Changeset 11298

Timestamp:

01/02/09 13:43:56 (4 years ago)

Author:

BrainSlayer

Message:

remove loopback option here, since its covered by loopback_enable within the firewall options

Location:

src/router/services

Files:

• include/services.h (modified) (1 diff)
• networking/firewall.c (modified) (5 diffs)
• sysinit/defaults.c (modified) (1 diff)

src/router/services/include/services.h

@@ -150 +150 @@
 void start_openvpnserverwan(void);
 void stop_openvpnserverwan(void);
+
+void start_wanup( void );
+
+void stop_anchorfree(void);

src/router/services/networking/firewall.c

@@ -794 +794 @@
                        nvram_safe_get( "pptp_ifname" ) );
         }
-        if( nvram_match( "loopback_enable", "1" ) )
+        char *method = "MASQUERADE";
+
+        if( nvram_match( "block_loopback", "1" ) )
+            method = "DROP";
         {
             // added for logic test
@@ -805 +808 @@
             loopmask = getmask( nmask );
 
+            if( nvram_match( "block_loopback", "0" ) )
+                save2file
+                    ( "-A POSTROUTING -o %s -m pkttype --pkt-type broadcast -j RETURN\n",
+                      lanface );
             save2file
-                ( "-A POSTROUTING -o %s -m pkttype --pkt-type broadcast -j RETURN\n",
-                  lanface );
-            save2file
-                ( "-A POSTROUTING -o %s -s %s0/%d -d %s0/%d -j MASQUERADE\n",
-                  lanface, lan_cclass, loopmask, lan_cclass, loopmask );
+                ( "-A POSTROUTING -o %s -s %s0/%d -d %s0/%d -j %s\n",
+                  lanface, lan_cclass, loopmask, lan_cclass, loopmask,
+                  method );
             char *next;
             char dev[16];
@@ -827 +832 @@
                     if( nvram_nmatch( "0", "%s_bridged", var ) )
                     {
+                        if( nvram_match( "block_loopback", "0" ) )
+                            save2file
+                                ( "-A POSTROUTING -o %s -m pkttype --pkt-type broadcast -j RETURN\n",
+                                  var );
                         save2file
-                            ( "-A POSTROUTING -o %s -m pkttype --pkt-type broadcast -j RETURN\n",
-                              var );
-                        save2file
-                            ( "-A POSTROUTING -o %s -s %s/%d -d %s/%d -j MASQUERADE\n",
+                            ( "-A POSTROUTING -o %s -s %s/%d -d %s/%d -j %s\n",
                               var, nvram_nget( "%s_ipaddr", var ),
                               getmask( nvram_nget( "%s_netmask", var ) ),
                               nvram_nget( "%s_ipaddr", var ),
-                              getmask( nvram_nget( "%s_netmask", var ) ) );
+                              getmask( nvram_nget( "%s_netmask", var ) ),
+                              method );
                     }
                 }
@@ -856 +863 @@
 #ifndef HAVE_RB500
 #ifndef HAVE_TW6600
-            system2( "echo 1 > /proc/sys/net/ipv4/conf/br0/loop" );
+            if( nvram_match( "block_loopback", "0" ) )
+                system2( "echo 1 > /proc/sys/net/ipv4/conf/br0/loop" );
 #endif
 #endif
@@ -3197 +3205 @@
 
     cprintf( "done\n" );
-    return 0;
 }
 

src/router/services/sysinit/defaults.c

@@ -1418 +1418 @@
     {"dnsmasq_options", "", 0},
 #ifdef HAVE_POWERNOC_WOAP54G
-    {"loopback_enable", "0", 0},
-#else
-    {"loopback_enable", "1", 0},
-#endif
-#ifdef HAVE_POWERNOC_WOAP54G
     {"nas_enable", "0", 0},
 #else