1#!/bin/bash 2# 3# Copyright (c) 2021, The OpenThread Authors. 4# All rights reserved. 5# 6# Redistribution and use in source and binary forms, with or without 7# modification, are permitted provided that the following conditions are met: 8# 1. Redistributions of source code must retain the above copyright 9# notice, this list of conditions and the following disclaimer. 10# 2. Redistributions in binary form must reproduce the above copyright 11# notice, this list of conditions and the following disclaimer in the 12# documentation and/or other materials provided with the distribution. 13# 3. Neither the name of the copyright holder nor the 14# names of its contributors may be used to endorse or promote products 15# derived from this software without specific prior written permission. 16# 17# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" 18# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 19# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 20# ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE 21# LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 22# CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 23# SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 24# INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 25# CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 26# ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 27# POSSIBILITY OF SUCH DAMAGE. 28# 29 30FIREWALL_SERVICE=/etc/init.d/otbr-firewall 31 32sudo modprobe ip6table_filter || true 33 34FIREWALL="${FIREWALL:-1}" 35 36firewall_uninstall() 37{ 38 with FIREWALL || return 0 39 40 firewall_stop 41 if have systemctl; then 42 sudo systemctl disable otbr-firewall || true 43 fi 44 # systemctl disable doesn't remove sym-links 45 if have update-rc.d; then 46 sudo update-rc.d otbr-firewall remove || true 47 fi 48 test ! -f $FIREWALL_SERVICE || sudo rm $FIREWALL_SERVICE 49} 50 51firewall_install() 52{ 53 with FIREWALL || return 0 54 55 sudo cp script/otbr-firewall $FIREWALL_SERVICE 56 sudo chmod a+x $FIREWALL_SERVICE 57 if have systemctl; then 58 sudo systemctl enable otbr-firewall || die 'Failed to enable firewall service!' 59 sudo systemctl start otbr-firewall || die 'Failed to start firewall service!' 60 fi 61} 62 63firewall_start() 64{ 65 with FIREWALL || return 0 66 67 if with DOCKER; then 68 service otbr-firewall start || die 'Failed to start firewall service' 69 elif have systemctl; then 70 sudo systemctl start otbr-firewall || die 'Failed to start firewall service' 71 fi 72} 73 74firewall_stop() 75{ 76 with FIREWALL || return 0 77 78 if with DOCKER; then 79 service otbr-firewall stop || true 80 elif have systemctl; then 81 sudo systemctl stop otbr-firewall || true 82 fi 83} 84