summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authornbd <nbd@3c298f89-4303-0410-b956-a3cf2f4a3e73>2005-03-22 13:05:35 +0000
committernbd <nbd@3c298f89-4303-0410-b956-a3cf2f4a3e73>2005-03-22 13:05:35 +0000
commit7d91b9bbd43da94e2e2dda3cbf5984a377627f7f (patch)
treebbf942c2b61115c863d6afb5f4c3c71ed079e844
parentaac7a49c1145d1fe4cf0d1de30d64045adb41907 (diff)
allow GRE protocol in default firewall settings
git-svn-id: svn://svn.openwrt.org/openwrt/trunk/openwrt@416 3c298f89-4303-0410-b956-a3cf2f4a3e73
-rwxr-xr-xtarget/default/target_skeleton/etc/init.d/S45firewall3
1 files changed, 2 insertions, 1 deletions
diff --git a/target/default/target_skeleton/etc/init.d/S45firewall b/target/default/target_skeleton/etc/init.d/S45firewall
index 49b9df000..9bcb11a3f 100755
--- a/target/default/target_skeleton/etc/init.d/S45firewall
+++ b/target/default/target_skeleton/etc/init.d/S45firewall
@@ -12,7 +12,8 @@ done
$IPT -t filter -A INPUT -m state --state INVALID -j DROP
$IPT -t filter -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-$IPT -t filter -A INPUT -p icmp -j ACCEPT
+$IPT -t filter -A INPUT -p icmp -j ACCEPT
+$IPT -t filter -A INPUT -p 47 -j ACCEPT # allow GRE
$IPT -t filter -A INPUT -i $WAN -p tcp -j REJECT --reject-with tcp-reset
$IPT -t filter -A INPUT -i $WAN -j REJECT --reject-with icmp-port-unreachable
$IPT -t filter -A FORWARD -m state --state INVALID -j DROP