}
upnp_firewall_addif() {
- local intif
- local intip
- local coldplug="$1"
+ local extif
+ local extip
+ local iface
config_load upnpd
- config_get intif config internal_iface
+ config_get iface config external_iface
+
+ [ -n "$INTERFACE" -a "$INTERFACE" != "$iface" ] && return
config_load network
+ config_get extip "${iface:-wan}" ipaddr
+ config_get extif "${iface:-wan}" ifname
+
+ logger -t "upnp firewall" "adding wan interface $extif($extip)"
+
+ upnp_ipt -t nat -N miniupnpd_${iface:-wan}_rule
+ upnp_ipt -t nat -A miniupnpd_${iface:-wan}_rule -i $extif -d $extip -j MINIUPNPD
+ upnp_ipt -t nat -A prerouting_rule -j miniupnpd_${iface:-wan}_rule
- for iface in ${intif:-lan}; do
- if [ -n "$coldplug" -o "$iface" == "$INTERFACE" ]; then
- config_get intip "$iface" ipaddr
- config_get intif "$iface" ifname
-
- [ -n "$intif" -a -n "$intip" ] && {
- logger -t "upnp firewall" "adding interface $iface($intip)"
-
- upnp_ipt -t nat -N MINIUPNPD
- upnp_ipt -t nat -N miniupnpd_${iface}_rule
- upnp_ipt -t nat -A miniupnpd_${iface}_rule -i $intif -d $intip -j MINIUPNPD
- upnp_ipt -t nat -A prerouting_rule -j miniupnpd_${iface}_rule
-
- upnp_ipt -t filter -N MINIUPNPD
- upnp_ipt -t filter -N miniupnpd_${iface}_rule
- upnp_ipt -t filter -A miniupnpd_${iface}_rule -i $intif -o ! $intif -j MINIUPNPD
- upnp_ipt -t filter -A forwarding_rule -j miniupnpd_${iface}_rule
- }
- fi
- done
+ upnp_ipt -t filter -N miniupnpd_${iface:-wan}_rule
+ upnp_ipt -t filter -A miniupnpd_${iface:-wan}_rule -i $extif -o ! $extif -j MINIUPNPD
+ upnp_ipt -t filter -A forwarding_rule -j miniupnpd_${iface:-wan}_rule
}
upnp_firewall_delif() {
- local iface="${1:-$INTERFACE}"
+ local iface
+
+ config_load upnpd
+ config_get iface config external_iface
- if [ -n "$iface" ]; then
- logger -t "upnp firewall" "removing interface $iface"
+ [ -n "$INTERFACE" -a "$INTERFACE" != "$iface" ] && return
- upnp_ipt -t nat -D prerouting_rule -j miniupnpd_${iface}_rule
- upnp_ipt -t nat -F miniupnpd_${iface}_rule
- upnp_ipt -t nat -X miniupnpd_${iface}_rule
+ logger -t "upnp firewall" "removing wan interface"
- upnp_ipt -t filter -D forwarding_rule -j miniupnpd_${iface}_rule
- upnp_ipt -t filter -F miniupnpd_${iface}_rule
- upnp_ipt -t filter -X miniupnpd_${iface}_rule
- fi
+ upnp_ipt -t nat -D prerouting_rule -j miniupnpd_${iface:-wan}_rule
+ upnp_ipt -t nat -F miniupnpd_${iface:-wan}_rule
+ upnp_ipt -t nat -X miniupnpd_${iface:-wan}_rule
+
+ upnp_ipt -t filter -D forwarding_rule -j miniupnpd_${iface:-wan}_rule
+ upnp_ipt -t filter -F miniupnpd_${iface:-wan}_rule
+ upnp_ipt -t filter -X miniupnpd_${iface:-wan}_rule
}
upnp_firewall_start() {
- logger -t "upnp firewall" "starting ..."
- upnp_firewall_addif coldplug
+ upnp_ipt -t nat -N MINIUPNPD
+ upnp_ipt -t filter -N MINIUPNPD
+ upnp_firewall_addif
}
upnp_firewall_stop() {
- local intif
- config_load upnpd
- config_get intif config internal_iface
-
- logger -t "upnp firewall" "stopping ..."
-
- for iface in ${intif:-lan}; do
- upnp_firewall_delif "$iface"
- done
-
+ upnp_firewall_delif
upnp_ipt -t nat -F MINIUPNPD
upnp_ipt -t nat -X MINIUPNPD
upnp_ipt -t filter -F MINIUPNPD
include /lib/miniupnpd
+boot() {
+ # On boot, there's a race condition with hotplug,
+ # therfore do nothing here
+ return
+}
+
start() {
local extif
local intif
+ local extiface
local upload
local download
local logging
config_get download config download
config_get_bool logging config log_output 0
- config_get extif ${extif:-wan} ifname
+ config_load "network"
+ config_get extiface ${extif:-wan} ifname
- if [ -n "$extif" ]; then
- logger -t "upnp daemon" "starting ..."
-
+ if [ -n "$extiface" ]; then
upnp_firewall_start
- local args="-i $extif"
+ local args="-i $extiface"
for iface in ${intif:-lan}; do
local ipaddr
append args "-p 5000 -U"
[ -n "$upload" -a -n "$download" ] && \
- append args "-B $(($upload * 1024 / 8)) $(($download * 1024 / 8))"
+ append args "-B $(($download * 1024 * 8)) $(($upload * 1024 * 8))"
if [ "$logging" = "1" ]; then
eval start-stop-daemon -S -x miniupnpd -- $args -d | logger -t miniupnpd &
}
stop() {
- logger -t "upnp daemon" "stopping ..."
start-stop-daemon -K -q -x miniupnpd -p /var/run/miniupnpd.pid
upnp_firewall_stop
}
projects / openwrt / svn-archive / packages.git / commitdiff