From e278be836c3a991e2ee90855eed0254fd15955b2 Mon Sep 17 00:00:00 2001
From: Amit Kumar <amit.kumar@genexis.eu>
Date: Wed, 19 Jun 2024 11:33:26 +0530
Subject: [PATCH] miniupnpd: handling for upnpd firewall rule

* Added script to add rule in firewallmngr uci file
* compile time flag added to select iptables based or uci based approach
---
 net/miniupnpd/Makefile                        |  4 +++
 .../files/miniupnpd.defaults.firewallmngr.uci | 35 +++++++++++++++++++
 2 files changed, 39 insertions(+)
 create mode 100644 net/miniupnpd/files/miniupnpd.defaults.firewallmngr.uci

diff --git a/net/miniupnpd/Makefile b/net/miniupnpd/Makefile
index 1526e922cd..7702e06f46 100644
--- a/net/miniupnpd/Makefile
+++ b/net/miniupnpd/Makefile
@@ -103,7 +103,11 @@ define Package/miniupnpd-iptables/install
 	$(call Package/miniupnpd/install/Default,$1)
 	$(INSTALL_DIR) $(1)/etc/uci-defaults
 	$(INSTALL_DIR) $(1)/usr/share/miniupnpd
+ifneq ($(CONFIG_FIREWALLMNGR_BACKEND_FIREWALLMNGR),y)
 	$(INSTALL_BIN) ./files/miniupnpd.defaults.iptables $(1)/etc/uci-defaults/99-miniupnpd
+else
+	$(INSTALL_BIN) ./files/miniupnpd.defaults.firewallmngr.uci $(1)/etc/uci-defaults/99-miniupnpd
+endif
 	$(INSTALL_DATA) ./files/firewall3.include $(1)/usr/share/miniupnpd/firewall.include
 endef
 
diff --git a/net/miniupnpd/files/miniupnpd.defaults.firewallmngr.uci b/net/miniupnpd/files/miniupnpd.defaults.firewallmngr.uci
new file mode 100644
index 0000000000..0394c0a53a
--- /dev/null
+++ b/net/miniupnpd/files/miniupnpd.defaults.firewallmngr.uci
@@ -0,0 +1,35 @@
+#!/bin/sh
+
+. /lib/functions.sh
+create_chain_port_mapping() {
+
+	config_get creator "$1" "creator"
+	if [ "$creator" = "PortMapping" ]; then
+		uci delete firewallmngr."$1"
+		return
+	fi
+}
+
+	config_load firewallmngr
+	config_foreach create_chain_port_mapping chain
+	chain_upnp=$(uci add firewallmngr chain)
+
+uci -q batch <<-EOT
+	
+	
+	set firewallmngr."$chain_upnp".enable="1"
+	set firewallmngr."$chain_upnp".name="UPnP Port Mapping (dynamic rules)"
+	set firewallmngr."$chain_upnp".creator="PortMapping"
+	commit firewallmngr
+EOT
+uci -q batch <<-EOT
+	delete firewall.miniupnpd
+	set firewall.miniupnpd=include
+	set firewall.miniupnpd.type=script
+	set firewall.miniupnpd.path=/usr/share/miniupnpd/firewall.include
+	set firewall.miniupnpd.family=any
+	set firewall.miniupnpd.reload=1
+	commit firewall
+EOT
+
+exit 0
-- 
GitLab