diff options
| author | Steven Barth <steven@midlink.org> | 2008-04-26 17:14:22 +0000 |
|---|---|---|
| committer | Steven Barth <steven@midlink.org> | 2008-04-26 17:14:22 +0000 |
| commit | 22b1721823d705c7318d1eebafdfcdaead3025da (patch) | |
| tree | 1b972c0c6cd63d09975f42cca36e7ad1abd11033 /module/admin-core/contrib | |
| parent | 224c2566416e84b7c359a31ead46ece00c120b9c (diff) | |
* Added experimental version of DHCP-Splash for Kamikaze
* Added MAC-Address matching to luci_fw
* Added interface alias hack for Kamikaze
* ffluci.sys: Added several networking helper functions
* ffluci.http: Added function remote_addr
* Updated Haserl to 0.9.24
Diffstat (limited to 'module/admin-core/contrib')
| -rw-r--r-- | module/admin-core/contrib/init.d/luci_fw | 71 |
1 files changed, 37 insertions, 34 deletions
diff --git a/module/admin-core/contrib/init.d/luci_fw b/module/admin-core/contrib/init.d/luci_fw index 880c87dbe3..e98b3f7296 100644 --- a/module/admin-core/contrib/init.d/luci_fw +++ b/module/admin-core/contrib/init.d/luci_fw @@ -18,13 +18,13 @@ apply_portfw() { ip=$(echo $to | cut -d: -f1) if ([ "$proto" == "tcpudp" ] || [ "$proto" == "tcp" ]); then - iptables -t nat -A luci_prerouting -i "$iface" -p tcp --dport "$dport" -j DNAT --to "$to" - iptables -A luci_forward -i "$iface" -p tcp -d "$ip" $ports -j ACCEPT + iptables -t nat -A luci_fw_prerouting -i "$iface" -p tcp --dport "$dport" -j DNAT --to "$to" + iptables -A luci_fw_forward -i "$iface" -p tcp -d "$ip" $ports -j ACCEPT fi if ([ "$proto" == "tcpudp" ] || [ "$proto" == "udp" ]); then - iptables -t nat -A luci_prerouting -i "$iface" -p udp --dport "$dport" -j DNAT --to "$to" - iptables -A luci_forward -i "$iface" -p udp -d "$ip" $ports -j ACCEPT + iptables -t nat -A luci_fw_prerouting -i "$iface" -p udp --dport "$dport" -j DNAT --to "$to" + iptables -A luci_fw_forward -i "$iface" -p udp -d "$ip" $ports -j ACCEPT fi } @@ -34,11 +34,11 @@ apply_rule() { config_get chain "$cfg" chain [ -n "$chain" ] || return 0 - [ "$chain" == "forward" ] && cmd="$cmd -A luci_forward" - [ "$chain" == "input" ] && cmd="$cmd -A luci_input" - [ "$chain" == "output" ] && cmd="$cmd -A luci_output" - [ "$chain" == "prerouting" ] && cmd="$cmd -t nat -A luci_prerouting" - [ "$chain" == "postrouting" ] && cmd="$cmd -t nat -A luci_postrouting" + [ "$chain" == "forward" ] && cmd="$cmd -A luci_fw_forward" + [ "$chain" == "input" ] && cmd="$cmd -A luci_fw_input" + [ "$chain" == "output" ] && cmd="$cmd -A luci_fw_output" + [ "$chain" == "prerouting" ] && cmd="$cmd -t nat -A luci_fw_prerouting" + [ "$chain" == "postrouting" ] && cmd="$cmd -t nat -A luci_fw_postrouting" config_get iface "$cfg" iface [ -n "$iface" ] && cmd="$cmd -i $iface" @@ -66,6 +66,9 @@ apply_rule() { config_get tosrc "$cfg" tosrc [ -n "$tosrc" ] && cmd="$cmd --to-source $tosrc" + + config_get mac "$cfg" mac + [ -n "$mac" ] && cmd="$cmd -m mac --mac-source $mac" config_get jump "$cfg" jump [ -n "$jump" ] && cmd="$cmd -j $jump" @@ -78,18 +81,18 @@ apply_rule() { start() { ### Create subchains - iptables -N luci_input - iptables -N luci_output - iptables -N luci_forward - iptables -t nat -N luci_prerouting - iptables -t nat -N luci_postrouting + iptables -N luci_fw_input + iptables -N luci_fw_output + iptables -N luci_fw_forward + iptables -t nat -N luci_fw_prerouting + iptables -t nat -N luci_fw_postrouting ### Hook in the chains - iptables -A input_rule -j luci_input - iptables -A output_rule -j luci_output - iptables -A forwarding_rule -j luci_forward - iptables -t nat -A prerouting_rule -j luci_prerouting - iptables -t nat -A postrouting_rule -j luci_postrouting + iptables -A input_rule -j luci_fw_input + iptables -A output_rule -j luci_fw_output + iptables -A forwarding_rule -j luci_fw_forward + iptables -t nat -A prerouting_rule -j luci_fw_prerouting + iptables -t nat -A postrouting_rule -j luci_fw_postrouting ### Read chains from config config_load luci_fw @@ -99,23 +102,23 @@ start() { stop() { ### Hook out the chains - iptables -D input_rule -j luci_input - iptables -D output_rule -j luci_output - iptables -D forwarding_rule -j luci_forward - iptables -t nat -D prerouting_rule -j luci_prerouting - iptables -t nat -D postrouting_rule -j luci_postrouting + iptables -D input_rule -j luci_fw_input + iptables -D output_rule -j luci_fw_output + iptables -D forwarding_rule -j luci_fw_forward + iptables -t nat -D prerouting_rule -j luci_fw_prerouting + iptables -t nat -D postrouting_rule -j luci_fw_postrouting ### Clear subchains - iptables -F luci_input - iptables -F luci_output - iptables -F luci_forward - iptables -t nat -F luci_prerouting - iptables -t nat -F luci_postrouting + iptables -F luci_fw_input + iptables -F luci_fw_output + iptables -F luci_fw_forward + iptables -t nat -F luci_fw_prerouting + iptables -t nat -F luci_fw_postrouting ### Delete subchains - iptables -X luci_input - iptables -X luci_output - iptables -X luci_forward - iptables -t nat -X luci_prerouting - iptables -t nat -X luci_postrouting + iptables -X luci_fw_input + iptables -X luci_fw_output + iptables -X luci_fw_forward + iptables -t nat -X luci_fw_prerouting + iptables -t nat -X luci_fw_postrouting } |