contrib/package/freifunk-p2pblock: do not start if no wan interface is present (spotted on the fonera)

contrib/package/freifunk-p2pblock/files/freifunk-p2pblock.init

@@ -19,49 +19,52 @@ start() {
 		
 		config_load network
 		config_get wan wan ifname
-		config_load freifunk_p2pblock
-		config_get layer7 p2pblock layer7
-		config_get ipp2p p2pblock ipp2p
-		config_get portrange p2pblock portrange
-		config_get blocktime p2pblock blocktime
 
-		# load modules
+		if [ -n "$wan" ]; then
-		insmod ipt_ipp2p 2>&-
+			config_load freifunk_p2pblock
-		insmod ipt_layer7 2>&-
+			config_get layer7 p2pblock layer7
-		insmod ipt_recent ip_list_tot=400 ip_pkt_list_tot=3 2>&-
+			config_get ipp2p p2pblock ipp2p
+			config_get portrange p2pblock portrange
+			config_get blocktime p2pblock blocktime
 
-		# create new p2p-chain
+			# load modules
-		iptables -N p2pblock
+			insmod ipt_ipp2p 2>&-
-		# pipe all incomming FORWARD with source-/destination-port 1024-65535 throu p2p-chain 
+			insmod ipt_layer7 2>&-
-		ipt_add "FORWARD -i $wan -p tcp --sport $portrange --dport $portrange -j p2pblock"
+			insmod ipt_recent ip_list_tot=400 ip_pkt_list_tot=3 2>&-
-		ipt_add "FORWARD -i $wan -p udp --sport $portrange --dport $portrange -j p2pblock"
 
-		# if p2p-traffic blocked 3 packages to a destination ip then block all traffic within the next 180 sec (port 1024-65535)
+			# create new p2p-chain
-		ipt_add "p2pblock -m recent --rdest --rcheck --name P2PBLOCK --seconds $blocktime --hitcount 3 -j DROP"
+			iptables -N p2pblock
-		ipt_add "p2pblock -m recent --rdest --rcheck --name P2PBLOCK --seconds $blocktime --hitcount 3 -m limit --limit 1/minute -j LOG --log-prefix P2PBLOCK-DROP:"
+			# pipe all incomming FORWARD with source-/destination-port 1024-65535 throu p2p-chain 
+			ipt_add "FORWARD -i $wan -p tcp --sport $portrange --dport $portrange -j p2pblock"
+			ipt_add "FORWARD -i $wan -p udp --sport $portrange --dport $portrange -j p2pblock"
 
-		# create layer7-rules
+			# if p2p-traffic blocked 3 packages to a destination ip then block all traffic within the next 180 sec (port 1024-65535)
-		for proto in $layer7; do
+			ipt_add "p2pblock -m recent --rdest --rcheck --name P2PBLOCK --seconds $blocktime --hitcount 3 -j DROP"
-			ipt_add "p2pblock -m layer7 --l7proto $proto -m recent --rdest --set --name P2PBLOCK"
+			ipt_add "p2pblock -m recent --rdest --rcheck --name P2PBLOCK --seconds $blocktime --hitcount 3 -m limit --limit 1/minute -j LOG --log-prefix P2PBLOCK-DROP:"
-			ipt_add "p2pblock -m layer7 --l7proto $proto -m limit --limit 1/minute -j LOG --log-prefix P2PBLOCK-seen-$proto:"
-		done
 
-		# create ipp2p-rules
+			# create layer7-rules
-		for proto in $ipp2p; do
+			for proto in $layer7; do
-			ipt_add "p2pblock -m ipp2p --$proto -m recent --rdest --set --name P2PBLOCK"
+				ipt_add "p2pblock -m layer7 --l7proto $proto -m recent --rdest --set --name P2PBLOCK"
-			ipt_add "p2pblock -m ipp2p --$proto -m limit --limit 1/minute -j LOG --log-prefix P2PBLOCK-seen-$proto:"
+				ipt_add "p2pblock -m layer7 --l7proto $proto -m limit --limit 1/minute -j LOG --log-prefix P2PBLOCK-seen-$proto:"
-		done
+			done
 
-		# insert whitelisted ips
+			# create ipp2p-rules
-		for ip in $WHITELIST; do
+			for proto in $ipp2p; do
-			ipt_add "p2pblock -d $ip -j RETURN"
+				ipt_add "p2pblock -m ipp2p --$proto -m recent --rdest --set --name P2PBLOCK"
-		done
+				ipt_add "p2pblock -m ipp2p --$proto -m limit --limit 1/minute -j LOG --log-prefix P2PBLOCK-seen-$proto:"
+			done
 
-		logger -s -t "$ME" 'Done.'; return 0
+			# insert whitelisted ips
+			for ip in $WHITELIST; do
+				ipt_add "p2pblock -d $ip -j RETURN"
+			done
 
+			logger -s -t "$ME" 'Done.'; return 0
+		else
+			logger -s -t "$ME" 'No wan interface present.'; return 0	
+		fi
 	else
 		logger -s -t "$ME" 'WARNING! already running - Aborting!'; return 2
-
 	fi
 }