Drop firewall-mod-save, it is not needed anymore
git-svn-id: svn://svn.openwrt.org/openwrt/packages@36843 3c298f89-4303-0410-b956-a3cf2f4a3e73
This commit is contained in:
jow
parent
36553e76c8
commit
d0866d3010
@ -1,51 +0,0 @@
|
||||
#
|
||||
# Copyright (C) 2006-2011 OpenWrt.org
|
||||
#
|
||||
# This is free software, licensed under the GNU General Public License v2.
|
||||
# See /LICENSE for more information.
|
||||
#
|
||||
|
||||
include $(TOPDIR)/rules.mk
|
||||
include $(INCLUDE_DIR)/kernel.mk
|
||||
|
||||
PKG_NAME:=firewall-mod-save
|
||||
PKG_VERSION:=1.0
|
||||
PKG_RELEASE:=2
|
||||
|
||||
PKG_BUILD_DIR := $(BUILD_DIR)/$(PKG_NAME)
|
||||
|
||||
include $(INCLUDE_DIR)/package.mk
|
||||
|
||||
define Package/firewall-mod-save/Default
|
||||
SECTION:=libs
|
||||
CATEGORY:=Libraries
|
||||
TITLE:=Preserve dynamic chains during firewall restart
|
||||
MAINTAINER:=Daniel Dickinson <openwrt@cshore.neomailbox.net>
|
||||
endef
|
||||
|
||||
define Package/firewall-mod-save
|
||||
$(call Package/firewall-mod-save/Default)
|
||||
DEPENDS:=+iptables
|
||||
endef
|
||||
|
||||
define Package/firewall-mod-save/description
|
||||
Uses iptables-save to save the option chain in option table (default filter)
|
||||
as defined by the config section save in /etc/config/firewall.
|
||||
endef
|
||||
|
||||
define Build/Prepare
|
||||
endef
|
||||
|
||||
define Build/Configure
|
||||
endef
|
||||
|
||||
define Build/Compile
|
||||
endef
|
||||
|
||||
define Package/firewall-mod-save/install
|
||||
$(INSTALL_DIR) $(1)/lib/firewall
|
||||
$(INSTALL_DATA) ./files/20_save.sh $(1)/lib/firewall/
|
||||
endef
|
||||
|
||||
$(eval $(call BuildPackage,firewall-mod-save))
|
||||
|
||||
@ -1,73 +0,0 @@
|
||||
#!/bin/sh
|
||||
|
||||
. /lib/functions.sh
|
||||
|
||||
save_print_table_chain() {
|
||||
local table="$1"
|
||||
local chain="$2"
|
||||
local fsave="$3"
|
||||
local fsavetmp="$fsave"".tmp"
|
||||
local next_table_line
|
||||
local cur_table_line
|
||||
local table_line
|
||||
table_line="$(($(grep -n "^*$table" "$fsave" | cut -f1 -d: ) + 1))"
|
||||
tail -n+$table_line $fsave >"$fsavetmp"
|
||||
for cur_table_line in $(grep -n "^*" "$fsavetmp"); do
|
||||
[ -z "$next_table_line" ] && {
|
||||
local lineno="$(echo $cur_table_line | cut -f1 -d:)"
|
||||
[ -n "$lineno" ] && [ "$lineno" -gt $(($table_line - 1)) ] && {
|
||||
next_table_line=$lineno
|
||||
}
|
||||
}
|
||||
done
|
||||
[ -z "$next_table_line" ] && {
|
||||
next_table_line="$(cat $fsavetmp|wc -l)"
|
||||
}
|
||||
next_table_line=$(($next_table_line - 1))
|
||||
head -n $next_table_line "$fsave.tmp" | grep $chain | grep -Ev "^:$chain"
|
||||
rm -f "$fsavetmp"
|
||||
}
|
||||
|
||||
save_save_fw_chain() {
|
||||
local chain
|
||||
local table
|
||||
local fsave="/tmp/.firewall/save"
|
||||
|
||||
config_get chain $1 chain
|
||||
config_get table $1 table filter
|
||||
[ -z "$chain" ] && return 0
|
||||
mkdir -p /tmp/.firewall
|
||||
iptables-save >"$fsave"
|
||||
save_print_table_chain $table $chain "$fsave" > /tmp/.firewall/save-$table-$chain
|
||||
|
||||
}
|
||||
|
||||
save_load_fw_chain() {
|
||||
local chain
|
||||
local table
|
||||
|
||||
config_get chain $1 chain
|
||||
config_get table $1 table filter
|
||||
[ -e /tmp/.firewall/save-$table-$chain ] && [ "$(cat /tmp/.firewall/save-$table-$chain | wc -l)" -ge 1 ] && {
|
||||
iptables -t $table -N $chain
|
||||
while read line; do
|
||||
sh -c "iptables -t $table $line"
|
||||
done < /tmp/.firewall/save-$table-$chain
|
||||
rm /tmp/.firewall/save-$table-$chain
|
||||
}
|
||||
}
|
||||
|
||||
save_pre_stop_cb() {
|
||||
echo "Saving dynamic firewall chains"
|
||||
config_load firewall
|
||||
|
||||
config_foreach save_save_fw_chain save
|
||||
}
|
||||
|
||||
save_post_core_cb() {
|
||||
echo "Loading dynamic firewall chains"
|
||||
|
||||
config_load firewall
|
||||
config_foreach save_load_fw_chain save
|
||||
}
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user