LILiK
/
openwrt-packages-dist
5
0
Fork 0
Code Issues 0 Pull Requests 0 Projects 0 Releases 0 Wiki Activity
Browse Source

net/coova-chili: update default firewall setup 

Remove the obsolete firewall configuration as the legacy firewall
package was removed in a901329781.

And at the same time, define in the configuration the correct paths
for the firewall rules, installed as /etc/chilli/{up|down}.sh

Signed-off-by: Aleksander Morgado <aleksander@aleksander.es>
lilik-openwrt-22.03
Aleksander Morgado 7 years ago
parent
79ef85aa8c
commit
272d234c0a
2 changed files with 4 additions and 45 deletions
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. +4
    -4
      net/coova-chilli/files/chilli.config
  2. +0
    -41
      net/coova-chilli/files/chilli.firewall

+ 4
- 4
net/coova-chilli/files/chilli.config View File

@ -71,14 +71,14 @@ config chilli
# Script executed after network interface has been brought up.
# Executed with the following parameters: <devicename> <ip address>
# <mask>
# Normally you do not need to uncomment this option.
#option ipup /etc/chilli.ipup
# Normally you do not need to modify this option.
option ipup /etc/chilli/up.sh
# Script executed after network interface has been taken down.
# Executed with the following parameters: <devicename> <ip address>
# <mask>
# Normally you do not need to uncomment this option.
#option ipdown /etc/chilli.ipdown
# Normally you do not need to modify this option.
option ipdown /etc/chilli/down.sh
# Radius parameters


+ 0
- 41
net/coova-chilli/files/chilli.firewall View File

@ -1,41 +0,0 @@
#!/bin/sh
chilli_firewall() {
local cfg="$1"
local network ifname tun
config_get network "$cfg" network
. /lib/functions/network.sh
network_get_device ifname ${network:-lan}
if [ "$ifname" = "" ]
then
config_get ifname "$cfg" dhcpif
fi
config_get tun "$cfg" tundev
for n in ACCEPT DROP REJECT
do
iptables -F zone_${network}_${n}
iptables -I zone_${network}_${n} -i $tun -j $n
iptables -I zone_${network}_${n} -o $tun -j $n
done
iptables -D forward -i ${ifname} -j zone_${network}_forward
iptables -A forward -i ${ifname} -j DROP
iptables -A forward -i $tun -j zone_${network}_forward
iptables -D input -i ${ifname} -j zone_${network}
iptables -A input -i $tun -j zone_${network}
iptables -I zone_${network} -p tcp --dport 3990 -j ACCEPT
iptables -I zone_${network} -p tcp --dport 3991 -j ACCEPT
}
chilli_post_core_cb() {
config_load chilli
config_foreach chilli_firewall chilli
}

Write Preview
Loading…
Cancel
Save