mirror of https://github.com/aredn/aredn.git
69 lines
2.6 KiB
Bash
Executable File
69 lines
2.6 KiB
Bash
Executable File
#!/bin/sh
|
|
<<'LICENSE'
|
|
Part of AREDN -- Used for creating Amateur Radio Emergency Data Networks
|
|
Copyright (C) 2015 Joe Ayers ae6xe@arrl.net
|
|
See Contributors file for additional contributors
|
|
|
|
This program is free software: you can redistribute it and/or modify
|
|
it under the terms of the GNU General Public License as published by
|
|
the Free Software Foundation version 3 of the License.
|
|
|
|
This program is distributed in the hope that it will be useful,
|
|
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
GNU General Public License for more details.
|
|
|
|
You should have received a copy of the GNU General Public License
|
|
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
|
|
|
Additional Terms:
|
|
|
|
Additional use restrictions exist on the AREDN(TM) trademark and logo.
|
|
See AREDNLicense.txt for more info.
|
|
|
|
Attributions to the AREDN Project must be retained in the source code.
|
|
If importing this code into a new or existing project attribution
|
|
to the AREDN project must be added to the source code.
|
|
|
|
You must not misrepresent the origin of the material conained within.
|
|
|
|
Modified versions must be modified to attribute to the original source
|
|
and be marked in reasonable ways as differentiate it from the original
|
|
version.
|
|
|
|
LICENSE
|
|
# This script assumes a pre-existing OpenWRT-UCI netfilter table structure
|
|
# $1 = tun0 | tun1 | ... | tun9
|
|
# $2 = up | down
|
|
|
|
interface=$1
|
|
action=$2
|
|
configmode=`uci -q -c /etc/local/uci/ get hsmmmesh.settings.config`
|
|
echo "Firewall rules for $interface $action"
|
|
|
|
# Do nothing if node is not in mesh mode
|
|
if [ "$configmode" != "mesh" ] ; then exit 0; fi
|
|
|
|
if [ "$action" = "up" ] ; then
|
|
# Adding route policies for tunnel interface
|
|
# identical to hotplug for dtdlink
|
|
if ( ! `ip rule list | egrep "^20020:.*$interface.*30" > /dev/null`) then
|
|
if [ -e /etc/config/dmz-mode ] ; then
|
|
ip rule add pref 20010 iif $interface lookup 29 # local interfaces
|
|
fi
|
|
ip rule add pref 20020 iif $interface lookup 30 # mesh
|
|
ip rule add pref 20080 iif $interface lookup 31 # gateway
|
|
ip rule add pref 20090 iif $interface lookup main
|
|
ip rule add pref 20099 iif $interface unreachable
|
|
fi
|
|
else
|
|
# Remove route policies for tunnel interface
|
|
ip rule del pref 20010 iif $interface lookup 29
|
|
ip rule del pref 20020 iif $interface lookup 30
|
|
ip rule del pref 20080 iff $interface lookup 31
|
|
ip rule del pref 20090 iff $interface lookup main
|
|
ip rule del pref 20099 iif $interface unreachable
|
|
fi
|
|
|
|
exit 0;
|