emissary-firmware/misc/x86/uci-defaults/99-x86-uci-custom.sh

#/bin/sh

set -e

main() {
    # Update default firewall ruleset
    uci add firewall rule
    uci set firewall.@rule[-1].name='Allow SSH on WAN'
    uci set firewall.@rule[-1].src='wan'
    uci set firewall.@rule[-1].proto='tcp'
    uci set firewall.@rule[-1].dest_port='22'
    uci set firewall.@rule[-1].target='ACCEPT'

    uci add firewall rule
    uci set firewall.@rule[-1].name='Allow HTTP on WAN'
    uci set firewall.@rule[-1].src='wan'
    uci set firewall.@rule[-1].proto='tcp'
    uci set firewall.@rule[-1].dest_port='80'
    uci set firewall.@rule[-1].target='ACCEPT'

    uci add firewall rule
    uci set firewall.@rule[-1].name='Allow HTTPS on WAN'
    uci set firewall.@rule[-1].src='wan'
    uci set firewall.@rule[-1].proto='tcp'
    uci set firewall.@rule[-1].dest_port='443'
    uci set firewall.@rule[-1].target='ACCEPT'

    uci commit firewall
    
    # Disable DNS-rebind protection
    uci set dhcp.@dnsmasq[0].rebind_protection='0'
    uci commit dhcp

    reload_config
}

main
feat: x86 configuration 2023-03-02 21:24:18 +01:00			`#/bin/sh`

			`set -e`

			`main() {`
feat: differentiate machine-id generation in x86 target 2023-03-10 11:21:22 +01:00			`# Update default firewall ruleset`
feat: x86 configuration 2023-03-02 21:24:18 +01:00			`uci add firewall rule`
			`uci set firewall.@rule[-1].name='Allow SSH on WAN'`
			`uci set firewall.@rule[-1].src='wan'`
			`uci set firewall.@rule[-1].proto='tcp'`
			`uci set firewall.@rule[-1].dest_port='22'`
			`uci set firewall.@rule[-1].target='ACCEPT'`

			`uci add firewall rule`
			`uci set firewall.@rule[-1].name='Allow HTTP on WAN'`
			`uci set firewall.@rule[-1].src='wan'`
			`uci set firewall.@rule[-1].proto='tcp'`
			`uci set firewall.@rule[-1].dest_port='80'`
			`uci set firewall.@rule[-1].target='ACCEPT'`

			`uci add firewall rule`
			`uci set firewall.@rule[-1].name='Allow HTTPS on WAN'`
			`uci set firewall.@rule[-1].src='wan'`
			`uci set firewall.@rule[-1].proto='tcp'`
			`uci set firewall.@rule[-1].dest_port='443'`
			`uci set firewall.@rule[-1].target='ACCEPT'`

			`uci commit firewall`

feat: differentiate machine-id generation in x86 target 2023-03-10 11:21:22 +01:00			`# Disable DNS-rebind protection`
			`uci set dhcp.@dnsmasq[0].rebind_protection='0'`
feat: x86 configuration 2023-03-02 21:24:18 +01:00			`uci commit dhcp`
feat: differentiate machine-id generation in x86 target 2023-03-10 11:21:22 +01:00
			`reload_config`
feat: x86 configuration 2023-03-02 21:24:18 +01:00			`}`

			`main`