firewall: - replace uci firewall with a modular dual stack implementation developed by Malte S. Stretz - bump version to 2

SVN-Revision: 21286

1 files changed, 40 insertions, 0 deletions

diff --git a/package/firewall/files/lib/core_forwarding.sh b/package/firewall/files/lib/core_forwarding.sh
new file mode 100644
index 0000000000..766e48e38e
--- /dev/null
+++ b/package/firewall/files/lib/core_forwarding.sh
@@ -0,0 +1,40 @@
+# Copyright (C) 2009-2010 OpenWrt.org
+
+fw_config_get_forwarding() {
+	[ "${forwarding_NAME}" != "$1" ] || return
+	fw_config_get_section "$1" forwarding { \
+		string _name "$1" \
+		string name "" \
+		string src "" \
+		string dest "" \
+	} || return
+	[ -n "$forwarding_name" ] || forwarding_name=$forwarding__name
+}
+
+fw_load_forwarding() {
+	fw_config_get_forwarding "$1"
+
+	fw_callback pre forwarding
+
+	local chain=forward
+	[ -n "$forwarding_src" ] && {
+		chain=zone_${forwarding_src}_forward 
+	}
+
+	local target=ACCEPT
+	[ -n "$forwarding_dest" ] && {
+		target=zone_${forwarding_dest}_ACCEPT
+	}
+
+	fw add i f $chain $target ^
+
+	# propagate masq zone flag
+	[ -n "$forwarding_src" ] && list_contains CONNTRACK_ZONES $forwarding_src && {
+		append CONNTRACK_ZONES $forwarding_dest
+	}
+	[ -n "$forwarding_dest" ] && list_contains CONNTRACK_ZONES $forwarding_dest && {
+		append CONNTRACK_ZONES $forwarding_src
+	}
+
+	fw_callback post forwarding
+}