Add Full Cone NAT support

root/package/network/config/firewall/patches/fullconenat.patch

@@ -0,0 +1,40 @@
+--- a/options.h
++++ b/options.h
+@@ -341,6 +341,8 @@ struct fw3_zone
+ 	struct list_head masq_src;
+ 	struct list_head masq_dest;
+ 
++	bool fullcone;
++
+ 	bool mtu_fix;
+ 
+ 	struct list_head cthelpers;
+--- a/zones.c
++++ b/zones.c
+@@ -77,6 +77,8 @@ const struct fw3_option fw3_zone_opts[]
+ 	FW3_LIST("masq_src",           network,  zone,     masq_src),
+ 	FW3_LIST("masq_dest",          network,  zone,     masq_dest),
+ 
++	FW3_OPT("fullcone",            bool,     zone,     fullcone),
++
+ 	FW3_OPT("extra",               string,   zone,     extra_src),
+ 	FW3_OPT("extra_src",           string,   zone,     extra_src),
+ 	FW3_OPT("extra_dest",          string,   zone,     extra_dest),
+@@ -709,7 +711,16 @@ print_zone_rule(struct fw3_ipt_handle *h
+ 				     (mdest = next_addr(mdest, &zone->masq_dest,
+ 					                    handle->family, false)) || first_dest;
+ 				     first_dest = false)
+-				{
++				if (zone->fullcone && (access("/usr/lib/iptables/libipt_FULLCONENAT.so", 0) == 0)) {
++					r = fw3_ipt_rule_new(handle);
++					fw3_ipt_rule_src_dest(r, msrc, mdest);
++					fw3_ipt_rule_target(r, "FULLCONENAT");
++					fw3_ipt_rule_append(r, "zone_%s_postrouting", zone->name);
++					r = fw3_ipt_rule_new(handle);
++					fw3_ipt_rule_src_dest(r, msrc, mdest);
++					fw3_ipt_rule_target(r, "FULLCONENAT");
++					fw3_ipt_rule_append(r, "zone_%s_prerouting", zone->name);
++				} else {
+ 					r = fw3_ipt_rule_new(handle);
+ 					fw3_ipt_rule_src_dest(r, msrc, mdest);
+ 					fw3_ipt_rule_target(r, "MASQUERADE");