Add ebtables package
This commit is contained in:
Matthias Schiffer
parent
6543ef9725
commit
8f20b25632
36
package/gluon-ebtables/Makefile
Normal file
36
package/gluon-ebtables/Makefile
Normal file
@ -0,0 +1,36 @@
|
|||||||
|
include $(TOPDIR)/rules.mk
|
||||||
|
|
||||||
|
PKG_NAME:=gluon-ebtables
|
||||||
|
PKG_VERSION:=0.3.2.99
|
||||||
|
PKG_RELEASE:=1
|
||||||
|
|
||||||
|
PKG_BUILD_DIR := $(BUILD_DIR)/$(PKG_NAME)
|
||||||
|
|
||||||
|
include $(INCLUDE_DIR)/package.mk
|
||||||
|
|
||||||
|
define Package/gluon-ebtables
|
||||||
|
SECTION:=gluon
|
||||||
|
CATEGORY:=Gluon
|
||||||
|
TITLE:=Ebtables support
|
||||||
|
DEPENDS:=+gluon-core +ebtables +kmod-ebtables-ipv4 +kmod-ebtables-ipv6
|
||||||
|
endef
|
||||||
|
|
||||||
|
define Package/gluon-ebtables/description
|
||||||
|
Gluon community wifi mesh firmware framework: ebtables support
|
||||||
|
endef
|
||||||
|
|
||||||
|
define Build/Prepare
|
||||||
|
mkdir -p $(PKG_BUILD_DIR)
|
||||||
|
endef
|
||||||
|
|
||||||
|
define Build/Configure
|
||||||
|
endef
|
||||||
|
|
||||||
|
define Build/Compile
|
||||||
|
endef
|
||||||
|
|
||||||
|
define Package/gluon-ebtables/install
|
||||||
|
$(CP) ./files/* $(1)/
|
||||||
|
endef
|
||||||
|
|
||||||
|
$(eval $(call BuildPackage,gluon-ebtables))
|
||||||
74
package/gluon-ebtables/files/etc/init.d/gluon-ebtables
Executable file
74
package/gluon-ebtables/files/etc/init.d/gluon-ebtables
Executable file
@ -0,0 +1,74 @@
|
|||||||
|
#!/bin/sh /etc/rc.common
|
||||||
|
# Copyright (C) 2013 Project Gluon
|
||||||
|
#
|
||||||
|
# Firewall script for inserting and removing ebtables rules.
|
||||||
|
#
|
||||||
|
# Example format, for filtering any IPv4 multicast packets to the SSDP UDP port:
|
||||||
|
# rule FORWARD --logical-out br-client -d Multicast -p IPv4 --ip-protocol udp --ip-destination-port 5355 -j DROP
|
||||||
|
#
|
||||||
|
# Removing all rules:
|
||||||
|
# $ ./firewall-ebtables stop
|
||||||
|
# Inserting all rules:
|
||||||
|
# $ ./firewall-ebtables start
|
||||||
|
# Inserting a specific rule file:
|
||||||
|
# $ ./firewall-ebtables start /lib/gluon/ebtables/100-mcast-chain
|
||||||
|
# Removing a specific rule file:
|
||||||
|
# $ ./firewall-ebtables stop /lib/gluon/ebtables/100-mcast-chain
|
||||||
|
|
||||||
|
|
||||||
|
START=19
|
||||||
|
STOP=91
|
||||||
|
|
||||||
|
|
||||||
|
exec_file() {
|
||||||
|
local file="$1"
|
||||||
|
|
||||||
|
sh -c "
|
||||||
|
eval 'rule() {
|
||||||
|
$EBTABLES_RULE
|
||||||
|
}'
|
||||||
|
eval 'chain() {
|
||||||
|
$EBTABLES_CHAIN
|
||||||
|
}'
|
||||||
|
source \"$1\"
|
||||||
|
" - "$file"
|
||||||
|
}
|
||||||
|
|
||||||
|
exec_all() {
|
||||||
|
local sort_arg="$1"
|
||||||
|
|
||||||
|
local old_ifs="$IFS"
|
||||||
|
IFS='
|
||||||
|
'
|
||||||
|
for file in `find /lib/gluon/ebtables -type f | sort $sort_arg`; do
|
||||||
|
exec_file "$file"
|
||||||
|
done
|
||||||
|
IFS="$old_ifs"
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
start() {
|
||||||
|
(
|
||||||
|
export EBTABLES_RULE='ebtables -A "$@"'
|
||||||
|
export EBTABLES_CHAIN='ebtables -N "$1" -P "$2"'
|
||||||
|
|
||||||
|
if [ -z "$1" ]; then
|
||||||
|
exec_all ''
|
||||||
|
else
|
||||||
|
exec_file "$1"
|
||||||
|
fi
|
||||||
|
)
|
||||||
|
}
|
||||||
|
|
||||||
|
stop() {
|
||||||
|
(
|
||||||
|
export EBTABLES_RULE='ebtables -D "$@"'
|
||||||
|
export EBTABLES_CHAIN='ebtables -X "$1"'
|
||||||
|
|
||||||
|
if [ -z "$1" ]; then
|
||||||
|
exec_all '-r'
|
||||||
|
else
|
||||||
|
exec_file "$1"
|
||||||
|
fi
|
||||||
|
)
|
||||||
|
}
|
||||||
Loading…
Reference in New Issue
Block a user