emissary-firmware/misc/rpi/uci-defaults/99-x86-uci-custom.sh

37 lines
1008 B
Bash

#/bin/sh
set -e
main() {
# Update default firewall ruleset
uci add firewall rule
uci set firewall.@rule[-1].name='Allow SSH on WAN'
uci set firewall.@rule[-1].src='wan'
uci set firewall.@rule[-1].proto='tcp'
uci set firewall.@rule[-1].dest_port='22'
uci set firewall.@rule[-1].target='ACCEPT'
uci add firewall rule
uci set firewall.@rule[-1].name='Allow HTTP on WAN'
uci set firewall.@rule[-1].src='wan'
uci set firewall.@rule[-1].proto='tcp'
uci set firewall.@rule[-1].dest_port='80'
uci set firewall.@rule[-1].target='ACCEPT'
uci add firewall rule
uci set firewall.@rule[-1].name='Allow HTTPS on WAN'
uci set firewall.@rule[-1].src='wan'
uci set firewall.@rule[-1].proto='tcp'
uci set firewall.@rule[-1].dest_port='443'
uci set firewall.@rule[-1].target='ACCEPT'
uci commit firewall
# Disable DNS-rebind protection
uci set dhcp.@dnsmasq[0].rebind_protection='0'
uci commit dhcp
reload_config
}
main