39 lines
1.1 KiB
Bash
39 lines
1.1 KiB
Bash
#/bin/sh
|
|
|
|
set -e
|
|
|
|
main() {
|
|
uci add firewall rule
|
|
uci set firewall.@rule[-1].name='Allow SSH on WAN'
|
|
uci set firewall.@rule[-1].src='wan'
|
|
uci set firewall.@rule[-1].proto='tcp'
|
|
uci set firewall.@rule[-1].dest_port='22'
|
|
uci set firewall.@rule[-1].target='ACCEPT'
|
|
|
|
uci add firewall rule
|
|
uci set firewall.@rule[-1].name='Allow HTTP on WAN'
|
|
uci set firewall.@rule[-1].src='wan'
|
|
uci set firewall.@rule[-1].proto='tcp'
|
|
uci set firewall.@rule[-1].dest_port='80'
|
|
uci set firewall.@rule[-1].target='ACCEPT'
|
|
|
|
uci add firewall rule
|
|
uci set firewall.@rule[-1].name='Allow HTTPS on WAN'
|
|
uci set firewall.@rule[-1].src='wan'
|
|
uci set firewall.@rule[-1].proto='tcp'
|
|
uci set firewall.@rule[-1].dest_port='443'
|
|
uci set firewall.@rule[-1].target='ACCEPT'
|
|
|
|
uci commit firewall
|
|
service firewall restart
|
|
|
|
# Forward DNS queries to public DNS
|
|
( uci -q delete dhcp.@dnsmasq[0].server || exit 0 )
|
|
uci add_list dhcp.@dnsmasq[0].server="8.8.8.8"
|
|
uci add_list dhcp.@dnsmasq[0].server="8.8.4.4"
|
|
|
|
uci commit dhcp
|
|
service dnsmasq restart
|
|
}
|
|
|
|
main |