nils/gluon
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

gluon-mesh-vpn-fastd: allow outbound connections on fastd-ports

Browse Source
This commit is contained in:
Christof Schulze 2017-03-22 20:46:36 +01:00
parent 22042a3bf2
commit e7a47fd150
1 changed files with 39 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

39
package/gluon-mesh-vpn-fastd/luasrc/lib/gluon/upgrade/400-mesh-vpn-fastd
View File

@ -55,6 +55,7 @@ uci:delete('fastd', 'mesh_vpn', 'user')
local add_groups local add_groups
local ports = {}
local function add_peer(group, name, config) local function add_peer(group, name, config)
uci:section('fastd', 'peer', group .. '_peer_' .. name, { uci:section('fastd', 'peer', group .. '_peer_' .. name, {
@ -64,6 +65,20 @@ local function add_peer(group, name, config)
key = config.key, key = config.key,
remote = config.remotes, remote = config.remotes,
}) })
for k,r in ipairs(config.remotes)
do
for i in string.gmatch(r, "%S+")
do
if (tonumber(i))
then
if not isinset(tonumber(i),ports)
then
table.insert(ports, i)
end
end
end
end
end end
local function add_group(name, config, parent) local function add_group(name, config, parent)
@ -98,7 +113,31 @@ function add_groups(prefix, groups, parent)
end end
end end
function isinset(needle, haystack)
for i,v in ipairs(haystack)
do
if (tonumber(v) == tonumber(needle))
then
return true
end
end
return false
end
add_groups('mesh_vpn', site.mesh_vpn.fastd.groups) add_groups('mesh_vpn', site.mesh_vpn.fastd.groups)
for _,p in ipairs(ports)
do
uci:section('firewall', 'rule', 'wan_fastd_' .. p, {
name = 'wan_fastd_' .. p,
dest = 'wan',
dest_port = p,
proto = 'udp',
target = 'ACCEPT',
})
end
uci:save('fastd') uci:save('fastd')
uci:save('firewall')