olsr2/manet firewall

9bd45f49 · Bob Mottram · ff13caac · 9bd45f49 · 9bd45f49 · 9bd45f49
Commit 9bd45f49 authored 7 years ago by Bob Mottram
--- a/img/icon_protocol.png
+++ b/img/icon_protocol.png
--- a/src/freedombone-mesh-install
+++ b/src/freedombone-mesh-install
@@ -228,6 +228,12 @@ function mesh_firewall {
    echo "ip6tables -A INPUT -p tcp --dport $TRACKER_PORT -j ACCEPT" >> $MESH_FIREWALL_SCRIPT
    echo "iptables -A INPUT -p udp --dport 1900 -j ACCEPT" >> $MESH_FIREWALL_SCRIPT
    echo "ip6tables -A INPUT -p udp --dport 1900 -j ACCEPT" >> $MESH_FIREWALL_SCRIPT
+
+    echo '# OLSR2/MANET' >> $MESH_FIREWALL_SCRIPT
+    echo 'iptables -A INPUT -p udp --dport 269 -j ACCEPT' >> $MESH_FIREWALL_SCRIPT
+    echo 'ip6tables -A INPUT -p udp --dport 269 -j ACCEPT' >> $MESH_FIREWALL_SCRIPT
+    echo 'iptables -A INPUT -p tcp --dport 138 -j ACCEPT' >> $MESH_FIREWALL_SCRIPT
+    echo 'ip6tables -A INPUT -p tcp --dport 138 -j ACCEPT' >> $MESH_FIREWALL_SCRIPT
    chmod +x $MESH_FIREWALL_SCRIPT

    echo '[Unit]' > $FIREWALL_FILENAME

--- a/src/freedombone-utils-mesh
+++ b/src/freedombone-utils-mesh
@@ -195,6 +195,9 @@ function enable_mesh_firewall {
    iptables -A INPUT -p tcp --dport 8008 -j ACCEPT
    iptables -A INPUT -p udp --dport 8010 -j ACCEPT
    iptables -A INPUT -p tcp --dport 8010 -j ACCEPT
+    # OLSR2/MANET
+    iptables -A INPUT -p udp --dport 269 -j ACCEPT
+    iptables -A INPUT -p tcp --dport 138 -j ACCEPT


    ip6tables -A INPUT -p ipv6-icmp -j ACCEPT
@@ -225,6 +228,9 @@ function enable_mesh_firewall {
    ip6tables -A INPUT -p tcp --dport 8008 -j ACCEPT
    ip6tables -A INPUT -p udp --dport 8010 -j ACCEPT
    ip6tables -A INPUT -p tcp --dport 8010 -j ACCEPT
+    # OLSR2/MANET
+    ip6tables -A INPUT -p udp --dport 269 -j ACCEPT
+    ip6tables -A INPUT -p tcp --dport 138 -j ACCEPT


    # vpn over the internet
@@ -273,6 +279,9 @@ function disable_mesh_firewall {
    iptables -D INPUT -p tcp --dport 8008 -j ACCEPT
    iptables -D INPUT -p udp --dport 8010 -j ACCEPT
    iptables -D INPUT -p tcp --dport 8010 -j ACCEPT
+    # OLSR2/MANET
+    iptables -D INPUT -p udp --dport 269 -j ACCEPT
+    iptables -D INPUT -p tcp --dport 138 -j ACCEPT


    ip6tables -D INPUT -p tcp --dport $TRACKER_PORT -j ACCEPT
@@ -302,6 +311,9 @@ function disable_mesh_firewall {
    ip6tables -D INPUT -p tcp --dport 8008 -j ACCEPT
    ip6tables -D INPUT -p udp --dport 8010 -j ACCEPT
    ip6tables -D INPUT -p tcp --dport 8010 -j ACCEPT
+    # OLSR2/MANET
+    ip6tables -D INPUT -p udp --dport 269 -j ACCEPT
+    ip6tables -D INPUT -p tcp --dport 138 -j ACCEPT


    # vpn over the internet