44 lines
1.2 KiB
Bash
44 lines
1.2 KiB
Bash
#/bin/sh
|
|
|
|
set -e
|
|
|
|
main() {
|
|
# Update default firewall ruleset
|
|
uci add firewall rule
|
|
uci set firewall.@rule[-1].name='Allow SSH on WAN'
|
|
uci set firewall.@rule[-1].src='wan'
|
|
uci set firewall.@rule[-1].proto='tcp'
|
|
uci set firewall.@rule[-1].dest_port='22'
|
|
uci set firewall.@rule[-1].target='ACCEPT'
|
|
|
|
uci add firewall rule
|
|
uci set firewall.@rule[-1].name='Allow HTTP on WAN'
|
|
uci set firewall.@rule[-1].src='wan'
|
|
uci set firewall.@rule[-1].proto='tcp'
|
|
uci set firewall.@rule[-1].dest_port='80'
|
|
uci set firewall.@rule[-1].target='ACCEPT'
|
|
|
|
uci add firewall rule
|
|
uci set firewall.@rule[-1].name='Allow HTTPS on WAN'
|
|
uci set firewall.@rule[-1].src='wan'
|
|
uci set firewall.@rule[-1].proto='tcp'
|
|
uci set firewall.@rule[-1].dest_port='443'
|
|
uci set firewall.@rule[-1].target='ACCEPT'
|
|
|
|
uci add firewall rule
|
|
uci set firewall.@rule[-1].name='Allow 42521 on WAN'
|
|
uci set firewall.@rule[-1].src='wan'
|
|
uci set firewall.@rule[-1].proto='tcp'
|
|
uci set firewall.@rule[-1].dest_port='42521'
|
|
uci set firewall.@rule[-1].target='ACCEPT'
|
|
|
|
uci commit firewall
|
|
|
|
# Disable DNS-rebind protection
|
|
uci set dhcp.@dnsmasq[0].rebind_protection='0'
|
|
uci commit dhcp
|
|
|
|
reload_config
|
|
}
|
|
|
|
main |