add firewall protection for wan_device in addition to wan_ifname (fixes #852)

author Felix Fietkau <nbd@openwrt.org>

Sun, 15 Oct 2006 23:04:23 +0000 (23:04 +0000)

committer Felix Fietkau <nbd@openwrt.org>

Sun, 15 Oct 2006 23:04:23 +0000 (23:04 +0000)
author Felix Fietkau <nbd@openwrt.org>
Sun, 15 Oct 2006 23:04:23 +0000 (23:04 +0000)
committer Felix Fietkau <nbd@openwrt.org>
Sun, 15 Oct 2006 23:04:23 +0000 (23:04 +0000)
diff --git a/package/iptables/files/firewall.init b/package/iptables/files/firewall.init

index 1e39d05..4e8317d 100755 (executable)
--- a/package/iptables/files/firewall.init
+++ b/package/iptables/files/firewall.init
@@ -8,6 +8,7 @@ start() {
         scan_interfaces
         
         config_get WAN wan ifname
+       config_get WANDEV wan device
         config_get LAN lan ifname
         
         ## CLEAR TABLES
@@ -25,6 +26,7 @@ start() {
         
         iptables -N LAN_ACCEPT
         [ -z "$WAN" ] || iptables -A LAN_ACCEPT -i "$WAN" -j RETURN
+       [ -z "$WANDEV" -o "$WANDEV" = "$WAN" ] || iptables -A LAN_ACCEPT -i "$WANDEV" -j RETURN
         iptables -A LAN_ACCEPT -j ACCEPT
         
         ### INPUT
author	Felix Fietkau <nbd@openwrt.org>
	Sun, 15 Oct 2006 23:04:23 +0000 (23:04 +0000)
committer	Felix Fietkau <nbd@openwrt.org>
	Sun, 15 Oct 2006 23:04:23 +0000 (23:04 +0000)