From 01e4ff2c8b860b8f440b0b2f6650641757f4eb4e Mon Sep 17 00:00:00 2001
From: Rahul Thakur <rahul.thakur@iopsys.eu>
Date: Wed, 13 Mar 2024 10:54:36 +0530
Subject: [PATCH] netmode: disable firewall for l2 netmode

since the intent for l2 netmode is to accept all traffic, hence,
disable firewall on top of zone lan's input/output/forward being
ACCEPT/ACCEPT/ACCEPT

Please note: when firewall is disabled, it esentially set's input
to ACCEPT, it does not stop or disable fw3.
---
 netmode/files/etc/uci-defaults/netmode.l2mode | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/netmode/files/etc/uci-defaults/netmode.l2mode b/netmode/files/etc/uci-defaults/netmode.l2mode
index 18c938ee9..82fc21888 100644
--- a/netmode/files/etc/uci-defaults/netmode.l2mode
+++ b/netmode/files/etc/uci-defaults/netmode.l2mode
@@ -98,6 +98,10 @@ l2_network_config() {
 	# Update CWMP Agent WAN Interface
 	uci -q set cwmp.cpe.default_wan_interface="lan"
 	uci -q commit cwmp
+
+	# disable firewall
+	uci -q set firewall.globals.enabled="0"
+	uci -q commit firewall
 }
 
 network_mode="$(fw_printenv -n netmode 2>/dev/null)"