Mirrors
/
aredn
mirror of https://github.com/aredn/aredn.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

BUGFIX: tunnel firewall to behave same as dtdlink part 2

This commit is contained in:
AE6XE 2015-05-24 15:57:44 -07:00
parent 15f8792001
commit f610c58b82
1 changed files with 5 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
files/usr/local/bin/vtun_up
View File

@ -106,17 +106,22 @@ fi
if [ "$action" = "up" ] ; then
# Adding route policies for tunnel interface
# identical to hotplug for dtdlink
if ( ! `ip rule list | egrep "^20020:.*$interface.*30" > /dev/null`) then
if [ -e /etc/config/dmz-mode ] ; then
ip rule add pref 20010 iif $interface lookup 29 # local interfaces
fi
ip rule add pref 20020 iif $interface lookup 30 # mesh
ip rule add pref 20080 iif $interface lookup 31 # gateway
ip rule add pref 20090 iif $interface lookup main
ip rule add pref 20099 iif $interface unreachable
fi
else
# Remove route policies for tunnel interface
ip rule del pref 20010 iif $interface lookup 29
ip rule del pref 20020 iif $interface lookup 30
ip rule del pref 20080 iff $interface lookup 31
ip rule del pref 20090 iff $interface lookup main
ip rule del pref 20099 iif $interface unreachable
fi