mptcp/openmptcprouter-feeds
1
0
Fork 0
mirror of https://github.com/Ysurac/openmptcprouter-feeds.git synced 2025-02-14 19:41:51 +00:00
Code Issues Releases Wiki Activity

Set REJECT as default for firewall config

Browse source
This commit is contained in:
Ycarus (Yannick Chabanois) 2020-06-26 15:02:48 +02:00
parent 9a66920099
commit b907c99915
1 changed files with 8 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
openmptcprouter/files/etc/uci-defaults/1980-omr-firewall
View file

@ -1,5 +1,13 @@
#!/bin/sh #!/bin/sh
# Set REJECT as default rule if an interface is not in a zone
uci -q batch <<-EOF >/dev/null
set firewall.@defaults[0].input='REJECT'
set firewall.@defaults[0].output='REJECT'
set firewall.@defaults[0].forward='REJECT'
EOF
if [ "$(uci -q get firewall.@zone[2].name)" = "vpn" ]; then if [ "$(uci -q get firewall.@zone[2].name)" = "vpn" ]; then
uci -q batch <<-EOF >/dev/null uci -q batch <<-EOF >/dev/null
del firewall.@zone[2] del firewall.@zone[2]