#!/bin/sh /etc/rc.common
##For inter-LAN routing

START=80

start()
{
    local status
	#init the final DROP rule
    iptables -A LANROUTE -j DROP
    
    status=`uci get lanroute.general.status`
	#hook the chain up
    if [ "$status" = "disable" ]; then
        iptables -A FORWARD -i lan+ -m mset --set lan_net_set src --set lan_net_set dst -j LANROUTE
    else
        iptables -D FORWARD -i lan+ -m mset --set lan_net_set src --set lan_net_set dst -j LANROUTE 2>/dev/null
    fi
}

boot() {
	#Vincent F. 2014/08/15, fix G48518
	#if packet already pass DNAT, it's not inter-LAN routing
	iptables -I LANROUTE 1 -m conntrack --ctstate DNAT -j RETURN

	start
}

apply()
{
    restart
    uci commit lanroute 
}
