root/etc/hotplug.d/iface/20-firewall

   1 #!/bin/sh
   2
   3 has_zone() {
   4         fw4 -q network "$INTERFACE" >/dev/null && return 0
   5         eval $(ubus call "network.interface.$INTERFACE" status | jsonfilter -e 'ZONE=@.data.zone')
   6         fw4 -q zone "$ZONE" >/dev/null
   7 }
   8
   9 [ "$ACTION" = ifup -o "$ACTION" = ifupdate ] || exit 0
  10 [ "$ACTION" = ifupdate -a -z "$IFUPDATE_ADDRESSES" -a -z "$IFUPDATE_DATA" ] && exit 0
  11
  12 /etc/init.d/firewall enabled || exit 0
  13
  14 has_zone || exit 0
  15
  16 logger -t firewall "Reloading firewall due to $ACTION of $INTERFACE ($DEVICE)"
  17 fw4 -q reload