contrib/meshwizard: allowssh and allowweb can be set for wan dhcp proto too now

author Manuel Munz <freifunk@somakoma.de>

Mon, 9 Jul 2012 17:57:24 +0000 (17:57 +0000)

committer Manuel Munz <freifunk@somakoma.de>

Mon, 9 Jul 2012 17:57:24 +0000 (17:57 +0000)
author Manuel Munz <freifunk@somakoma.de>
Mon, 9 Jul 2012 17:57:24 +0000 (17:57 +0000)
committer Manuel Munz <freifunk@somakoma.de>
Mon, 9 Jul 2012 17:57:24 +0000 (17:57 +0000)
diff --git a/contrib/package/meshwizard/files/usr/bin/meshwizard/helpers/setup_firewall.sh b/contrib/package/meshwizard/files/usr/bin/meshwizard/helpers/setup_firewall.sh

index 33ff9a2bd9330fdd7a8173da84b04a88771c9505..7eceb508836eaf37e03f35b073161ce89413feef 100755 (executable)
--- a/contrib/package/meshwizard/files/usr/bin/meshwizard/helpers/setup_firewall.sh
+++ b/contrib/package/meshwizard/files/usr/bin/meshwizard/helpers/setup_firewall.sh
@@ -109,4 +109,31 @@ if [ "$profile_ipv6_config" = "auto-ipv6-dhcpv6" ]; then
         EOF
  fi
  
+# Firewall rules to allow incoming ssh and web if enabled
+
+if [ "$wan_allowssh" == 1 ]; then
+       uci batch <<- EOF
+               set firewall.wanssh=rule
+               set firewall.wanssh.src=wan
+               set firewall.wanssh.target=ACCEPT
+               set firewall.wanssh.proto=tcp
+               set firewall.wanssh.dest_port=22
+       EOF
+fi
+
+if [ "$wan_allowweb" == 1 ]; then
+       uci batch <<- EOF
+               set firewall.wanweb=rule
+               set firewall.wanweb.src=wan
+               set firewall.wanweb.target=ACCEPT
+               set firewall.wanweb.proto=tcp
+               set firewall.wanweb.dest_port=80
+               set firewall.wanwebhttps=rule
+               set firewall.wanwebhttps.src=wan
+               set firewall.wanwebhttps.target=ACCEPT
+               set firewall.wanwebhttps.proto=tcp
+               set firewall.wanwebhttps.dest_port=443
+       EOF
+fi
+
  uci_commitverbose "Setup rules, forwardings, advanced config and includes." firewall
diff --git a/contrib/package/meshwizard/files/usr/bin/meshwizard/helpers/setup_wan_dhcp.sh b/contrib/package/meshwizard/files/usr/bin/meshwizard/helpers/setup_wan_dhcp.sh

new file mode 100755 (executable)

index 0000000..98b941b
--- /dev/null
+++ b/contrib/package/meshwizard/files/usr/bin/meshwizard/helpers/setup_wan_dhcp.sh
@@ -0,0 +1,11 @@
+#!/bin/sh
+# Setup dhcp interface settings for wan. This is the OpenWrt default,
+# so all we need to do here is to delete wan from meshwizard after setup.
+
+[ ! "$(uci -q get network.wan)" == "interface" ] && exit
+
+. /lib/functions.sh
+. $dir/functions.sh
+
+uci delete meshwizard.wan && uci commit meshwizard
+
diff --git a/contrib/package/meshwizard/files/usr/bin/meshwizard/helpers/setup_wan_static.sh b/contrib/package/meshwizard/files/usr/bin/meshwizard/helpers/setup_wan_static.sh

index 01352d2c189d3e9bc210d5f1ebe8f910c47badff..570470aa777300cc8a35c31301d62e58c88b5bd8 100755 (executable)
--- a/contrib/package/meshwizard/files/usr/bin/meshwizard/helpers/setup_wan_static.sh
+++ b/contrib/package/meshwizard/files/usr/bin/meshwizard/helpers/setup_wan_static.sh
@@ -18,31 +18,3 @@ uci_commitverbose "Setup static ip settings for wan" network
  
  uci delete meshwizard.wan && uci commit meshwizard
  
-# Firewall rules to allow incoming ssh and web
-
-if [ "$wan_allowssh" == 1 ]; then
-       uci batch <<- EOF
-               set firewall.wanssh=rule
-               set firewall.wanssh.src=wan
-               set firewall.wanssh.target=ACCEPT
-               set firewall.wanssh.proto=tcp
-               set firewall.wanssh.dest_port=22
-       EOF
-       uci_commitverbose "Allow incoming connections to port 22 (ssh) on wan" firewall
-fi
-
-if [ "$wan_allowweb" == 1 ]; then
-       uci batch <<- EOF
-               set firewall.wanweb=rule
-               set firewall.wanweb.src=wan
-               set firewall.wanweb.target=ACCEPT
-               set firewall.wanweb.proto=tcp
-               set firewall.wanweb.dest_port=80
-               set firewall.wanwebhttps=rule
-               set firewall.wanwebhttps.src=wan
-               set firewall.wanwebhttps.target=ACCEPT
-               set firewall.wanwebhttps.proto=tcp
-               set firewall.wanwebhttps.dest_port=443
-       EOF
-       uci_commitverbose "Allow incoming connections to port 80 and 443 (http and https) on wan" firewall
-fi
diff --git a/contrib/package/meshwizard/files/usr/bin/meshwizard/wizard.sh b/contrib/package/meshwizard/files/usr/bin/meshwizard/wizard.sh

index f159268d3e5e91646688606123069576e9a0ec79..eae4de87e6ef5c5dd12b48daa188486da6cb0037 100755 (executable)
--- a/contrib/package/meshwizard/files/usr/bin/meshwizard/wizard.sh
+++ b/contrib/package/meshwizard/files/usr/bin/meshwizard/wizard.sh
@@ -64,6 +64,10 @@ if [ "$wan_proto" == "static" ] && [ -n "$wan_ip4addr" ] && [ -n "$wan_netmask"
         $dir/helpers/setup_wan_static.sh
  fi
  
+if [ "$wan_proto" == "dhcp" ]; then
+       $dir/helpers/setup_wan_dhcp.sh
+fi
+
  if [ "$lan_proto" == "static" ] && [ -n "$lan_ip4addr" ] && [ -n "$lan_netmask" ]; then
         $dir/helpers/setup_lan_static.sh
  fi
author	Manuel Munz <freifunk@somakoma.de>
	Mon, 9 Jul 2012 17:57:24 +0000 (17:57 +0000)
committer	Manuel Munz <freifunk@somakoma.de>
	Mon, 9 Jul 2012 17:57:24 +0000 (17:57 +0000)
contrib/package/meshwizard/files/usr/bin/meshwizard/helpers/setup_firewall.sh		patch \| blob \| history
contrib/package/meshwizard/files/usr/bin/meshwizard/helpers/setup_wan_dhcp.sh	[new file with mode: 0755]	patch \| blob
contrib/package/meshwizard/files/usr/bin/meshwizard/helpers/setup_wan_static.sh		patch \| blob \| history
contrib/package/meshwizard/files/usr/bin/meshwizard/wizard.sh		patch \| blob \| history