cubixle/packages
1
0
Fork 0
mirror of https://github.com/novatiq/packages.git synced 2026-04-30 07:28:39 +01:00
Code Issues Packages Projects Releases Wiki Activity

miniupnpd: Added chain rule to filter table so udp stun incoming connections rules works

Browse Source 
Signed-off-by: Marco Martins <marcomartins86@gmail.com>
(cherry picked from commit 773b87977e)
This commit is contained in:
Marco Martins
2020-11-19 21:53:31 +00:00
committed by Rosen Penev
parent 4ed18c40e6
commit 1adf9d9794
1 changed files with 3 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files
net/miniupnpd/files/firewall.include
+3 -1
View File
@@ -31,13 +31,15 @@ add_extzone_rules() {
[ -z "$ext_zone" ] && return [ -z "$ext_zone" ] && return
# IPv4 - due to NAT, need to add both to nat and filter table # IPv4 - due to NAT, need to add both to nat and filter table
# need to insert as penultimate rule for forward & postrouting since final rule might be a fw3 REJECT # need to insert as penultimate rule for input & forward & postrouting since final rule might be a fw3 REJECT
iptables_prepend_rule "$IPTABLES" filter "zone_${ext_zone}_input" MINIUPNPD
iptables_prepend_rule "$IPTABLES" filter "zone_${ext_zone}_forward" MINIUPNPD iptables_prepend_rule "$IPTABLES" filter "zone_${ext_zone}_forward" MINIUPNPD
$IPTABLES -t nat -A "zone_${ext_zone}_prerouting" -j MINIUPNPD $IPTABLES -t nat -A "zone_${ext_zone}_prerouting" -j MINIUPNPD
iptables_prepend_rule "$IPTABLES" nat "zone_${ext_zone}_postrouting" MINIUPNPD-POSTROUTING iptables_prepend_rule "$IPTABLES" nat "zone_${ext_zone}_postrouting" MINIUPNPD-POSTROUTING
# IPv6 if available - filter only # IPv6 if available - filter only
[ -x $IP6TABLES ] && { [ -x $IP6TABLES ] && {
iptables_prepend_rule "$IP6TABLES" filter "zone_${ext_zone}_input" MINIUPNPD
iptables_prepend_rule "$IP6TABLES" filter "zone_${ext_zone}_forward" MINIUPNPD iptables_prepend_rule "$IP6TABLES" filter "zone_${ext_zone}_forward" MINIUPNPD
} }
ADDED=$(($ADDED + 1)) ADDED=$(($ADDED + 1))