Difuse/luci
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

contrib/meshwizard: allowssh and allowweb can be set for wan dhcp proto too now

Browse source
This commit is contained in:
Manuel Munz 2012-07-09 17:57:24 +00:00
parent 1e7a41732f
commit dc7cf4417d
4 changed files with 42 additions and 28 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

27
contrib/package/meshwizard/files/usr/bin/meshwizard/helpers/setup_firewall.sh
View file

@ -109,4 +109,31 @@ if [ "$profile_ipv6_config" = "auto-ipv6-dhcpv6" ]; then
EOF EOF
fi fi
# Firewall rules to allow incoming ssh and web if enabled
if [ "$wan_allowssh" == 1 ]; then
uci batch <<- EOF
set firewall.wanssh=rule
set firewall.wanssh.src=wan
set firewall.wanssh.target=ACCEPT
set firewall.wanssh.proto=tcp
set firewall.wanssh.dest_port=22
EOF
fi
if [ "$wan_allowweb" == 1 ]; then
uci batch <<- EOF
set firewall.wanweb=rule
set firewall.wanweb.src=wan
set firewall.wanweb.target=ACCEPT
set firewall.wanweb.proto=tcp
set firewall.wanweb.dest_port=80
set firewall.wanwebhttps=rule
set firewall.wanwebhttps.src=wan
set firewall.wanwebhttps.target=ACCEPT
set firewall.wanwebhttps.proto=tcp
set firewall.wanwebhttps.dest_port=443
EOF
fi
uci_commitverbose "Setup rules, forwardings, advanced config and includes." firewall uci_commitverbose "Setup rules, forwardings, advanced config and includes." firewall

11
contrib/package/meshwizard/files/usr/bin/meshwizard/helpers/setup_wan_dhcp.sh Executable file
View file

@ -0,0 +1,11 @@
#!/bin/sh
# Setup dhcp interface settings for wan. This is the OpenWrt default,
# so all we need to do here is to delete wan from meshwizard after setup.
[ ! "$(uci -q get network.wan)" == "interface" ] && exit
. /lib/functions.sh
. $dir/functions.sh
uci delete meshwizard.wan && uci commit meshwizard

28
contrib/package/meshwizard/files/usr/bin/meshwizard/helpers/setup_wan_static.sh
View file

@ -18,31 +18,3 @@ uci_commitverbose "Setup static ip settings for wan" network
uci delete meshwizard.wan && uci commit meshwizard uci delete meshwizard.wan && uci commit meshwizard
# Firewall rules to allow incoming ssh and web
if [ "$wan_allowssh" == 1 ]; then
uci batch <<- EOF
set firewall.wanssh=rule
set firewall.wanssh.src=wan
set firewall.wanssh.target=ACCEPT
set firewall.wanssh.proto=tcp
set firewall.wanssh.dest_port=22
EOF
uci_commitverbose "Allow incoming connections to port 22 (ssh) on wan" firewall
fi
if [ "$wan_allowweb" == 1 ]; then
uci batch <<- EOF
set firewall.wanweb=rule
set firewall.wanweb.src=wan
set firewall.wanweb.target=ACCEPT
set firewall.wanweb.proto=tcp
set firewall.wanweb.dest_port=80
set firewall.wanwebhttps=rule
set firewall.wanwebhttps.src=wan
set firewall.wanwebhttps.target=ACCEPT
set firewall.wanwebhttps.proto=tcp
set firewall.wanwebhttps.dest_port=443
EOF
uci_commitverbose "Allow incoming connections to port 80 and 443 (http and https) on wan" firewall
fi

4
contrib/package/meshwizard/files/usr/bin/meshwizard/wizard.sh
View file

@ -64,6 +64,10 @@ if [ "$wan_proto" == "static" ] && [ -n "$wan_ip4addr" ] && [ -n "$wan_netmask"
$dir/helpers/setup_wan_static.sh $dir/helpers/setup_wan_static.sh
fi fi
if [ "$wan_proto" == "dhcp" ]; then
$dir/helpers/setup_wan_dhcp.sh
fi
if [ "$lan_proto" == "static" ] && [ -n "$lan_ip4addr" ] && [ -n "$lan_netmask" ]; then if [ "$lan_proto" == "static" ] && [ -n "$lan_ip4addr" ] && [ -n "$lan_netmask" ]; then
$dir/helpers/setup_lan_static.sh $dir/helpers/setup_lan_static.sh
fi fi