oldnet: add firewalld support

2 files changed, 39 insertions, 1 deletions

diff --git a/net/Makefile b/net/Makefile
index 660b1fa..cc24a80 100644
--- a/net/Makefile
+++ b/net/Makefile
@@ -13,7 +13,7 @@ SRCS-Linux=	iwconfig.sh.in
 INC-Linux=	adsl.sh apipa.sh arping.sh bonding.sh br2684ctl.sh bridge.sh \
 		ccwgroup.sh clip.sh ethtool.sh iproute2.sh ifplugd.sh ip6to4.sh \
 		ipppd.sh iwconfig.sh netplugd.sh pppd.sh pump.sh tuntap.sh udhcpc.sh \
-		vlan.sh macvlan.sh ip6rd.sh
+		vlan.sh macvlan.sh ip6rd.sh firewalld.sh
 
 SRCS-NetBSD=
 INC-NetBSD=	ifwatchd.sh
diff --git a/net/firewalld.sh b/net/firewalld.sh
new file mode 100644
index 0000000..b002967
--- /dev/null
+++ b/net/firewalld.sh
@@ -0,0 +1,38 @@
+# Copyright (c) 2012 Doug Goldstein <cardoe@cardoe.com>
+# Released under the 2-clause BSD license.
+
+firewalld_depend()
+{
+	after interface
+	before dhcp
+	program start firewall-cmd
+	[ "$IFACE" != "lo" ] && need firewalld
+}
+
+_config_vars="$_config_vars firewalld_zone"
+
+firewalld_post_start()
+{
+	local firewalld_zone=
+	eval firewalld_zone=\$firewalld_zone_${IFVAR}
+
+	_exists || return 0
+
+	if [ "${IFACE}" != "lo" ]; then
+		firewall-cmd --zone="${firewalld_zone}" \
+			--change-interface="${IFACE}" > /dev/null 2>&1
+	fi
+
+	return 0
+}
+
+firewalld_pre_stop()
+{
+	_exists || return 0
+
+	if [ "${IFACE}" != "lo" ]; then
+		firewall-cmd --remove-interface="${IFACE}" > /dev/null 2>&1
+	fi
+
+	return 0
+}