aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorFelix Fietkau <nbd@openwrt.org>2005-03-22 13:05:35 +0000
committerFelix Fietkau <nbd@openwrt.org>2005-03-22 13:05:35 +0000
commita152561c07176d9900fe827b60f6e780d52e4e5b (patch)
treebbf942c2b61115c863d6afb5f4c3c71ed079e844
parent556815c3e6c2c6f7ae31be3974e1a50b42406a59 (diff)
downloadupstream-a152561c07176d9900fe827b60f6e780d52e4e5b.tar.gz
upstream-a152561c07176d9900fe827b60f6e780d52e4e5b.tar.bz2
upstream-a152561c07176d9900fe827b60f6e780d52e4e5b.zip
allow GRE protocol in default firewall settings
git-svn-id: svn://svn.openwrt.org/openwrt/trunk/openwrt@416 3c298f89-4303-0410-b956-a3cf2f4a3e73
-rwxr-xr-xtarget/default/target_skeleton/etc/init.d/S45firewall3
1 files changed, 2 insertions, 1 deletions
diff --git a/target/default/target_skeleton/etc/init.d/S45firewall b/target/default/target_skeleton/etc/init.d/S45firewall
index 49b9df0004..9bcb11a3f2 100755
--- a/target/default/target_skeleton/etc/init.d/S45firewall
+++ b/target/default/target_skeleton/etc/init.d/S45firewall
@@ -12,7 +12,8 @@ done
$IPT -t filter -A INPUT -m state --state INVALID -j DROP
$IPT -t filter -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-$IPT -t filter -A INPUT -p icmp -j ACCEPT
+$IPT -t filter -A INPUT -p icmp -j ACCEPT
+$IPT -t filter -A INPUT -p 47 -j ACCEPT # allow GRE
$IPT -t filter -A INPUT -i $WAN -p tcp -j REJECT --reject-with tcp-reset
$IPT -t filter -A INPUT -i $WAN -j REJECT --reject-with icmp-port-unreachable
$IPT -t filter -A FORWARD -m state --state INVALID -j DROP