diff --git a/net/shorewall-lite/Makefile b/net/shorewall-lite/Makefile index d866a608a..649eacdda 100644 --- a/net/shorewall-lite/Makefile +++ b/net/shorewall-lite/Makefile @@ -14,7 +14,7 @@ PKG_BUGFIX_MAJOR_VERSION:=3 PKG_BUGFIX_MINOR_VERSION:=.2 PKG_VERSION:=$(PKG_MAJOR_MINOR_VERSION).$(PKG_BUGFIX_MAJOR_VERSION)$(PKG_BUGFIX_MINOR_VERSION) PKG_DIRECTORY:=$(PKG_MAJOR_MINOR_VERSION).$(PKG_BUGFIX_MAJOR_VERSION) -PKG_RELEASE:=1 +PKG_RELEASE:=2 PKG_SOURCE_URL:=http://www.shorewall.net/pub/shorewall/$(PKG_MAJOR_MINOR_VERSION)/shorewall-$(PKG_DIRECTORY)/ \ http://www1.shorewall.net/pub/shorewall/$(PKG_MAJOR_MINOR_VERSION)/shorewall-$(PKG_DIRECTORY)/ \ diff --git a/net/shorewall-lite/files/hotplug_iface b/net/shorewall-lite/files/hotplug_iface index 90ed80c8c..367cea6f4 100644 --- a/net/shorewall-lite/files/hotplug_iface +++ b/net/shorewall-lite/files/hotplug_iface @@ -1,13 +1,19 @@ #!/bin/sh -# should restart shorewall when an interface comes up +DEVICE=${DEVICE:-$(/sbin/uci -p /var/state get network."$INTERFACE".ifname)} case "$ACTION" in ifup) - /etc/init.d/shorewall-lite restart + if [ "$INTERFACE" = "lan" ]; then + /usr/sbin/shorewall -l start + elif [ "${INTERFACE:0:3}" = "wan" ] && + [ "${INTERFACE:$((${#INTERFACE}-2)):2}" != "_6" ]; then + /etc/shorewall-lite/state/firewall enable "$DEVICE" + fi ;; ifdown) - # might need to restore some routing - /etc/init.d/shorewall-lite restart + if [ "${INTERFACE:0:3}" = "wan" ]; then + /etc/shorewall-lite/state/firewall disable "$DEVICE" + fi ;; -esac \ No newline at end of file +esac diff --git a/net/shorewall/Makefile b/net/shorewall/Makefile index 397019271..d404e1d3f 100644 --- a/net/shorewall/Makefile +++ b/net/shorewall/Makefile @@ -14,7 +14,7 @@ PKG_BUGFIX_MAJOR_VERSION:=3 PKG_BUGFIX_MINOR_VERSION:=.2 PKG_VERSION:=$(PKG_MAJOR_MINOR_VERSION).$(PKG_BUGFIX_MAJOR_VERSION)$(PKG_BUGFIX_MINOR_VERSION) PKG_DIRECTORY:=$(PKG_MAJOR_MINOR_VERSION).$(PKG_BUGFIX_MAJOR_VERSION) -PKG_RELEASE:=1 +PKG_RELEASE:=2 PKG_SOURCE_URL:=http://www.shorewall.net/pub/shorewall/$(PKG_MAJOR_MINOR_VERSION)/shorewall-$(PKG_DIRECTORY)/ \ http://www1.shorewall.net/pub/shorewall/$(PKG_MAJOR_MINOR_VERSION)/shorewall-$(PKG_DIRECTORY)/ \ diff --git a/net/shorewall/files/hotplug_iface b/net/shorewall/files/hotplug_iface index f787424c1..0071e4ff4 100644 --- a/net/shorewall/files/hotplug_iface +++ b/net/shorewall/files/hotplug_iface @@ -1,13 +1,19 @@ #!/bin/sh -# should restart shorewall when an interface comes up +DEVICE=${DEVICE:-$(/sbin/uci -p /var/state get network."$INTERFACE".ifname)} case "$ACTION" in ifup) - /etc/init.d/shorewall restart + if [ "$INTERFACE" = "lan" ]; then + /usr/sbin/shorewall start + elif [ "${INTERFACE:0:3}" = "wan" ] && + [ "${INTERFACE:$((${#INTERFACE}-2)):2}" != "_6" ]; then + /etc/shorewall/state/firewall enable "$DEVICE" + fi ;; ifdown) - # might need to restore some routing - /etc/init.d/shorewall restart + if [ "${INTERFACE:0:3}" = "wan" ]; then + /etc/shorewall/state/firewall disable "$DEVICE" + fi ;; esac diff --git a/net/shorewall6-lite/Makefile b/net/shorewall6-lite/Makefile index cbc105e2f..425bdcdc7 100644 --- a/net/shorewall6-lite/Makefile +++ b/net/shorewall6-lite/Makefile @@ -14,7 +14,7 @@ PKG_BUGFIX_MAJOR_VERSION:=3 PKG_BUGFIX_MINOR_VERSION:=.2 PKG_VERSION:=$(PKG_MAJOR_MINOR_VERSION).