mptcp/openmptcprouter-feeds
1
0
Fork 0
mirror of https://github.com/Ysurac/openmptcprouter-feeds.git synced 2025-03-09 15:40:03 +00:00
Code Issues Releases Wiki Activity

Try to disable firewall changes made by dsvpn

Browse source
This commit is contained in:
Ycarus (Yannick Chabanois) 2019-08-26 17:42:22 +02:00
parent e85b445dcc
commit 6c4c56a439
3 changed files with 60 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

4
dsvpn/Makefile
View file

@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk
PKG_SOURCE_PROTO:=git PKG_SOURCE_PROTO:=git
PKG_SOURCE_URL:=https://github.com/jedisct1/dsvpn.git PKG_SOURCE_URL:=https://github.com/jedisct1/dsvpn.git
PKG_SOURCE_VERSION:=5372b454ae7925f11951b17cf42e52e270a75141 PKG_SOURCE_VERSION:=4a1417b4d9a7c55bac3ac289ea90e7f9d2038d0e
PKG_NAME:=dsvpn PKG_NAME:=dsvpn
PKG_VERSION:=0.1.3-$(PKG_SOURCE_VERSION) PKG_VERSION:=0.1.3-$(PKG_SOURCE_VERSION)
PKG_RELEASE:=1 PKG_RELEASE:=1
@ -34,7 +34,7 @@ define Package/$(PKG_NAME)/install
$(INSTALL_DIR) $(1)/usr/sbin $(INSTALL_DIR) $(1)/usr/sbin
$(INSTALL_BIN) $(PKG_BUILD_DIR)/dsvpn $(1)/usr/sbin/$(PKG_NAME) $(INSTALL_BIN) $(PKG_BUILD_DIR)/dsvpn $(1)/usr/sbin/$(PKG_NAME)
$(INSTALL_DIR) $(1)/etc/init.d $(INSTALL_DIR) $(1)/etc/init.d
$(INSTALL_BIN) init $(1)/etc/init.d/$(PKG_NAME) $(INSTALL_BIN) files/init $(1)/etc/init.d/$(PKG_NAME)
$(INSTALL_DIR) $(1)/etc/config $(INSTALL_DIR) $(1)/etc/config
touch $(1)/etc/config/dsvpn touch $(1)/etc/config/dsvpn
endef endef

0
dsvpn/init → dsvpn/files/init
View file

58
dsvpn/patches/nofirewall.patch Normal file
View file

@ -0,0 +1,58 @@
diff --git a/src/vpn.c b/src/vpn.c
index 8064d62..0142f63 100644
--- a/src/vpn.c
+++ b/src/vpn.c
@@ -297,6 +297,7 @@ static int client_connect(Context *context)
context->client_buf.pos = 0;
memset(context->client_buf.data, 0, sizeof context->client_buf.data);
+ /*
if (context->wanted_ext_gw_ip == NULL && (ext_gw_ip = get_default_gw_ip()) != NULL &&
strcmp(ext_gw_ip, context->ext_gw_ip) != 0) {
printf("Gateway changed from [%s] to [%s]\n", context->ext_gw_ip, ext_gw_ip);
@@ -304,6 +305,7 @@ static int client_connect(Context *context)
snprintf(context->ext_gw_ip, sizeof context->ext_gw_ip, "%s", ext_gw_ip);
firewall_rules(context, 1, 0);
}
+ */
memset(context->uc_st, 0, sizeof context->uc_st);
context->uc_st[context->is_server][0] ^= 1;
context->client_fd = tcp_client(context->server_ip, context->server_port);
@@ -319,7 +321,7 @@ static int client_connect(Context *context)
sleep(1);
return -1;
}
- firewall_rules(context, 1, 0);
+ //firewall_rules(context, 1, 0);
context->fds[POLLFD_CLIENT] =
(struct pollfd){ .fd = context->client_fd, .events = POLLIN, .revents = 0 };
puts("Connected");
@@ -597,22 +599,26 @@ int main(int argc, char *argv[])
#ifdef __OpenBSD__
pledge("stdio proc exec dns inet", NULL);
#endif
- context.firewall_rules_set = -1;
+ //context.firewall_rules_set = -1;
if (context.server_ip_or_name != NULL &&
resolve_ip(context.server_ip, sizeof context.server_ip, context.server_ip_or_name) != 0) {
- firewall_rules(&context, 0, 1);
+ //firewall_rules(&context, 0, 1);
return 1;
}
if (context.is_server) {
+ /*
if (firewall_rules(&context, 1, 0) != 0) {
return -1;
}
+ */
#ifdef __OpenBSD__
printf("\nAdd the following rule to /etc/pf.conf:\npass out from %s nat-to egress\n\n",
context.remote_tun_ip);
#endif
+/*
} else {
firewall_rules(&context, 0, 1);
+*/
}
signal(SIGINT, signal_handler);
signal(SIGTERM, signal_handler);