From: Manuel Munz Date: Sun, 8 May 2011 21:28:00 +0000 (+0000) Subject: luci-0.10: Merge r7032 X-Git-Tag: 0.10.0~155 X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=d3027104444768f05a6fbe2c49be22f8d13fce09;p=oweals%2Fluci.git luci-0.10: Merge r7032 --- diff --git a/contrib/package/freifunk-firewall/files/etc/hotplug.d/firewall/23-restricted-wan b/contrib/package/freifunk-firewall/files/etc/hotplug.d/firewall/23-restricted-wan index ed40ff48d..d6f94ea90 100644 --- a/contrib/package/freifunk-firewall/files/etc/hotplug.d/firewall/23-restricted-wan +++ b/contrib/package/freifunk-firewall/files/etc/hotplug.d/firewall/23-restricted-wan @@ -18,9 +18,7 @@ clear_restricted_gw() config_get gateway "$state" gateway logger -t firewall.freifunk "removing local restriction to $iface($gateway)" - iptables -D "zone_${INTERFACE}_ACCEPT" ! -i $ifname -o $ifname -d $ipaddr/$netmask -j REJECT - iptables -D "zone_${INTERFACE}_ACCEPT" ! -i $ifname -o $ifname -d $gateway -j ACCEPT - + iptables -D forwarding_rule ! -i $ifname -o $ifname -d $ipaddr/$netmask -j REJECT --reject-with icmp-host-prohibited uci_revert_state firewall "$state" fi } @@ -56,9 +54,7 @@ if [ "$ACTION" = add ]; then if [ "$local_restrict" = 1 ]; then logger -t firewall.freifunk "restricting local access to $DEVICE($gateway)" - iptables -I "zone_${INTERFACE}_ACCEPT" ! -i $DEVICE -o $DEVICE -d $ipaddr/$netmask -j REJECT - iptables -I "zone_${INTERFACE}_ACCEPT" ! -i $DEVICE -o $DEVICE -d $gateway -j ACCEPT - + iptables -I forwarding_rule ! -i $DEVICE -o $DEVICE -d $ipaddr/$netmask -j REJECT --reject-with icmp-host-prohibited local state="restricted_gw_${INTERFACE}" uci_set_state firewall "$state" "" restricted_gw_state uci_set_state firewall "$state" iface "$INTERFACE"