From 75c70fa721bbc4772de231b8eb6a3558302a2900 Mon Sep 17 00:00:00 2001
From: Ycarus <ycarus@zugaina.org>
Date: Thu, 24 May 2018 20:07:48 +0200
Subject: [PATCH] Add firewall rule to allow all from LAN to VPN

---
 .../root/etc/uci-defaults/40_luci-glorytun           | 12 +++++++++++-
 1 file changed, 11 insertions(+), 1 deletion(-)

diff --git a/luci-app-glorytun/root/etc/uci-defaults/40_luci-glorytun b/luci-app-glorytun/root/etc/uci-defaults/40_luci-glorytun
index 80fe48164..c5b9d35cf 100644
--- a/luci-app-glorytun/root/etc/uci-defaults/40_luci-glorytun
+++ b/luci-app-glorytun/root/etc/uci-defaults/40_luci-glorytun
@@ -47,6 +47,16 @@ if [ "$(uci -q show firewall | grep vpn)" = "" ]; then
 		commit firewall
 	EOF
 fi
-
+if [ "$(uci -q show firewall | grep Allow-All-LAN-to-VPN)" = "" ]; then
+	uci -q batch <<-EOF >/dev/null
+		add firewall rule
+		set firewall.@rule[-1].enabled='1'
+		set firewall.@rule[-1].target='ACCEPT'
+		set firewall.@rule[-1].name='Allow-All-LAN-to-VPN'
+		set firewall.@rule[-1].dest='vpn'
+		set firewall.@rule[-1].src='lan'
+		commit firewall
+	EOF
+fi
 rm -f /tmp/luci-indexcache
 exit 0