave"".tmp"
	local next_table_line
	local cur_table_line
	local table_line
	table_line="$(($(grep -n "^*$table" "$fsave" | cut -f1 -d: ) + 1))"
	tail -n+$table_line $fsave >"$fsavetmp"
	for cur_table_line in $(grep -n "^*" "$fsavetmp"); do
		[ -z "$next_table_line" ] && {
			local lineno="$(echo $cur_table_line | cut -f1 -d:)"
			[ -n "$lineno" ] && [ "$lineno" -gt $(($table_line - 1)) ] && {
				next_table_line=$lineno
			}
		}
	done
	[ -z "$next_table_line" ] && {
		next_table_line="$(cat $fsavetmp|wc -l)"
	}
	next_table_line=$(($next_table_line - 1))
	head -n $next_table_line "$fsave.tmp" | grep $chain | grep -Ev "^:$chain" 
        rm -f "$fsavetmp"
}

save_save_fw_chain() {
	local chain
	local table
	local fsave="/tmp/.firewall/save"

	config_get chain $1 chain
	config_get table $1 table filter
	[ -z "$chain" ] && return 0
	mkdir -p /tmp/.firewall
	iptables-save >"$fsave"
	save_print_table_chain $table $chain "$fsave" > /tmp/.firewall/save-$table-$chain

}

save_load_fw_chain() {
	local chain
	local table

	config_get chain $1 chain
	config_get table $1 table filter 
	[ -e /tmp/.firewall/save-$table-$chain ] && [ "$(cat /tmp/.firewall/save-$table-$chain | wc -l)" -ge 1 ] && {
		iptables -t $table -N $chain
		while read line; do
			sh -c "iptables -t $table $line"
		done < /tmp/.firewall/save-$table-$chain
		rm /tmp/.firewall/save-$table-$chain
	}
}

save_pre_stop_cb() {
	echo "Saving dynamic firewall chains"
	config_load firewall

	config_foreach save_save_fw_chain save
}

save_post_core_cb() {
	echo "Loading dynamic firewall chains"

	config_load firewall
	config_foreach save_load_fw_chain save
}
packages: libs/savedynamic: Add package that uses new modular firewall to save chains with dynamically generates rules from packages such as miniupnpd and strongswan in order that they might be preserved across a firewall restart (but not a router reboot). git-svn-id: svn://svn.openwrt.org/openwrt/packages@21368 3c298f89-4303-0410-b956-a3cf2f4a3e73 2010-05-05 03:53:23 +00:00			`#!/bin/sh`

			`. /etc/functions.sh`

packages: libs/savedynamic: rename package to firewall-mod-save and script to 20_save.sh (from savedynamic.sh). Thanks jow git-svn-id: svn://svn.openwrt.org/openwrt/packages@21371 3c298f89-4303-0410-b956-a3cf2f4a3e73 2010-05-05 08:52:10 +00:00			`save_print_table_chain() {`
packages: libs/savedynamic: Add package that uses new modular firewall to save chains with dynamically generates rules from packages such as miniupnpd and strongswan in order that they might be preserved across a firewall restart (but not a router reboot). git-svn-id: svn://svn.openwrt.org/openwrt/packages@21368 3c298f89-4303-0410-b956-a3cf2f4a3e73 2010-05-05 03:53:23 +00:00			`local table="$1"`
			`local chain="$2"`
			`local fsave="$3"`
			`local fsavetmp="$fsave"".tmp"`
			`local next_table_line`
			`local cur_table_line`
			`local table_line`
			`table_line="$(($(grep -n "^*$table" "$fsave" \| cut -f1 -d: ) + 1))"`
			`tail -n+$table_line $fsave >"$fsavetmp"`
			`for cur_table_line in $(grep -n "^*" "$fsavetmp"); do`
			`[ -z "$next_table_line" ] && {`
			`local lineno="$(echo $cur_table_line \| cut -f1 -d:)"`
			`[ -n "$lineno" ] && [ "$lineno" -gt $(($table_line - 1)) ] && {`
			`next_table_line=$lineno`
			`}`
			`}`
			`done`
			`[ -z "$next_table_line" ] && {`
			`next_table_line="$(cat $fsavetmp\|wc -l)"`
			`}`
			`next_table_line=$(($next_table_line - 1))`
			`head -n $next_table_line "$fsave.tmp" \| grep $chain \| grep -Ev "^:$chain"`
			`rm -f "$fsavetmp"`
			`}`

packages: libs/savedynamic: rename package to firewall-mod-save and script to 20_save.sh (from savedynamic.sh). Thanks jow git-svn-id: svn://svn.openwrt.org/openwrt/packages@21371 3c298f89-4303-0410-b956-a3cf2f4a3e73 2010-05-05 08:52:10 +00:00			`save_save_fw_chain() {`
packages: libs/savedynamic: Add package that uses new modular firewall to save chains with dynamically generates rules from packages such as miniupnpd and strongswan in order that they might be preserved across a firewall restart (but not a router reboot). git-svn-id: svn://svn.openwrt.org/openwrt/packages@21368 3c298f89-4303-0410-b956-a3cf2f4a3e73 2010-05-05 03:53:23 +00:00			`local chain`
			`local table`
			`local fsave="/tmp/.firewall/save"`

