Accueil Explorer Aide
S'inscrire Connexion
wareck
/
lede_packages
1
0
Fork 0
Fichiers Tickets 0 Pull Requests 0 Wiki
Branche: master
Branches Tags
lede_packages
/
net
/
coova-chilli
/
files
/
chilli.firewall

chilli.firewall 1003 B
Lien permanent Historique Raw

1234567891011121314151617181920212223242526272829303132333435363738394041 
  1. #!/bin/sh
    2. 

  2. 

  3. chilli_firewall() {
    4. 

  4.     local cfg="$1"
    5. 

  5. 

  6.     local network ifname tun
    7. 

  7. 

  8.     config_get network "$cfg" network
    9. 

  9. 

  10.     . /lib/functions/network.sh
    11. 

  11.     network_get_device ifname ${network:-lan}
    12. 

  12. 

  13.     if [ "$ifname" = "" ]
    14. 

  14.     then
    15. 

  15.        config_get ifname "$cfg" dhcpif
    16. 

  16.     fi
    17. 

  17. 

  18.     config_get tun "$cfg" tundev
    19. 

  19. 

  20.     for n in ACCEPT DROP REJECT
    21. 

  21.     do
    22. 

  22.        iptables -F zone_${network}_${n}
    23. 

  23.        iptables -I zone_${network}_${n} -i $tun -j $n
    24. 

  24.        iptables -I zone_${network}_${n} -o $tun -j $n
    25. 

  25.     done
    26. 

  26. 

  27.     iptables -D forward -i ${ifname} -j zone_${network}_forward
    28. 

  28.     iptables -A forward -i ${ifname} -j DROP
    29. 

  29.     iptables -A forward -i $tun -j zone_${network}_forward
    30. 

  30. 

  31.     iptables -D input -i ${ifname} -j zone_${network}
    32. 

  32.     iptables -A input -i $tun -j zone_${network}
    33. 

  33. 

  34.     iptables -I zone_${network} -p tcp --dport 3990 -j ACCEPT
    35. 

  35.     iptables -I zone_${network} -p tcp --dport 3991 -j ACCEPT
    36. 

  36. }
    37. 

  37. 

  38. chilli_post_core_cb() {
    39. 

  39.     config_load chilli
    40. 

  40.     config_foreach chilli_firewall chilli
    41. 

  41. }
    42.