openmptcprouter-feeds/dsvpn/patches/nofirewall.patch

diff --git a/src/vpn.c b/src/vpn.c
index 8064d62..0142f63 100644
--- a/src/vpn.c
+++ b/src/vpn.c
@@ -297,6 +297,7 @@ static int client_connect(Context *context)
 
     context->client_buf.pos = 0;
     memset(context->client_buf.data, 0, sizeof context->client_buf.data);
+    /*
     if (context->wanted_ext_gw_ip == NULL && (ext_gw_ip = get_default_gw_ip()) != NULL &&
         strcmp(ext_gw_ip, context->ext_gw_ip) != 0) {
         printf("Gateway changed from [%s] to [%s]\n", context->ext_gw_ip, ext_gw_ip);
@@ -304,6 +305,7 @@ static int client_connect(Context *context)
         snprintf(context->ext_gw_ip, sizeof context->ext_gw_ip, "%s", ext_gw_ip);
         firewall_rules(context, 1, 0);
     }
+    */
     memset(context->uc_st, 0, sizeof context->uc_st);
     context->uc_st[context->is_server][0] ^= 1;
     context->client_fd = tcp_client(context->server_ip, context->server_port);
@@ -319,7 +321,7 @@ static int client_connect(Context *context)
         sleep(1);
         return -1;
     }
-    firewall_rules(context, 1, 0);
+    //firewall_rules(context, 1, 0);
     context->fds[POLLFD_CLIENT] =
         (struct pollfd){ .fd = context->client_fd, .events = POLLIN, .revents = 0 };
     puts("Connected");
@@ -597,22 +599,26 @@ int main(int argc, char *argv[])
 #ifdef __OpenBSD__
     pledge("stdio proc exec dns inet", NULL);
 #endif
-    context.firewall_rules_set = -1;
+    //context.firewall_rules_set = -1;
     if (context.server_ip_or_name != NULL &&
         resolve_ip(context.server_ip, sizeof context.server_ip, context.server_ip_or_name) != 0) {
-        firewall_rules(&context, 0, 1);
+        //firewall_rules(&context, 0, 1);
         return 1;
     }
     if (context.is_server) {
+        /*
         if (firewall_rules(&context, 1, 0) != 0) {
             return -1;
         }
+        */
 #ifdef __OpenBSD__
         printf("\nAdd the following rule to /etc/pf.conf:\npass out from %s nat-to egress\n\n",
                context.remote_tun_ip);
 #endif
+/*
     } else {
         firewall_rules(&context, 0, 1);
+*/
     }
     signal(SIGINT, signal_handler);
     signal(SIGTERM, signal_handler);
Try to disable firewall changes made by dsvpn 2019-08-26 15:42:22 +00:00			`diff --git a/src/vpn.c b/src/vpn.c`
			`index 8064d62..0142f63 100644`
			`--- a/src/vpn.c`
			`+++ b/src/vpn.c`
			`@@ -297,6 +297,7 @@ static int client_connect(Context *context)`

			`context->client_buf.pos = 0;`
			`memset(context->client_buf.data, 0, sizeof context->client_buf.data);`
			`+ /*`
			`if (context->wanted_ext_gw_ip == NULL && (ext_gw_ip = get_default_gw_ip()) != NULL &&`
			`strcmp(ext_gw_ip, context->ext_gw_ip) != 0) {`
			`printf("Gateway changed from [%s] to [%s]\n", context->ext_gw_ip, ext_gw_ip);`
			`@@ -304,6 +305,7 @@ static int client_connect(Context *context)`
			`snprintf(context->ext_gw_ip, sizeof context->ext_gw_ip, "%s", ext_gw_ip);`
			`firewall_rules(context, 1, 0);`
			`}`
			`+ */`
			`memset(context->uc_st, 0, sizeof context->uc_st);`
			`context->uc_st[context->is_server][0] ^= 1;`
			`context->client_fd = tcp_client(context->server_ip, context->server_port);`
			`@@ -319,7 +321,7 @@ static int client_connect(Context *context)`
			`sleep(1);`
			`return -1;`
			`}`
			`- firewall_rules(context, 1, 0);`
			`+ //firewall_rules(context, 1, 0);`
			`context->fds[POLLFD_CLIENT] =`
			`(struct pollfd){ .fd = context->client_fd, .events = POLLIN, .revents = 0 };`
			`puts("Connected");`
			`@@ -597,22 +599,26 @@ int main(int argc, char *argv[])`
			`#ifdef __OpenBSD__`
			`pledge("stdio proc exec dns inet", NULL);`
			`#endif`
			`- context.firewall_rules_set = -1;`
			`+ //context.firewall_rules_set = -1;`
			`if (context.server_ip_or_name != NULL &&`
			`resolve_ip(context.server_ip, sizeof context.server_ip, context.server_ip_or_name) != 0) {`
			`- firewall_rules(&context, 0, 1);`
			`+ //firewall_rules(&context, 0, 1);`
			`return 1;`
			`}`
			`if (context.is_server) {`
			`+ /*`
			`if (firewall_rules(&context, 1, 0) != 0) {`
			`return -1;`
			`}`
			`+ */`
			`#ifdef __OpenBSD__`
			`printf("\nAdd the following rule to /etc/pf.conf:\npass out from %s nat-to egress\n\n",`
			`context.remote_tun_ip);`
			`#endif`
			`+/*`
			`} else {`
			`firewall_rules(&context, 0, 1);`
			`+*/`
			`}`
			`signal(SIGINT, signal_handler);`
			`signal(SIGTERM, signal_handler);`