From b07ecaf6c64ad0d882842de54dbc39dfafc147b2 Mon Sep 17 00:00:00 2001 From: Jo-Philipp Wich Date: Tue, 4 Jun 2013 12:56:48 +0000 Subject: [PATCH] AA: miniupnpd: merge r36011, r36057 SVN-Revision: 36844 --- net/miniupnpd/Makefile | 21 ++++++-- net/miniupnpd/files/firewall.include | 15 ++++++ net/miniupnpd/files/miniupnpd.defaults | 13 +++++ .../files/miniupnpd.firewall.hotplug | 50 ------------------- ...iupnpd.iface.hotplug => miniupnpd.hotplug} | 0 net/miniupnpd/files/miniupnpd.init | 17 +------ 6 files changed, 45 insertions(+), 71 deletions(-) create mode 100644 net/miniupnpd/files/firewall.include create mode 100644 net/miniupnpd/files/miniupnpd.defaults delete mode 100644 net/miniupnpd/files/miniupnpd.firewall.hotplug rename net/miniupnpd/files/{miniupnpd.iface.hotplug => miniupnpd.hotplug} (100%) diff --git a/net/miniupnpd/Makefile b/net/miniupnpd/Makefile index 2563dfcddd..7e8344571f 100644 --- a/net/miniupnpd/Makefile +++ b/net/miniupnpd/Makefile @@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=miniupnpd PKG_VERSION:=1.8.20130426 -PKG_RELEASE:=1 +PKG_RELEASE:=2 PKG_SOURCE_URL:=http://miniupnp.free.fr/files PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz @@ -31,6 +31,17 @@ define Package/miniupnpd/conffiles /etc/config/upnpd endef +define Package/miniupnpd/postinst +#!/bin/sh + +if [ -z "$$IPKG_INSTROOT" ]; then + ( . /etc/uci-defaults/99-miniupnpd ) + rm -f /etc/uci-defaults/99-miniupnpd +fi + +exit 0 +endef + define Build/Prepare $(call Build/Prepare/Default) echo "OpenWrt/$(OPENWRTVERSION)" | tr \(\)\ _ >$(PKG_BUILD_DIR)/os.openwrt @@ -44,13 +55,13 @@ MAKE_FLAGS += \ miniupnpd define Package/miniupnpd/install - $(INSTALL_DIR) $(1)/usr/sbin $(1)/etc/init.d $(1)/etc/config $(1)/etc/hotplug.d/iface $(1)/etc/hotplug.d/firewall + $(INSTALL_DIR) $(1)/usr/sbin $(1)/etc/init.d $(1)/etc/config $(1)/etc/uci-defaults $(1)/etc/hotplug.d/iface $(1)/usr/share/miniupnpd $(INSTALL_BIN) $(PKG_BUILD_DIR)/miniupnpd $(1)/usr/sbin/miniupnpd $(INSTALL_BIN) ./files/miniupnpd.init $(1)/etc/init.d/miniupnpd $(INSTALL_CONF) ./files/upnpd.config $(1)/etc/config/upnpd - $(INSTALL_DATA) ./files/miniupnpd.iface.hotplug $(1)/etc/hotplug.d/iface/50-miniupnpd - $(INSTALL_DATA) ./files/miniupnpd.firewall.hotplug $(1)/etc/hotplug.d/firewall/50-miniupnpd - $(INSTALL_DIR) $(1)/usr/share/miniupnpd + $(INSTALL_DATA) ./files/miniupnpd.hotplug $(1)/etc/hotplug.d/iface/50-miniupnpd + $(INSTALL_DATA) ./files/miniupnpd.defaults $(1)/etc/uci-defaults/99-miniupnpd + $(INSTALL_DATA) ./files/firewall.include $(1)/usr/share/miniupnpd/firewall.include endef $(eval $(call BuildPackage,miniupnpd)) diff --git a/net/miniupnpd/files/firewall.include b/net/miniupnpd/files/firewall.include new file mode 100644 index 0000000000..64c58214af --- /dev/null +++ b/net/miniupnpd/files/firewall.include @@ -0,0 +1,15 @@ +#!/bin/sh +# miniupnpd integration for firewall3 + +iptables -t filter -N MINIUPNPD 2>/dev/null +iptables -t nat -N MINIUPNPD 2>/dev/null + +local ext_iface +for ext_iface in $(uci -q get upnpd.config.external_iface); do + local ext_zone + for ext_zone in $(fw3 -q network "$ext_iface"); do + iptables -t filter -I zone_${ext_zone}_forward -j MINIUPNPD + iptables -t nat -I zone_${ext_zone}_prerouting -j MINIUPNPD + done +done + diff --git a/net/miniupnpd/files/miniupnpd.defaults b/net/miniupnpd/files/miniupnpd.defaults new file mode 100644 index 0000000000..c6bc19a876 --- /dev/null +++ b/net/miniupnpd/files/miniupnpd.defaults @@ -0,0 +1,13 @@ +#!/bin/sh + +uci -q batch <<-EOT + delete firewall.miniupnpd + set firewall.miniupnpd=include + set firewall.miniupnpd.type=script + set firewall.miniupnpd.path=/usr/share/miniupnpd/firewall.include + set firewall.miniupnpd.family=IPv4 + set firewall.miniupnpd.reload=1 + commit firewall +EOT + +exit 0 diff --git a/net/miniupnpd/files/miniupnpd.firewall.hotplug b/net/miniupnpd/files/miniupnpd.firewall.hotplug deleted file mode 100644 index f2d980ca80..0000000000 --- a/net/miniupnpd/files/miniupnpd.firewall.hotplug +++ /dev/null @@ -1,50 +0,0 @@ -#!/bin/sh - -miniupnpd_add_rules() { - local zone="$1" - local network="$2" - local iface="$3" - - miniupnpd_remove_rules - - logger -t miniupnpd "adding firewall rules for $iface to zone $zone" - - iptables -t nat -N MINIUPNPD 2>/dev/null - iptables -t nat -I zone_${zone}_prerouting -i $iface -j MINIUPNPD - iptables -t filter -N MINIUPNPD 2>/dev/null - iptables -t filter -I zone_${zone}_forward -i $iface ! -o $iface -j MINIUPNPD - - uci_set_state upnpd state "" state - uci_set_state upnpd state zone "$zone" - uci_set_state upnpd state ifname "$iface" - uci_set_state upnpd state network "$network" -} - -miniupnpd_remove_rules() { - local zone="$(uci_get_state upnpd state zone)" - local iface="$(uci_get_state upnpd state ifname)" - - [ -n "$zone" ] && [ -n "$iface" ] && { - logger -t miniupnpd "removing firewall rules for $iface from zone $zone" - - while iptables -t nat -D zone_${zone}_prerouting \ - -i $iface -j MINIUPNPD 2>/dev/null; do :; done - - while iptables -t filter -D zone_${zone}_forward \ - -i $iface ! -o $iface -j MINIUPNPD 2>/dev/null; do :; done - } - - uci_revert_state upnpd -} - -/etc/init.d/miniupnpd enabled && [ -n "`pidof miniupnpd`" ] && { - - local extif="$(uci_get upnpd config external_iface)" - local curif="$(uci_get_state upnpd state network)" - - if [ "$ACTION" = "add" ] && [ "$INTERFACE" = "$extif" ]; then - miniupnpd_add_rules "$ZONE" "$INTERFACE" "$DEVICE" - elif [ "$ACTION" = "remove" ] && [ "$INTERFACE" = "$curif" ]; then - miniupnpd_remove_rules - fi -} diff --git a/net/miniupnpd/files/miniupnpd.iface.hotplug b/net/miniupnpd/files/miniupnpd.hotplug similarity index 100% rename from net/miniupnpd/files/miniupnpd.iface.hotplug rename to net/miniupnpd/files/miniupnpd.hotplug diff --git a/net/miniupnpd/files/miniupnpd.init b/net/miniupnpd/files/miniupnpd.init index 4812f28d69..ef67d7246e 100644 --- a/net/miniupnpd/files/miniupnpd.init +++ b/net/miniupnpd/files/miniupnpd.init @@ -62,9 +62,6 @@ boot() { } start() { - type miniupnpd_add_rules >/dev/null 2>/dev/null || \ - ACTION=- . /etc/hotplug.d/firewall/50-miniupnpd - config_load "upnpd" local extiface intiface upload download logging secure enabled natpmp local extip port usesysuptime conffile serial_number model_number @@ -165,12 +162,7 @@ start() { if [ -n "$ifname" ]; then # start firewall - local zone - config_load firewall - config_get zone core "${extiface:-wan}_zone" - - [ -n "$zone" ] && \ - miniupnpd_add_rules "$zone" "${extiface:-wan}" "$ifname" + iptables -L MINIUPNPD >/dev/null 2>/dev/null || fw3 reload if [ "$logging" = "1" ]; then SERVICE_DAEMONIZE=1 \ @@ -187,13 +179,6 @@ start() { stop() { service_stop /usr/sbin/miniupnpd - type miniupnpd_remove_rules >/dev/null 2>/dev/null || \ - ACTION=- . /etc/hotplug.d/firewall/50-miniupnpd - - miniupnpd_remove_rules - iptables -t nat -F MINIUPNPD 2>/dev/null - iptables -t nat -X MINIUPNPD 2>/dev/null iptables -t filter -F MINIUPNPD 2>/dev/null - iptables -t filter -X MINIUPNPD 2>/dev/null } -- 2.30.2