ocserv: avoid setting up the firewall from ocserv.init

Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

diff --git a/net/ocserv/files/ocserv.init b/net/ocserv/files/ocserv.init
index d3e7f83a0e59fe0e9f723b2256bf6e3706b19dc8..612262087a862c2a24d478b66e27a3a4be972b4f 100644 (file)
--- a/net/ocserv/files/ocserv.init
+++ b/net/ocserv/files/ocserv.init
@@ -4,30 +4,6 @@ SERVICE_USE_PID=1
 
 START=50
 
-setup_firewall() {
-       local port fw
-       config_get port $1 port
-       test -z "$port" && return
-
-       config_get fwport $1 fwport
-       test "$fwport" = "$port" && return
-
-       logger -t ocserv "opening port $port..."
-       #can we remove the old rule?
-       uci add firewall rule
-       uci set firewall.@rule[-1].src=wan
-       uci set firewall.@rule[-1].name="ocserv-ext-port"
-       uci set firewall.@rule[-1].target=ACCEPT
-       uci set firewall.@rule[-1].proto=tcpudp
-       uci set firewall.@rule[-1].dest_port=$port
-       uci commit firewall
-
-       uci set ocserv.config.fwport="$port"
-       uci commit ocserv
-
-       /etc/init.d/firewall restart
-}
-
 setup_config() {
        config_get port         $1 port "4443"
        config_get max_clients  $1 max_clients "8"
@@ -170,8 +146,6 @@ start() {
        chmod 600 /var/etc/ocpasswd
        config_foreach setup_users ocservusers
 
-       setup_firewall config
-
        service_start /usr/sbin/ocserv -c /var/etc/ocserv.conf
 }