1
0
mirror of git://projects.qi-hardware.com/openwrt-xburst.git synced 2024-11-30 21:15:19 +02:00

sync firewall script with whiterussian changes

git-svn-id: svn://svn.openwrt.org/openwrt/branches/buildroot-ng/openwrt@4858 3c298f89-4303-0410-b956-a3cf2f4a3e73
This commit is contained in:
nbd 2006-09-26 14:00:22 +00:00
parent 582b0b691c
commit b664928394

View File

@ -23,6 +23,10 @@ iptables -N forwarding_rule
iptables -t nat -N prerouting_rule iptables -t nat -N prerouting_rule
iptables -t nat -N postrouting_rule iptables -t nat -N postrouting_rule
iptables -N LAN_ACCEPT
[ -z "$WAN" ] || iptables -A LAN_ACCEPT -i "$WAN" -j RETURN
iptables -A LAN_ACCEPT -j ACCEPT
### INPUT ### INPUT
### (connections with the router as destination) ### (connections with the router as destination)
@ -38,7 +42,7 @@ iptables -t nat -N postrouting_rule
iptables -A INPUT -j input_rule iptables -A INPUT -j input_rule
# allow # allow
iptables -A INPUT ${WAN:+-i \! $WAN} -j ACCEPT # allow from lan/wifi interfaces iptables -A INPUT -j LAN_ACCEPT # allow from lan/wifi interfaces
iptables -A INPUT -p icmp -j ACCEPT # allow ICMP iptables -A INPUT -p icmp -j ACCEPT # allow ICMP
iptables -A INPUT -p gre -j ACCEPT # allow GRE iptables -A INPUT -p gre -j ACCEPT # allow GRE