From 1fbf254b3a561bdfa2430d03008b369250be2bc1 Mon Sep 17 00:00:00 2001 From: Erik Karlsson Date: Tue, 30 Sep 2025 11:36:45 +0200 Subject: [PATCH] sulu-vendorext: fix missed heimgard.wan to genexis.wan renaming Also add proper sanity checks so a catch-all ACCEPT rule cannot be inadvertently added. --- sulu/sulu-vendorext/Makefile | 2 +- .../files/usr/libexec/rpcd/firewall_mode | 17 ++++++++++------- 2 files changed, 11 insertions(+), 8 deletions(-) diff --git a/sulu/sulu-vendorext/Makefile b/sulu/sulu-vendorext/Makefile index 793c25722..240918bc3 100644 --- a/sulu/sulu-vendorext/Makefile +++ b/sulu/sulu-vendorext/Makefile @@ -1,7 +1,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=sulu-vendorext -PKG_VERSION:=0.0.3 +PKG_VERSION:=0.0.4 PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-$(PKG_VERSION) diff --git a/sulu/sulu-vendorext/files/usr/libexec/rpcd/firewall_mode b/sulu/sulu-vendorext/files/usr/libexec/rpcd/firewall_mode index ed1ebfdc1..841baa9cc 100755 --- a/sulu/sulu-vendorext/files/usr/libexec/rpcd/firewall_mode +++ b/sulu/sulu-vendorext/files/usr/libexec/rpcd/firewall_mode @@ -57,15 +57,18 @@ set_fwmode() { case "$mode" in low) # add rule for incoming gateway - json_load "$(ubus call heimgard.wan status)" + json_init + json_load "$(ubus -S call genexis.wan status)" json_get_var gateway gateway - uci set firewall.${allow_gw_rule}=rule - uci set firewall.${allow_gw_rule}.name='Allow-Gateway-In' - uci set firewall.${allow_gw_rule}.src='wan' - uci set firewall.${allow_gw_rule}.src_ip="$gateway" - uci set firewall.${allow_gw_rule}.target='ACCEPT' - uci reorder firewall.${allow_gw_rule}=1 + if [ -n "$gateway" ]; then + uci set firewall.${allow_gw_rule}=rule + uci set firewall.${allow_gw_rule}.name='Allow-Gateway-In' + uci set firewall.${allow_gw_rule}.src='wan' + uci set firewall.${allow_gw_rule}.src_ip="$gateway" + uci set firewall.${allow_gw_rule}.target='ACCEPT' + uci reorder firewall.${allow_gw_rule}=1 + fi ;; medium) uci set firewall.wan.input='DROP'