Commit 53adfeaa authored by chrissi^'s avatar chrissi^

nodeconfig: parker-firewall: allow ping from vpn

Signed-off-by: chrissi^'s avatarChrissi^ <chris@tinyhost.de>
parent 6c2cde3d
......@@ -26,6 +26,14 @@ uci set firewall.mesh_ICMPv4_parker.family='ipv4'
uci set firewall.mesh_ICMPv4_parker.target='ACCEPT'
uci set firewall.mesh_ICMPv4_parker.proto='icmp'
# allow ICMPv4 on vpn_parker
uci set firewall.vpn_parker_ICMPv4_parker='rule'
uci set firewall.vpn_parker_ICMPv4_parker.icmp_type='echo-request'
uci set firewall.vpn_parker_ICMPv4_parker.src='vpn_parker'
uci set firewall.vpn_parker_ICMPv4_parker.family='ipv4'
uci set firewall.vpn_parker_ICMPv4_parker.target='ACCEPT'
uci set firewall.vpn_parker_ICMPv4_parker.proto='icmp'
# add a zone for all the wc_c+ -interfaces
uci set firewall.vpn_parker='zone'
uci set firewall.vpn_parker.device='wg_c+'
......@@ -61,5 +69,20 @@ uci set firewall.respondd_vpn_parker_mesh.target='ACCEPT'
uci set firewall.respondd_vpn_parker_mesh.proto='udp'
uci set firewall.respondd_vpn_parker_mesh.src='vpn_parker'
# allow ICMPv6 from vpn_parker
uci set firewall.vpn_parker_ICMPv4_parker=rule
uci set firewall.vpn_parker_ICMPv4_parker.icmp_type='echo-request'
uci set firewall.vpn_parker_ICMPv4_parker.src='vpn_parker'
uci set firewall.vpn_parker_ICMPv4_parker.family='ipv4'
uci set firewall.vpn_parker_ICMPv4_parker.target='ACCEPT'
uci set firewall.vpn_parker_ICMPv4_parker.proto='icmp'
uci set firewall.vpn_parker_ICMPv6_in_parker=rule
uci set firewall.vpn_parker_ICMPv6_in_parker.icmp_type='echo-request'
uci set firewall.vpn_parker_ICMPv6_in_parker.src='vpn_parker'
uci set firewall.vpn_parker_ICMPv6_in_parker.limit='1000/sec'
uci set firewall.vpn_parker_ICMPv6_in_parker.family='ipv6'
uci set firewall.vpn_parker_ICMPv6_in_parker.target='ACCEPT'
uci set firewall.vpn_parker_ICMPv6_in_parker.proto='icmp'
# allow forwarding of RA through batman
rm /lib/gluon/ebtables/300-radv-input-output
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment