2 files changed, 28 insertions, 35 deletions

diff --git a/firewall b/firewall
new file mode 100755
index 0000000..a42f01d
--- /dev/null
+++ b/firewall
@@ -0,0 +1,28 @@
+#!/bin/sh
+MC_DESCRIPTION="Firewall configuration."
+. "$(dirname "$(readlink -f "$0")")/common" || exit
+
+# TODO add support for Turris/OpenWRT somehow?
+
+restart4=false
+inst ipv4 /etc/iptables/ipv4
+restart4=$change
+inst ipv4-config /etc/conf.d/iptables
+$restart4 || restart4=$change
+
+restart6=false
+inst ipv6 /etc/iptables/ipv6
+restart6=$change
+inst ipv6-config /etc/conf.d/ip6tables
+$restart6 || restart6=$change
+
+apply ############################################################################
+
+if $restart4; then
+	echo "Restarting IPv4 firewall"
+	rc-service iptables restart
+fi
+if $restart6; then
+	echo "Restarting IPv6 firewall"
+	rc-service ip6tables restart
+fi
diff --git a/firewall/multiconfig.sh b/firewall/multiconfig.sh
deleted file mode 100755
index 0befbf1..0000000
--- a/firewall/multiconfig.sh
+++ /dev/null
@@ -1,35 +0,0 @@
-#!/bin/sh
-set -e
-LPATH="$(dirname "$0")"
-if [ -f "$LPATH/utils" ]; then
-	. "$LPATH/utils"
-elif [ -f "$LPATH/../utils" ]; then
-	. "$LPATH/../utils"
-else
-	echo "Can't locate utilities!"
-	exit 1
-fi
-######################################
-
-mkdir -p /etc/iptables
-
-configure() {
-	if ! grep -q "$3_SAVE=\"/etc/iptables/$1\"" "/etc/conf.d/$2"; then
-		echo "Reconfiguring $2 service configuration"
-		sed -i "s#^$3_SAVE=.*\$#$3_SAVE=\"/etc/iptables/$1\"#" "/etc/conf.d/$2"
-	fi
-}
-configure ipv4 iptables IPTABLES
-configure ipv6 ip6tables IP6TABLES
-
-H="$(hostname)"
-
-if inst "firewall/$H.ipv4" /etc/iptables/ipv4; then
-	echo "Reloading IPv4 firewall"
-	service iptables reload
-fi
-
-if inst "firewall/$H.ipv6" /etc/iptables/ipv6; then
-	echo "Reloading IPv6 firewall"
-	service ip6tables reload
-fi