firewall: handling to sync with firewallmngr

package/network/config/firewall/Makefile

@@ -55,8 +55,6 @@ define Package/firewall/install
 	$(INSTALL_CONF) ./files/firewall.hotplug $(1)/etc/hotplug.d/iface/20-firewall
 	$(INSTALL_DIR) $(1)/etc/hotplug.d/ntp
 	$(INSTALL_CONF) ./files/firewall.ntp.hotplug $(1)/etc/hotplug.d/ntp/30-firewall
-	$(INSTALL_DIR) $(1)/etc/config/
-	$(INSTALL_CONF) ./files/firewall.config $(1)/etc/config/firewall
 	$(INSTALL_DIR) $(1)/etc/
 	$(INSTALL_CONF) ./files/firewall.user $(1)/etc/firewall.user
 	$(INSTALL_CONF) ./files/firewall.portmapping $(1)/etc/firewall.portmapping
@@ -64,10 +62,7 @@ define Package/firewall/install
 	$(INSTALL_CONF) $(PKG_BUILD_DIR)/helpers.conf $(1)/usr/share/fw3
 	$(INSTALL_DATA) ./files/firewall.protect_port $(1)/etc/firewall.protect_port
 	$(INSTALL_DATA) ./files/firewall.ddos $(1)/etc/firewall.ddos
-	$(INSTALL_DIR) $(1)/etc/uci-defaults
-	$(INSTALL_DATA) ./files/firewall.ucidefault $(1)/etc/uci-defaults/991-firewall-add-missing-sections
 	$(INSTALL_CONF) ./files/firewall.forbidden_ipv6_addresses $(1)/etc/firewall.forbidden_ipv6_addresses
-	$(INSTALL_DATA) ./files/firewall.dmz $(1)/etc/firewall.dmz
 endef
 
 $(eval $(call BuildPackage,firewall))

package/network/config/firewall/files/firewall.init

@@ -64,64 +64,6 @@ function rename_sec()
 	COUNT=$((COUNT + 1))
 }
 
-update_enabled_defaults() {
-	if [ "$(uci -q get firewall.globals.enabled)" == "0" ]; then
-		uci -q set firewall.@defaults[0].input="ACCEPT"
-	elif [ "$(uci -q get firewall.@defaults[0].input)" == "ACCEPT" ]; then
-		uci -q set firewall.@defaults[0].input="REJECT"
-	fi
-	uci -q commit firewall
-}
-
-update_enabled_for_zone() {
-	config_get name "$1" name
-	local section=$1
-	#echo "Name: $name, section: $section";
-	if [ "$name" == "wan" ]; then
-		if [ "$(uci -q get firewall.globals.enabled)" == "0" ]; then
-			uci -q set firewall.$section.input="ACCEPT"
-		elif [ "$(uci -q get firewall.$section.input)" == "ACCEPT" ]; then
-			uci -q set firewall.$section.input="REJECT"
-		fi
-		uci -q commit firewall
-	fi
-}
-
-clean_expiry() {
-	[ -f "/tmp/fw3.atjobs" ] || return
-	for job in $(cat /tmp/fw3.atjobs); do
-		atrm $job 2>/dev/null
-	done
-	rm -f /tmp/fw3.atjobs
-}
-
-schedule_expiry() {
-
-	[ -f "/usr/bin/at" ] || return
-
-	expire_at() {
-		local cfg=$1
-		local expiry atdate
-
-		config_get expiry $cfg expiry
-
-		[ -n "$expiry" ] || return
-
-		atdate="$(date +'%Y%m%d%H%M.%S' -d @$expiry)"
-
-		[ -n "$atdate" ] || return
-
-		sec=$(echo $atdate | cut -d. -f2)
-		at_date=$(echo $atdate | cut -d. -f1)
-
-		echo "sleep $sec && uci -q delete firewall.$cfg; ubus call uci commit '{\"config\":\"firewall\"}'" | \
-			at -t $at_date 2>&1 | grep job | awk '{print$2}' >> /tmp/fw3.atjobs
-	}
-
-	config_foreach expire_at rule
-	config_foreach expire_at redirect
-}
-
 find_used_ports() {
 	local PORTS=""
 	local pcnt=0
@@ -195,15 +137,11 @@ reorder_redirect_rule_dmz()
 
 firewall_preconf() {
 	config_load firewall
-	update_enabled_defaults
-	config_foreach update_enabled_for_zone zone
 	# Rename the unnamed sec
 	config_foreach rename_sec_option zone name
 	config_foreach rename_sec forwarding default_fwd
 	config_foreach rename_sec rule default_rule
 
-	clean_expiry
-	schedule_expiry
 	find_used_ports
 	reorder_redirect_rule_dmz
 	uci -q commit firewall