int start_shorewall(void)
{
if (!nvram_invmatch("shorewall_enable", "0"))
return 0;
stop_firewall();
stop_shorewall();
mkdir("/var/shorewall", 0700);
nvram2file("sh_interfaces", "/var/shorewall/interfaces");
nvram2file("sh_masq", "/var/shorewall/masq");
nvram2file("sh_policy", "/var/shorewall/policy");
nvram2file("sh_routestopped", "/var/shorewall/route_stopped");
nvram2file("sh_rules", "/var/shorewall/rules");
nvram2file("sh_zones", "/var/shorewall/zones");
symlink("/usr/sbin/shorewall", "/var/shorewall/shorewall");
symlink("/usr/sbin/shorewall.conf", "/var/shorewall/shorewall.conf");
symlink("/usr/sbin/firewall", "/var/shorewall/firewall");
symlink("/usr/sbin/functions", "/var/shorewall/functions");
symlink("/usr/sbin/common.def", "/var/shorewall/common.def");
symlink("/usr/sbin/version", "/var/shorewall/version");
system("/var/shorewall/shorewall start");
return 0;
}
static int bound(void)
{
nvram_unset("dhcpc_done");
char *wan_ifname = safe_getenv("interface");
char *value;
static char temp_wan_ipaddr[16], temp_wan_netmask[16],
temp_wan_gateway[16];
int changed = 0;
static char *cidr;
if (nvram_match("wan_proto", "iphone"))
stop_process("ipheth-loop", "IPhone Pairing Daemon");
cidr = getenv("cidrroute");
if (cidr && wan_ifname) {
char *callbuffer = malloc(strlen(cidr) + 128);
sprintf(callbuffer,
"export cidrroute=\"%s\";export interface=\"%s\";/etc/cidrroute.sh",
cidr, wan_ifname);
system(callbuffer);
free(callbuffer);
}
if ((value = getenv("ip"))) {
chomp(value);
if (nvram_match("wan_proto", "pptp")
&& nvram_match("pptp_use_dhcp", "1"))
strcpy(temp_wan_ipaddr, value);
else {
if (nvram_invmatch("wan_ipaddr", value))
changed = 1;
}
nvram_set("wan_ipaddr", value);
}
if ((value = getenv("subnet"))) {
chomp(value);
if (nvram_match("wan_proto", "pptp")
&& nvram_match("pptp_use_dhcp", "1"))
strcpy(temp_wan_netmask, value);
else {
if (nvram_invmatch("wan_netmask", value))
changed = 1;
nvram_set("wan_netmask", value);
}
}
if ((value = getenv("router"))) {
chomp(value);
if (nvram_invmatch("wan_gateway", value))
changed = 1;
nvram_set("wan_gateway", value);
}
if ((value = getenv("dns"))) {
chomp(value);
// if (nvram_invmatch("wan_get_dns",value))
// changed=1;
nvram_set("wan_get_dns", value);
}
/*
* Don't care for linksys spec if ((value = getenv("wins")))
* nvram_set("wan_wins", value); if ((value = getenv("hostname")))
* sethostname(value, strlen(value) + 1);
*/
if ((value = getenv("domain"))) {
chomp(value);
if (nvram_invmatch("wan_get_domain", value))
changed = 1;
nvram_set("wan_get_domain", value); // HeartBeat need to use
}
if ((value = getenv("lease"))) {
chomp(value);
nvram_set("wan_lease", value);
expires(atoi(value));
}
if (!changed) {
cprintf("interface hasnt changed, do nothing\n");
return 0;
}
stop_firewall();
cprintf("configure to IF[%s] , IP[%s], MASK[%s]\n", wan_ifname,
nvram_safe_get("wan_ipaddr"), nvram_safe_get("wan_netmask"));
if (nvram_match("wan_proto", "pptp")
&& nvram_match("pptp_use_dhcp", "1"))
eval("ifconfig", wan_ifname, temp_wan_ipaddr, "netmask",
temp_wan_netmask, "up");
else
eval("ifconfig", wan_ifname, nvram_safe_get("wan_ipaddr"),
"netmask", nvram_safe_get("wan_netmask"), "up");
/*
* We only want to exec bellow functions after dhcp get ip if the
* wan_proto is heartbeat
*/
#ifdef HAVE_HEARTBEAT
if (nvram_match("wan_proto", "heartbeat")) {
int i = 0;
/*
* Delete all default routes
*/
while (route_del(wan_ifname, 0, NULL, NULL, NULL) == 0
|| i++ < 10) ;
/*
* Set default route to gateway if specified
*/
route_add(wan_ifname, 0, "0.0.0.0",
nvram_safe_get("wan_gateway"), "0.0.0.0");
/*
* save dns to resolv.conf
*/
dns_to_resolv();
stop_udhcpd();
start_udhcpd();
start_firewall();
stop_wland();
start_wshaper();
start_wland();
start_heartbeat_boot();
}
#else
if (0) {
// nothing
}
#endif
#ifdef HAVE_PPTP
else if (nvram_match("wan_proto", "pptp")
&& nvram_match("pptp_use_dhcp", "1")) {
char pptpip[64];
struct dns_lists *dns_list = NULL;
dns_to_resolv();
dns_list = get_dns_list();
int i = 0;
if (dns_list) {
for (i = 0; i < dns_list->num_servers; i++)
route_add(wan_ifname, 0,
dns_list->dns_server[i],
nvram_safe_get("wan_gateway"),
"255.255.255.255");
free(dns_list);
}
route_add(wan_ifname, 0, "0.0.0.0",
nvram_safe_get("wan_gateway"), "0.0.0.0");
nvram_set("wan_gateway_buf", nvram_get("wan_gateway"));
getIPFromName(nvram_safe_get("pptp_server_name"), pptpip);
nvram_set("pptp_server_ip", pptpip);
// Add the route to the PPTP server on the wan interface for pptp
// client to reach it
if (nvram_match("wan_gateway", "0.0.0.0")
|| nvram_match("wan_netmask", "0.0.0.0"))
route_add(wan_ifname, 0,
nvram_safe_get("pptp_server_ip"),
nvram_safe_get("wan_gateway"),
"255.255.255.255");
else
route_add(wan_ifname, 0,
nvram_safe_get("pptp_server_ip"),
nvram_safe_get("wan_gateway"),
nvram_safe_get("wan_netmask"));
}
#endif
#ifdef HAVE_L2TP
else if (nvram_match("wan_proto", "l2tp")) {
char l2tpip[64];
struct dns_lists *dns_list = NULL;
dns_to_resolv();
dns_list = get_dns_list();
int i = 0;
if (dns_list) {
for (i = 0; i < dns_list->num_servers; i++)
route_add(wan_ifname, 0,
dns_list->dns_server[i],
nvram_safe_get("wan_gateway"),
"255.255.255.255");
free(dns_list);
}
/*
* Backup the default gateway. It should be used if L2TP connection
* is broken
*/
nvram_set("wan_gateway_buf", nvram_get("wan_gateway"));
getIPFromName(nvram_safe_get("l2tp_server_name"), l2tpip);
nvram_set("l2tp_server_ip", l2tpip);
route_add(wan_ifname, 0,
nvram_safe_get("l2tp_server_ip"),
nvram_safe_get("wan_gateway"), "255.255.255.255");
start_firewall();
start_l2tp_boot();
}
#endif
else {
cprintf("start wan done\n");
start_wan_done(wan_ifname);
}
nvram_set("dhcpc_done", "1");
cprintf("done\n");
return 0;
}