From: John Crispin Date: Mon, 11 Aug 2008 20:46:17 +0000 (+0000) Subject: uci firewall - remove implicit creation of zones, based on network interfaces X-Git-Url: http://git.lede-project.org./?a=commitdiff_plain;h=0f5cbca010c00b483bf7678ab7fa59dfafcd58d3;p=openwrt%2Fstaging%2Fthess.git uci firewall - remove implicit creation of zones, based on network interfaces SVN-Revision: 12281 --- diff --git a/package/firewall/files/new/20-firewall b/package/firewall/files/new/20-firewall index a8ce17c976..217e3f66bb 100644 --- a/package/firewall/files/new/20-firewall +++ b/package/firewall/files/new/20-firewall @@ -20,9 +20,7 @@ load_zones() { config_foreach load_zones zone -IFACE=$(find_config $INTERFACE) -[ -n "$IFACE" ] && - list_contains ZONE $IFACE || ZONE="$ZONE $IFACE" +[ -z "$ZONE" ] && exit 0 [ ifup = "$ACTION" ] && { for z in $ZONE; do diff --git a/package/firewall/files/new/uci_firewall.sh b/package/firewall/files/new/uci_firewall.sh index dcb9c100bf..e1683e9cf0 100755 --- a/package/firewall/files/new/uci_firewall.sh +++ b/package/firewall/files/new/uci_firewall.sh @@ -91,10 +91,6 @@ load_synflood() { $IPTABLES -A INPUT -p tcp --syn -j SYN_FLOOD } -create_network_zone() { - create_zone "$1" "$1" -} - fw_defaults() { load_policy $1 DEF_INPUT=$input @@ -261,8 +257,6 @@ fw_init() { config_foreach fw_defaults defaults echo "Loading zones" config_foreach fw_zone zone - echo "Loading interfaces" - config_foreach create_network_zone interface echo "Loading rules" config_foreach fw_rule rule echo "Loading forwarding"