			`config_get chain $1 chain`
			`config_get table $1 table filter`
			`[ -z "$chain" ] && return 0`
			`mkdir -p /tmp/.firewall`
			`iptables-save >"$fsave"`
packages: libs/savedynamic: rename package to firewall-mod-save and script to 20_save.sh (from savedynamic.sh). Thanks jow git-svn-id: svn://svn.openwrt.org/openwrt/packages@21371 3c298f89-4303-0410-b956-a3cf2f4a3e73 2010-05-05 08:52:10 +00:00			`save_print_table_chain $table $chain "$fsave" > /tmp/.firewall/save-$table-$chain`
packages: libs/savedynamic: Add package that uses new modular firewall to save chains with dynamically generates rules from packages such as miniupnpd and strongswan in order that they might be preserved across a firewall restart (but not a router reboot). git-svn-id: svn://svn.openwrt.org/openwrt/packages@21368 3c298f89-4303-0410-b956-a3cf2f4a3e73 2010-05-05 03:53:23 +00:00
			`}`

packages: libs/savedynamic: rename package to firewall-mod-save and script to 20_save.sh (from savedynamic.sh). Thanks jow git-svn-id: svn://svn.openwrt.org/openwrt/packages@21371 3c298f89-4303-0410-b956-a3cf2f4a3e73 2010-05-05 08:52:10 +00:00			`save_load_fw_chain() {`
packages: libs/savedynamic: Add package that uses new modular firewall to save chains with dynamically generates rules from packages such as miniupnpd and strongswan in order that they might be preserved across a firewall restart (but not a router reboot). git-svn-id: svn://svn.openwrt.org/openwrt/packages@21368 3c298f89-4303-0410-b956-a3cf2f4a3e73 2010-05-05 03:53:23 +00:00			`local chain`
			`local table`

			`config_get chain $1 chain`
			`config_get table $1 table filter`
			`[ -e /tmp/.firewall/save-$table-$chain ] && [ "$(cat /tmp/.firewall/save-$table-$chain \| wc -l)" -ge 1 ] && {`
			`iptables -t $table -N $chain`
			`while read line; do`
			`sh -c "iptables -t $table $line"`
			`done < /tmp/.firewall/save-$table-$chain`
			`rm /tmp/.firewall/save-$table-$chain`
			`}`
			`}`

packages: libs/savedynamic: rename package to firewall-mod-save and script to 20_save.sh (from savedynamic.sh). Thanks jow git-svn-id: svn://svn.openwrt.org/openwrt/packages@21371 3c298f89-4303-0410-b956-a3cf2f4a3e73 2010-05-05 08:52:10 +00:00			`save_pre_stop_cb() {`
packages: libs/savedynamic: Add package that uses new modular firewall to save chains with dynamically generates rules from packages such as miniupnpd and strongswan in order that they might be preserved across a firewall restart (but not a router reboot). git-svn-id: svn://svn.openwrt.org/openwrt/packages@21368 3c298f89-4303-0410-b956-a3cf2f4a3e73 2010-05-05 03:53:23 +00:00			`echo "Saving dynamic firewall chains"`
			`config_load firewall`

packages: libs/savedynamic: rename package to firewall-mod-save and script to 20_save.sh (from savedynamic.sh). Thanks jow git-svn-id: svn://svn.openwrt.org/openwrt/packages@21371 3c298f89-4303-0410-b956-a3cf2f4a3e73 2010-05-05 08:52:10 +00:00			`config_foreach save_save_fw_chain save`
packages: libs/savedynamic: Add package that uses new modular firewall to save chains with dynamically generates rules from packages such as miniupnpd and strongswan in order that they might be preserved across a firewall restart (but not a router reboot). git-svn-id: svn://svn.openwrt.org/openwrt/packages@21368 3c298f89-4303-0410-b956-a3cf2f4a3e73 2010-05-05 03:53:23 +00:00			`}`

packages: libs/savedynamic: rename package to firewall-mod-save and script to 20_save.sh (from savedynamic.sh). Thanks jow git-svn-id: svn://svn.openwrt.org/openwrt/packages@21371 3c298f89-4303-0410-b956-a3cf2f4a3e73 2010-05-05 08:52:10 +00:00			`save_post_core_cb() {`
packages: libs/savedynamic: Add package that uses new modular firewall to save chains with dynamically generates rules from packages such as miniupnpd and strongswan in order that they might be preserved across a firewall restart (but not a router reboot). git-svn-id: svn://svn.openwrt.org/openwrt/packages@21368 3c298f89-4303-0410-b956-a3cf2f4a3e73 2010-05-05 03:53:23 +00:00			`echo "Loading dynamic firewall chains"`

			`config_load firewall`
packages: libs/savedynamic: rename package to firewall-mod-save and script to 20_save.sh (from savedynamic.sh). Thanks jow git-svn-id: svn://svn.openwrt.org/openwrt/packages@21371 3c298f89-4303-0410-b956-a3cf2f4a3e73 2010-05-05 08:52:10 +00:00			`config_foreach save_load_fw_chain save`
packages: libs/savedynamic: Add package that uses new modular firewall to save chains with dynamically generates rules from packages such as miniupnpd and strongswan in order that they might be preserved across a firewall restart (but not a router reboot). git-svn-id: svn://svn.openwrt.org/openwrt/packages@21368 3c298f89-4303-0410-b956-a3cf2f4a3e73 2010-05-05 03:53:23 +00:00			`}`
packages: libs/savedynamic: rename package to firewall-mod-save and script to 20_save.sh (from savedynamic.sh). Thanks jow git-svn-id: svn://svn.openwrt.org/openwrt/packages@21371 3c298f89-4303-0410-b956-a3cf2f4a3e73 2010-05-05 08:52:10 +00:00