7 lat temu · 29671b04ad
--- a/src/freedombone-utils-firewall
+++ b/src/freedombone-utils-firewall
 
															 }
														
 
															 function firewall_deny_forwarding {
														
 
															-    iptables -D INPUT -i $FIREWALL_EIFACE -m state --state NEW -p udp --dport 1194 -j ACCEPT
														
 
															+    read_config_param CURRENT_IPV4_ADDRESS
														
 
															+    if [ ! $CURRENT_IPV4_ADDRESS ]; then
														
 
															+        return
														
 
															+    fi
														
 
															+    iptables -D INPUT -i ${FIREWALL_EIFACE} -m state --state NEW -p udp --dport 1194 -j ACCEPT
														
 
															     iptables -D INPUT -i tun+ -j ACCEPT
														
 
															     iptables -D FORWARD -i tun+ -j ACCEPT
														
 
															-    iptables -D FORWARD -i tun+ -o $FIREWALL_EIFACE -m state --state RELATED,ESTABLISHED -j ACCEPT
														
 
															-    iptables -D FORWARD -i $FIREWALL_EIFACE -o tun+ -m state --state RELATED,ESTABLISHED -j ACCEPT
														
 
															-    iptables -t nat -D POSTROUTING -s $(get_ipv4_address)/24 -o $FIREWALL_EIFACE -j MASQUERADE
														
 
															+    iptables -D FORWARD -i tun+ -o ${FIREWALL_EIFACE} -m state --state RELATED,ESTABLISHED -j ACCEPT
														
 
															+    iptables -D FORWARD -i ${FIREWALL_EIFACE} -o tun+ -m state --state RELATED,ESTABLISHED -j ACCEPT
														
 
															+    iptables -t nat -D POSTROUTING -s ${CURRENT_IPV4_ADDRESS}/24 -o ${FIREWALL_EIFACE} -j MASQUERADE
														
 
															     iptables -D OUTPUT -o tun+ -j ACCEPT
														
 
															     save_firewall_settings
														
 
															 }
														
 
															 function firewall_allow_forwarding {
														
 
															-    iptables -A INPUT -i $FIREWALL_EIFACE -m state --state NEW -p udp --dport 1194 -j ACCEPT
														
 
															+    curr_ipv4_address=$(get_ipv4_address)
														
 
															+    iptables -A INPUT -i ${FIREWALL_EIFACE} -m state --state NEW -p udp --dport 1194 -j ACCEPT
														
 
															     iptables -A INPUT -i tun+ -j ACCEPT
														
 
															     iptables -A FORWARD -i tun+ -j ACCEPT
														
 
															-    iptables -A FORWARD -i tun+ -o $FIREWALL_EIFACE -m state --state RELATED,ESTABLISHED -j ACCEPT
														
 
															-    iptables -A FORWARD -i $FIREWALL_EIFACE -o tun+ -m state --state RELATED,ESTABLISHED -j ACCEPT
														
 
															-    iptables -t nat -A POSTROUTING -s $(get_ipv4_address)/24 -o $FIREWALL_EIFACE -j MASQUERADE
														
 
															+    iptables -A FORWARD -i tun+ -o ${FIREWALL_EIFACE} -m state --state RELATED,ESTABLISHED -j ACCEPT
														
 
															+    iptables -A FORWARD -i ${FIREWALL_EIFACE} -o tun+ -m state --state RELATED,ESTABLISHED -j ACCEPT
														
 
															+    iptables -t nat -A POSTROUTING -s ${curr_ipv4_address}/24 -o ${FIREWALL_EIFACE} -j MASQUERADE
														
 
															     iptables -A OUTPUT -o tun+ -j ACCEPT
														
 
															+    write_config_param CURRENT_IPV4_ADDRESS "$curr_ipv4_address"
														
 
															     save_firewall_settings
														
 
															 }