...
 
Commits (2)
...@@ -26,6 +26,14 @@ uci set firewall.mesh_ICMPv4_parker.family='ipv4' ...@@ -26,6 +26,14 @@ uci set firewall.mesh_ICMPv4_parker.family='ipv4'
uci set firewall.mesh_ICMPv4_parker.target='ACCEPT' uci set firewall.mesh_ICMPv4_parker.target='ACCEPT'
uci set firewall.mesh_ICMPv4_parker.proto='icmp' uci set firewall.mesh_ICMPv4_parker.proto='icmp'
# allow ICMPv4 on vpn_parker
uci set firewall.vpn_parker_ICMPv4_parker='rule'
uci set firewall.vpn_parker_ICMPv4_parker.icmp_type='echo-request'
uci set firewall.vpn_parker_ICMPv4_parker.src='vpn_parker'
uci set firewall.vpn_parker_ICMPv4_parker.family='ipv4'
uci set firewall.vpn_parker_ICMPv4_parker.target='ACCEPT'
uci set firewall.vpn_parker_ICMPv4_parker.proto='icmp'
# add a zone for all the wc_c+ -interfaces # add a zone for all the wc_c+ -interfaces
uci set firewall.vpn_parker='zone' uci set firewall.vpn_parker='zone'
uci set firewall.vpn_parker.device='wg_c+' uci set firewall.vpn_parker.device='wg_c+'
...@@ -44,5 +52,37 @@ uci set firewall.vpn_parker_mesh='forwarding' ...@@ -44,5 +52,37 @@ uci set firewall.vpn_parker_mesh='forwarding'
uci set firewall.vpn_parker_mesh.src='vpn_parker' uci set firewall.vpn_parker_mesh.src='vpn_parker'
uci set firewall.vpn_parker_mesh.dest='mesh' uci set firewall.vpn_parker_mesh.dest='mesh'
# allow respondd to be reached from mesh an vpn_parker
uci set firewall.respondd_mesh_parker=rule
uci set firewall.respondd_mesh_parker.dest_port='1001'
uci set firewall.respondd_mesh_parker.name='respondd_mesh_parker'
uci set firewall.respondd_mesh_parker.src_ip='2001:bf7:381::/64'
uci set firewall.respondd_mesh_parker.target='ACCEPT'
uci set firewall.respondd_mesh_parker.proto='udp'
uci set firewall.respondd_mesh_parker.src='mesh'
uci set firewall.respondd_vpn_parker_mesh=rule
uci set firewall.respondd_vpn_parker_mesh.dest_port='1001'
uci set firewall.respondd_vpn_parker_mesh.name='respondd_vpn_parker_mesh'
uci set firewall.respondd_vpn_parker_mesh.src_ip='2001:bf7:381::/64'
uci set firewall.respondd_vpn_parker_mesh.target='ACCEPT'
uci set firewall.respondd_vpn_parker_mesh.proto='udp'
uci set firewall.respondd_vpn_parker_mesh.src='vpn_parker'
# allow ICMPv6 from vpn_parker
uci set firewall.vpn_parker_ICMPv4_parker=rule
uci set firewall.vpn_parker_ICMPv4_parker.icmp_type='echo-request'
uci set firewall.vpn_parker_ICMPv4_parker.src='vpn_parker'
uci set firewall.vpn_parker_ICMPv4_parker.family='ipv4'
uci set firewall.vpn_parker_ICMPv4_parker.target='ACCEPT'
uci set firewall.vpn_parker_ICMPv4_parker.proto='icmp'
uci set firewall.vpn_parker_ICMPv6_in_parker=rule
uci set firewall.vpn_parker_ICMPv6_in_parker.icmp_type='echo-request'
uci set firewall.vpn_parker_ICMPv6_in_parker.src='vpn_parker'
uci set firewall.vpn_parker_ICMPv6_in_parker.limit='1000/sec'
uci set firewall.vpn_parker_ICMPv6_in_parker.family='ipv6'
uci set firewall.vpn_parker_ICMPv6_in_parker.target='ACCEPT'
uci set firewall.vpn_parker_ICMPv6_in_parker.proto='icmp'
# allow forwarding of RA through batman # allow forwarding of RA through batman
rm /lib/gluon/ebtables/300-radv-input-output rm /lib/gluon/ebtables/300-radv-input-output