#18636: Reload of firewall ignores user scripts eg. /etc/firewall.user
----------------------+-----------------------------------
Reporter: abra@… | Owner: developers
Type: defect | Status: new
Priority: normal | Milestone: Barrier Breaker 14.07
Component: packages | Version: Barrier Breaker 14.07
Keywords: |
----------------------+-----------------------------------
fw3 is reloaded by hotplug (/etc/hotplug.d/iface/20-firewall) if an
interface changed its state that is specified in a zone
(/etc/config/firewall).
Upon these reloads with "fw3 reload" user scripts are ignored.
User scripts can be defined in /etc/config/firewall according to
http://wiki.openwrt.org/doc/uci/firewall
{{{
config include
option path /etc/firewall.user
}}}
These allow addtions and modifications of rules that cannot be handled by
fw3.
I guess it is not intended that these are ignored.
A bad simple work arround is to change /etc/hotplug.d/iface/20-firewall
to:
{{{
#!/bin/sh
[ "$ACTION" = ifup -o "$ACTION" = ifupdate ] || exit 0
[ "$ACTION" = ifupdate -a -z "$IFUPDATE_ADDRESSES" -a -z "$IFUPDATE_DATA"
] && exit 0
/etc/init.d/firewall enabled || exit 0
fw3 -q network "$INTERFACE" >/dev/null || exit 0
logger -t firewall "Reloading firewall due to $ACTION of $INTERFACE
($DEVICE)"
#fw3 -q reload
fw3 -q restart &
}}}
--
Ticket URL: <https://dev.openwrt.org/ticket/18636>
OpenWrt <http://openwrt.org>
Opensource Wireless Router Technology
_______________________________________________
openwrt-tickets mailing list
[email protected]
https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-tickets
