diff --git a/dsvpn/Makefile b/dsvpn/Makefile
index 0803632aa..12cb29241 100644
--- a/dsvpn/Makefile
+++ b/dsvpn/Makefile
@@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk
 
 PKG_SOURCE_PROTO:=git
 PKG_SOURCE_URL:=https://github.com/jedisct1/dsvpn.git
-PKG_SOURCE_VERSION:=5372b454ae7925f11951b17cf42e52e270a75141
+PKG_SOURCE_VERSION:=4a1417b4d9a7c55bac3ac289ea90e7f9d2038d0e
 PKG_NAME:=dsvpn
 PKG_VERSION:=0.1.3-$(PKG_SOURCE_VERSION)
 PKG_RELEASE:=1
@@ -34,7 +34,7 @@ define Package/$(PKG_NAME)/install
 	$(INSTALL_DIR) $(1)/usr/sbin
 	$(INSTALL_BIN) $(PKG_BUILD_DIR)/dsvpn $(1)/usr/sbin/$(PKG_NAME)
 	$(INSTALL_DIR) $(1)/etc/init.d
-	$(INSTALL_BIN) init $(1)/etc/init.d/$(PKG_NAME)
+	$(INSTALL_BIN) files/init $(1)/etc/init.d/$(PKG_NAME)
 	$(INSTALL_DIR) $(1)/etc/config
 	touch $(1)/etc/config/dsvpn
 endef
diff --git a/dsvpn/init b/dsvpn/files/init
similarity index 100%
rename from dsvpn/init
rename to dsvpn/files/init
diff --git a/dsvpn/patches/nofirewall.patch b/dsvpn/patches/nofirewall.patch
new file mode 100644
index 000000000..7fd7f389f
--- /dev/null
+++ b/dsvpn/patches/nofirewall.patch
@@ -0,0 +1,58 @@
+diff --git a/src/vpn.c b/src/vpn.c
+index 8064d62..0142f63 100644
+--- a/src/vpn.c
++++ b/src/vpn.c
+@@ -297,6 +297,7 @@ static int client_connect(Context *context)
+ 
+     context->client_buf.pos = 0;
+     memset(context->client_buf.data, 0, sizeof context->client_buf.data);
++    /*
+     if (context->wanted_ext_gw_ip == NULL && (ext_gw_ip = get_default_gw_ip()) != NULL &&
+         strcmp(ext_gw_ip, context->ext_gw_ip) != 0) {
+         printf("Gateway changed from [%s] to [%s]\n", context->ext_gw_ip, ext_gw_ip);
+@@ -304,6 +305,7 @@ static int client_connect(Context *context)
+         snprintf(context->ext_gw_ip, sizeof context->ext_gw_ip, "%s", ext_gw_ip);
+         firewall_rules(context, 1, 0);
+     }
++    */
+     memset(context->uc_st, 0, sizeof context->uc_st);
+     context->uc_st[context->is_server][0] ^= 1;
+     context->client_fd = tcp_client(context->server_ip, context->server_port);
+@@ -319,7 +321,7 @@ static int client_connect(Context *context)
+         sleep(1);
+         return -1;
+     }
+-    firewall_rules(context, 1, 0);
++    //firewall_rules(context, 1, 0);
+     context->fds[POLLFD_CLIENT] =
+         (struct pollfd){ .fd = context->client_fd, .events = POLLIN, .revents = 0 };
+     puts("Connected");
+@@ -597,22 +599,26 @@ int main(int argc, char *argv[])
+ #ifdef __OpenBSD__
+     pledge("stdio proc exec dns inet", NULL);
+ #endif
+-    context.firewall_rules_set = -1;
++    //context.firewall_rules_set = -1;
+     if (context.server_ip_or_name != NULL &&
+         resolve_ip(context.server_ip, sizeof context.server_ip, context.server_ip_or_name) != 0) {
+-        firewall_rules(&context, 0, 1);
++        //firewall_rules(&context, 0, 1);
+         return 1;
+     }
+     if (context.is_server) {
++        /*
+         if (firewall_rules(&context, 1, 0) != 0) {
+             return -1;
+         }
++        */
+ #ifdef __OpenBSD__
+         printf("\nAdd the following rule to /etc/pf.conf:\npass out from %s nat-to egress\n\n",
+                context.remote_tun_ip);
+ #endif
++/*
+     } else {
+         firewall_rules(&context, 0, 1);
++*/
+     }
+     signal(SIGINT, signal_handler);
+     signal(SIGTERM, signal_handler);