From: Felix Fietkau Date: Sun, 15 Oct 2006 23:04:23 +0000 (+0000) Subject: add firewall protection for wan_device in addition to wan_ifname (fixes #852) X-Git-Tag: reboot~30663 X-Git-Url: http://git.lede-project.org./?a=commitdiff_plain;h=afd6539a653f4127d816f225b9b793fccb848ff2;p=openwrt%2Fstaging%2Fjogo.git add firewall protection for wan_device in addition to wan_ifname (fixes #852) SVN-Revision: 5136 --- diff --git a/package/iptables/files/firewall.init b/package/iptables/files/firewall.init index 1e39d05fd9..4e8317d662 100755 --- a/package/iptables/files/firewall.init +++ b/package/iptables/files/firewall.init @@ -8,6 +8,7 @@ start() { scan_interfaces config_get WAN wan ifname + config_get WANDEV wan device config_get LAN lan ifname ## CLEAR TABLES @@ -25,6 +26,7 @@ start() { iptables -N LAN_ACCEPT [ -z "$WAN" ] || iptables -A LAN_ACCEPT -i "$WAN" -j RETURN + [ -z "$WANDEV" -o "$WANDEV" = "$WAN" ] || iptables -A LAN_ACCEPT -i "$WANDEV" -j RETURN iptables -A LAN_ACCEPT -j ACCEPT ### INPUT