LILiK
/
openwrt-packages-dist
5
0
Fork 0
Code Issues 0 Pull Requests 0 Projects 0 Releases 0 Wiki Activity
Browse Source

miniupnpd: Added chain rule to filter table so udp stun incoming connections rules works 

Signed-off-by: Marco Martins <marcomartins86@gmail.com>
lilik-openwrt-22.03
Marco Martins 4 years ago
committed by Rosen Penev
parent
4d824243e6
commit
773b87977e
No known key found for this signature in database GPG Key ID: 36D31CFA845F0E3B
1 changed files with 3 additions and 1 deletions
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. +3
    -1
      net/miniupnpd/files/firewall.include

+ 3
- 1
net/miniupnpd/files/firewall.include View File

@ -31,13 +31,15 @@ add_extzone_rules() {
[ -z "$ext_zone" ] && return
# IPv4 - due to NAT, need to add both to nat and filter table
# need to insert as penultimate rule for forward & postrouting since final rule might be a fw3 REJECT
# need to insert as penultimate rule for input & forward & postrouting since final rule might be a fw3 REJECT
iptables_prepend_rule "$IPTABLES" filter "zone_${ext_zone}_input" MINIUPNPD
iptables_prepend_rule "$IPTABLES" filter "zone_${ext_zone}_forward" MINIUPNPD
$IPTABLES -t nat -A "zone_${ext_zone}_prerouting" -j MINIUPNPD
iptables_prepend_rule "$IPTABLES" nat "zone_${ext_zone}_postrouting" MINIUPNPD-POSTROUTING
# IPv6 if available - filter only
[ -x $IP6TABLES ] && {
iptables_prepend_rule "$IP6TABLES" filter "zone_${ext_zone}_input" MINIUPNPD
iptables_prepend_rule "$IP6TABLES" filter "zone_${ext_zone}_forward" MINIUPNPD
}
ADDED=$(($ADDED + 1))


Write Preview
Loading…
Cancel
Save