mirror of
https://github.com/Ysurac/openmptcprouter-feeds.git
synced 2025-03-09 15:40:03 +00:00
Try to disable firewall changes made by dsvpn
This commit is contained in:
Ycarus (Yannick Chabanois)
parent
e85b445dcc
commit
6c4c56a439
3 changed files with 60 additions and 2 deletions
|
|
@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk
|
|||
|
||||
PKG_SOURCE_PROTO:=git
|
||||
PKG_SOURCE_URL:=https://github.com/jedisct1/dsvpn.git
|
||||
PKG_SOURCE_VERSION:=5372b454ae7925f11951b17cf42e52e270a75141
|
||||
PKG_SOURCE_VERSION:=4a1417b4d9a7c55bac3ac289ea90e7f9d2038d0e
|
||||
PKG_NAME:=dsvpn
|
||||
PKG_VERSION:=0.1.3-$(PKG_SOURCE_VERSION)
|
||||
PKG_RELEASE:=1
|
||||
|
|
@ -34,7 +34,7 @@ define Package/$(PKG_NAME)/install
|
|||
$(INSTALL_DIR) $(1)/usr/sbin
|
||||
$(INSTALL_BIN) $(PKG_BUILD_DIR)/dsvpn $(1)/usr/sbin/$(PKG_NAME)
|
||||
$(INSTALL_DIR) $(1)/etc/init.d
|
||||
$(INSTALL_BIN) init $(1)/etc/init.d/$(PKG_NAME)
|
||||
$(INSTALL_BIN) files/init $(1)/etc/init.d/$(PKG_NAME)
|
||||
$(INSTALL_DIR) $(1)/etc/config
|
||||
touch $(1)/etc/config/dsvpn
|
||||
endef
|
||||
|
|
|
|||
58
dsvpn/patches/nofirewall.patch
Normal file
58
dsvpn/patches/nofirewall.patch
Normal file
|
|
@ -0,0 +1,58 @@
|
|||
diff --git a/src/vpn.c b/src/vpn.c
|
||||
index 8064d62..0142f63 100644
|
||||
--- a/src/vpn.c
|
||||
+++ b/src/vpn.c
|
||||
@@ -297,6 +297,7 @@ static int client_connect(Context *context)
|
||||
|
||||
context->client_buf.pos = 0;
|
||||
memset(context->client_buf.data, 0, sizeof context->client_buf.data);
|
||||
+ /*
|
||||
if (context->wanted_ext_gw_ip == NULL && (ext_gw_ip = get_default_gw_ip()) != NULL &&
|
||||
strcmp(ext_gw_ip, context->ext_gw_ip) != 0) {
|
||||
printf("Gateway changed from [%s] to [%s]\n", context->ext_gw_ip, ext_gw_ip);
|
||||
@@ -304,6 +305,7 @@ static int client_connect(Context *context)
|
||||
snprintf(context->ext_gw_ip, sizeof context->ext_gw_ip, "%s", ext_gw_ip);
|
||||
firewall_rules(context, 1, 0);
|
||||
}
|
||||
+ */
|
||||
memset(context->uc_st, 0, sizeof context->uc_st);
|
||||
context->uc_st[context->is_server][0] ^= 1;
|
||||
context->client_fd = tcp_client(context->server_ip, context->server_port);
|
||||
@@ -319,7 +321,7 @@ static int client_connect(Context *context)
|
||||
sleep(1);
|
||||
return -1;
|
||||
}
|
||||
- firewall_rules(context, 1, 0);
|
||||
+ //firewall_rules(context, 1, 0);
|
||||
context->fds[POLLFD_CLIENT] =
|
||||
(struct pollfd){ .fd = context->client_fd, .events = POLLIN, .revents = 0 };
|
||||
puts("Connected");
|
||||
@@ -597,22 +599,26 @@ int main(int argc, char *argv[])
|
||||
#ifdef __OpenBSD__
|
||||
pledge("stdio proc exec dns inet", NULL);
|
||||
#endif
|
||||
- context.firewall_rules_set = -1;
|
||||
+ //context.firewall_rules_set = -1;
|
||||
if (context.server_ip_or_name != NULL &&
|
||||
resolve_ip(context.server_ip, sizeof context.server_ip, context.server_ip_or_name) != 0) {
|
||||
- firewall_rules(&context, 0, 1);
|
||||
+ //firewall_rules(&context, 0, 1);
|
||||
return 1;
|
||||
}
|
||||
if (context.is_server) {
|
||||
+ /*
|
||||
if (firewall_rules(&context, 1, 0) != 0) {
|
||||
return -1;
|
||||
}
|
||||
+ */
|
||||
#ifdef __OpenBSD__
|
||||
printf("\nAdd the following rule to /etc/pf.conf:\npass out from %s nat-to egress\n\n",
|
||||
context.remote_tun_ip);
|
||||
#endif
|
||||
+/*
|
||||
} else {
|
||||
firewall_rules(&context, 0, 1);
|
||||
+*/
|
||||
}
|
||||
signal(SIGINT, signal_handler);
|
||||
signal(SIGTERM, signal_handler);
|
||||
Loading…
Add table
Add a link
Reference in a new issue