From 3fb4cdad134b830ceca0950f9edfc89ce7deddb7 Mon Sep 17 00:00:00 2001
From: Martin Weinelt <martin@darmstadt.freifunk.net>
Date: Sat, 4 Apr 2020 18:47:07 +0200
Subject: [PATCH] gluon-respondd: allow queries from extra_prefix6

Fixes #1959
---
 .../lib/gluon/upgrade/400-respondd-firewall      | 16 ++++++++++++++++
 1 file changed, 16 insertions(+)

diff --git a/package/gluon-respondd/luasrc/lib/gluon/upgrade/400-respondd-firewall b/package/gluon-respondd/luasrc/lib/gluon/upgrade/400-respondd-firewall
index 506de289..2419b108 100755
--- a/package/gluon-respondd/luasrc/lib/gluon/upgrade/400-respondd-firewall
+++ b/package/gluon-respondd/luasrc/lib/gluon/upgrade/400-respondd-firewall
@@ -25,6 +25,7 @@ uci:section('firewall', 'rule', 'client_respondd', {
 	target = 'ACCEPT',
 })
 
+-- Allow respondd-access from within the mesh
 uci:section('firewall', 'rule',  'mesh_respondd_ll', {
 	name = 'mesh_respondd_ll',
 	src = 'mesh',
@@ -43,4 +44,19 @@ uci:section('firewall', 'rule',  'mesh_respondd_siteprefix', {
 	target = 'ACCEPT',
 })
 
+uci:delete_all('firewall', 'rule', function(rule)
+	return rule['.name']:find('^mesh_respondd_extraprefix')
+end)
+
+for idx, prefix in ipairs(site.extra_prefixes6({})) do
+	uci:section('firewall', 'rule',  'mesh_respondd_extraprefix' .. idx, {
+		name = 'mesh_respondd_extraprefix' .. idx,
+		src = 'mesh',
+		src_ip = prefix,
+		dest_port = '1001',
+		proto = 'udp',
+		target = 'ACCEPT',
+	})
+end
+
 uci:save('firewall')