|
|
@@ -47,6 +47,8 @@ SSH_MACS="hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-ripem
|
|
47
|
47
|
SSH_KEX="curve25519-sha256@libssh.org,diffie-hellman-group-exchange-sha256"
|
|
48
|
48
|
SSH_HOST_KEY_ALGORITHMS="ssh-ed25519-cert-v01@openssh.com,ssh-rsa-cert-v01@openssh.com,ssh-rsa-cert-v00@openssh.com,ssh-ed25519,ssh-rsa"
|
|
49
|
49
|
|
|
|
50
|
+ZERONET_PORT=15441
|
|
|
51
|
+
|
|
50
|
52
|
# see https://stribika.github.io/2015/01/04/secure-secure-shell.html
|
|
51
|
53
|
function ssh_remove_small_moduli {
|
|
52
|
54
|
sudo awk '$5 > 2000' /etc/ssh/moduli > /home/$CURR_USER/moduli
|
|
|
@@ -303,6 +305,8 @@ function mesh_batman {
|
|
303
|
305
|
echo ' iptables -A INPUT -p udp --dport 5353 -j ACCEPT' >> $batman_script
|
|
304
|
306
|
echo ' iptables -A INPUT -p tcp --dport 5354 -j ACCEPT' >> $batman_script
|
|
305
|
307
|
echo ' iptables -A INPUT -p udp --dport 5354 -j ACCEPT' >> $batman_script
|
|
|
308
|
+ echo " iptables -A INPUT -p tcp --dport $ZERONET_PORT -j ACCEPT" >> $batman_script
|
|
|
309
|
+ echo " iptables -A INPUT -p udp --dport $ZERONET_PORT -j ACCEPT" >> $batman_script
|
|
306
|
310
|
echo '' >> $batman_script
|
|
307
|
311
|
echo ' if [ -f /bin/systemctl ]; then' >> $batman_script
|
|
308
|
312
|
echo ' systemctl restart avahi-daemon' >> $batman_script
|
|
|
@@ -341,6 +345,8 @@ function mesh_batman {
|
|
341
|
345
|
echo ' iptables -D INPUT -p udp --dport 5353 -j ACCEPT' >> $batman_script
|
|
342
|
346
|
echo ' iptables -D INPUT -p tcp --dport 5354 -j ACCEPT' >> $batman_script
|
|
343
|
347
|
echo ' iptables -D INPUT -p udp --dport 5354 -j ACCEPT' >> $batman_script
|
|
|
348
|
+ echo " iptables -D INPUT -p tcp --dport $ZERONET_PORT -j ACCEPT" >> $batman_script
|
|
|
349
|
+ echo " iptables -D INPUT -p udp --dport $ZERONET_PORT -j ACCEPT" >> $batman_script
|
|
344
|
350
|
echo '' >> $batman_script
|
|
345
|
351
|
echo ' if [ -f /bin/systemctl ]; then' >> $batman_script
|
|
346
|
352
|
echo ' systemctl restart network-manager' >> $batman_script
|
Bob Mottram
9 年前