Home Explore Help
Register Sign In
FreifunkHochstift
/
gluon
6
0
Fork 0
Files Issues 0 Pull Requests 0
Tree: 1c1f490527
Branches Tags
gluon
/
package
/
gluon-core
/
luasrc
/
lib
/
gluon
/
upgrade
/
140-firewall-rules

140-firewall-rules 547 B
History Raw

1234567891011121314151617181920212223242526272829 
  1. #!/usr/bin/lua
    2. 

  2. 

  3. local site = require 'gluon.site_config'
    4. 

  4. local uci = require 'luci.model.uci'
    5. 

  5. 

  6. local c = uci.cursor()
    7. 

  7. 

  8. 

  9. local function reject_input_on_wan(zone)
    10. 

  10. 	if zone.name == 'wan' then
    11. 

  11. 		c:set('firewall', zone['.name'], 'input', 'REJECT')
    12. 

  12. 		c:set('firewall', zone['.name'], 'conntrack', '1')
    13. 

  13. 	end
    14. 

  14. 

  15. 	return true
    16. 

  16. end
    17. 

  17. c:foreach('firewall', 'zone', reject_input_on_wan)
    18. 

  18. 

  19. c:section('firewall', 'rule', 'wan_ssh',
    20. 

  20. 	  {
    21. 

  21. 		  name = 'wan_ssh',
    22. 

  22. 		  src = 'wan',
    23. 

  23. 		  dest_port = '22',
    24. 

  24. 		  proto = 'tcp',
    25. 

  25. 		  target = 'ACCEPT',
    26. 

  26. 	  }
    27. 

  27. )
    28. 

  28. 

  29. c:save('firewall')
    30.