ocserv: cleaned up startup script

Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

diff --git a/net/ocserv/files/ocserv.init b/net/ocserv/files/ocserv.init
index 3dfcd0fc69e6f2733d02eb59930eb4d9627087ab..d3e7f83a0e59fe0e9f723b2256bf6e3706b19dc8 100644 (file)
--- a/net/ocserv/files/ocserv.init
+++ b/net/ocserv/files/ocserv.init
@@ -6,27 +6,26 @@ START=50
 
 setup_firewall() {
        local port fw
-       config_get port         $1 port
+       config_get port $1 port
        test -z "$port" && return
 
-       config_get fwport               $1 "fwport"
+       config_get fwport $1 fwport
        test "$fwport" = "$port" && return
 
+       logger -t ocserv "opening port $port..."
        #can we remove the old rule?
        uci add firewall rule
        uci set firewall.@rule[-1].src=wan
+       uci set firewall.@rule[-1].name="ocserv-ext-port"
        uci set firewall.@rule[-1].target=ACCEPT
        uci set firewall.@rule[-1].proto=tcpudp
        uci set firewall.@rule[-1].dest_port=$port
        uci commit firewall
-       /etc/init.d/firewall restart
 
        uci set ocserv.config.fwport="$port"
        uci commit ocserv
-}
 
-clear_firewall() {
-       iptables-save | grep -v ocserv-rule | iptables-restore
+       /etc/init.d/firewall restart
 }
 
 setup_config() {
@@ -178,7 +177,6 @@ start() {
 
 stop() {
        service_stop /usr/sbin/ocserv
-       clear_firewall
 }
        
 reload() {