Index: openwrt/feeds/packages/net/iperf3/Makefile =================================================================== --- openwrt.orig/feeds/packages/net/iperf3/Makefile +++ openwrt/feeds/packages/net/iperf3/Makefile @@ -72,6 +72,18 @@ endef define Package/iperf3/install $(INSTALL_DIR) $(1)/usr/bin $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/iperf3 $(1)/usr/bin/ + $(INSTALL_DIR) $(1)/etc/local/mesh-firewall + $(INSTALL_BIN) ./files/iperf.firewall $(1)/etc/local/mesh-firewall/20-iperf3 +endef + +define Package/iperf3/postinst +#!/bin/sh +# check if we are on real system +if [ -z "$${IPKG_INSTROOT}" ]; then + echo "Restarting Firewall" + /etc/init.d/firewall restart +fi +exit 0 endef define Package/iperf3-ssl/install Index: openwrt/feeds/packages/net/iperf3/files/iperf.firewall =================================================================== --- /dev/null +++ openwrt/feeds/packages/net/iperf3/files/iperf.firewall @@ -0,0 +1,9 @@ +#!/bin/sh +nft insert rule ip fw4 input_wifi udp dport 5201 accept +nft insert rule ip fw4 input_wifi tcp dport 5201 accept +nft insert rule ip fw4 input_dtdlink udp dport 5201 accept +nft insert rule ip fw4 input_dtdlink tcp dport 5201 accept +if [ "$MESHFW_TUNNELS_ENABLED" == "1" -o "$MESHFW_WG_TUNNELS_ENABLED" == "1" ]; then + nft insert rule ip fw4 input_vpn udp dport 5201 accept + nft insert rule ip fw4 input_vpn tcp dport 5201 accept +fi