$(PKG_BUGFIX_MAJOR_VERSION)$(PKG_BUGFIX_MINOR_VERSION) PKG_DIRECTORY:=$(PKG_MAJOR_MINOR_VERSION).$(PKG_BUGFIX_MAJOR_VERSION) -PKG_RELEASE:=1 +PKG_RELEASE:=2 PKG_SOURCE_URL:=http://www.shorewall.net/pub/shorewall/$(PKG_MAJOR_MINOR_VERSION)/shorewall-$(PKG_DIRECTORY)/ \ http://www1.shorewall.net/pub/shorewall/$(PKG_MAJOR_MINOR_VERSION)/shorewall-$(PKG_DIRECTORY)/ \ diff --git a/net/shorewall6-lite/files/hotplug_iface b/net/shorewall6-lite/files/hotplug_iface index bb8973b7b..410266aae 100644 --- a/net/shorewall6-lite/files/hotplug_iface +++ b/net/shorewall6-lite/files/hotplug_iface @@ -1,13 +1,19 @@ #!/bin/sh -# should restart shorewall when an interface comes up +DEVICE=${DEVICE:-$(/sbin/uci -p /var/state get network."$INTERFACE".ifname)} case "$ACTION" in ifup) - /etc/init.d/shorewall6-lite restart + if [ "$INTERFACE" = "lan" ]; then + /usr/sbin/shorewall -6 -l start + elif [ "${INTERFACE:0:3}" = "wan" ] && + [ "${INTERFACE:$((${#INTERFACE}-2)):2}" != "_6" ]; then + /etc/shorewall6-lite/state/firewall enable "$DEVICE" + fi ;; ifdown) - # might need to restore some routing - /etc/init.d/shorewall6-lite restart + if [ "${INTERFACE:0:3}" = "wan" ]; then + /etc/shorewall6-lite/state/firewall disable "$DEVICE" + fi ;; -esac \ No newline at end of file +esac diff --git a/net/shorewall6/Makefile b/net/shorewall6/Makefile index d090556f7..7aa3d26c9 100644 --- a/net/shorewall6/Makefile +++ b/net/shorewall6/Makefile @@ -14,7 +14,7 @@ PKG_BUGFIX_MAJOR_VERSION:=3 PKG_BUGFIX_MINOR_VERSION:=.2 PKG_VERSION:=$(PKG_MAJOR_MINOR_VERSION).$(PKG_BUGFIX_MAJOR_VERSION)$(PKG_BUGFIX_MINOR_VERSION) PKG_DIRECTORY:=$(PKG_MAJOR_MINOR_VERSION).$(PKG_BUGFIX_MAJOR_VERSION) -PKG_RELEASE:=1 +PKG_RELEASE:=2 PKG_SOURCE_URL:=http://www.shorewall.net/pub/shorewall/$(PKG_MAJOR_MINOR_VERSION)/shorewall-$(PKG_DIRECTORY)/ \ http://www1.shorewall.net/pub/shorewall/$(PKG_MAJOR_MINOR_VERSION)/shorewall-$(PKG_DIRECTORY)/ \ diff --git a/net/shorewall6/files/hotplug_iface b/net/shorewall6/files/hotplug_iface index aaa03e8a9..bfe2bf7b1 100644 --- a/net/shorewall6/files/hotplug_iface +++ b/net/shorewall6/files/hotplug_iface @@ -1,13 +1,19 @@ #!/bin/sh -# should restart shorewall when an interface comes up +DEVICE=${DEVICE:-$(/sbin/uci -p /var/state get network."$INTERFACE".ifname)} case "$ACTION" in ifup) - /etc/init.d/shorewall6 restart + if [ "$INTERFACE" = "lan" ]; then + /usr/sbin/shorewall -6 start + elif [ "${INTERFACE:0:3}" = "wan" ] && + [ "${INTERFACE:$((${#INTERFACE}-2)):2}" != "_6" ]; then + /etc/shorewall6/state/firewall enable "$DEVICE" + fi ;; ifdown) - # might need to restore some routing - /etc/init.d/shorewall6 restart + if [ "${INTERFACE:0:3}" = "wan" ]; then + /etc/shorewall6/state/firewall disable "$DEVICE" + fi ;; esac