From 1fe50da4bb3a207aff8f8d792d39a11f854edf13 Mon Sep 17 00:00:00 2001
From: Jo-Philipp Wich <jow@openwrt.org>
Date: Tue, 14 Sep 2010 23:11:12 +0000
Subject: [PATCH] firewall: deliver remove hotplug events for all active
 zones/networks when restarting the firewall

SVN-Revision: 23062
---
 package/firewall/Makefile                    |  2 +-
 package/firewall/files/lib/core.sh           | 14 ++++++++++
 package/firewall/files/lib/core_interface.sh | 29 ++++++++++++++++++--
 3 files changed, 42 insertions(+), 3 deletions(-)

diff --git a/package/firewall/Makefile b/package/firewall/Makefile
index 00badcb85e..205f2098cb 100644
--- a/package/firewall/Makefile
+++ b/package/firewall/Makefile
@@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk
 PKG_NAME:=firewall
 
 PKG_VERSION:=2
-PKG_RELEASE:=13
+PKG_RELEASE:=14
 
 include $(INCLUDE_DIR)/package.mk
 
diff --git a/package/firewall/files/lib/core.sh b/package/firewall/files/lib/core.sh
index 03a80c6f6c..2178e0505c 100644
--- a/package/firewall/files/lib/core.sh
+++ b/package/firewall/files/lib/core.sh
@@ -49,6 +49,7 @@ fw_start() {
 
 	fw_callback post core
 
+	uci_set_state firewall core zones "$FW_ZONES"
 	uci_set_state firewall core loaded 1
 }
 
@@ -57,6 +58,19 @@ fw_stop() {
 
 	fw_callback pre stop
 
+	local old_zones z
+	config_get old_zones core zones
+	for z in $old_zones; do
+		local old_networks n i
+		config_get old_networks core "${z}_networks"
+		for n in $old_networks; do
+			config_get i core "${n}_ifname"
+			[ -n "$i" ] && env -i ACTION=remove ZONE="$z" \
+				INTERFACE="$n" DEVICE="$i" \
+				/sbin/hotplug-call firewall
+		done
+	done
+
 	fw_clear ACCEPT
 
 	fw_callback post stop
diff --git a/package/firewall/files/lib/core_interface.sh b/package/firewall/files/lib/core_interface.sh
index 889dcc9047..1a33cde1ec 100644
--- a/package/firewall/files/lib/core_interface.sh
+++ b/package/firewall/files/lib/core_interface.sh
@@ -1,5 +1,24 @@
 # Copyright (C) 2009-2010 OpenWrt.org
 
+fw__uci_state_add() {
+	local var="$1"
+	local item="$2"
+
+	local val="$(uci_get_state firewall core $var)"
+	uci_set_state firewall core $var "${val:+$val }$item"
+}
+
+fw__uci_state_del() {
+	local var="$1"
+	local item="$2"
+
+	local val=" $(uci_get_state firewall core $var) "
+	val="${val// $item / }"
+	val="${val# }"
+	val="${val% }"
+	uci_set_state firewall core $var "$val"
+}
+
 fw_configure_interface() {
 	local iface=$1
 	local action=$2
@@ -83,7 +102,10 @@ fw_configure_interface() {
 				fw__do_rules del $z $old_ifname $n
 			done
 
-			[ -n "$old_subnets" ] || ACTION=remove ZONE="$z" INTERFACE="$iface" DEVICE="$ifname" /sbin/hotplug-call firewall
+			[ -n "$old_subnets" ] || {
+				fw__uci_state_del "${z}_networks" "$iface"
+				env -i ACTION=remove ZONE="$z" INTERFACE="$iface" DEVICE="$ifname" /sbin/hotplug-call firewall
+			}
 		done
 
 		local old_aliases
@@ -139,7 +161,10 @@ fw_configure_interface() {
 		fw__do_rules add ${zone_name} "$ifname" "$aliasnet"
 		append new_zones $zone_name
 
-		[ -n "$aliasnet" ] || ACTION=add ZONE="$zone_name" INTERFACE="$iface" DEVICE="$ifname" /sbin/hotplug-call firewall
+		[ -n "$aliasnet" ] || {
+			fw__uci_state_add "${zone_name}_networks" "${zone_network}"
+			env -i ACTION=add ZONE="$zone_name" INTERFACE="$iface" DEVICE="$ifname" /sbin/hotplug-call firewall
+		}
 	}
 	config_foreach load_zone zone
 
-- 
GitLab