From 66b96ebf79f5bc1ac88e993727be624ac1804b4c Mon Sep 17 00:00:00 2001
From: Bob Mottram <bob@robotics.uk.to>
Date: Sun, 9 Aug 2015 15:38:14 +0100
Subject: [PATCH] enable and disable avahi ports

---
 src/freedombone-client | 14 ++++++++++++--
 1 file changed, 12 insertions(+), 2 deletions(-)

diff --git a/src/freedombone-client b/src/freedombone-client
index 4c7a2235..a3939943 100755
--- a/src/freedombone-client
+++ b/src/freedombone-client
@@ -263,7 +263,12 @@ function mesh_batman {
   echo '        ifconfig $BRIDGE up' >> $batman_script
   echo '    fi' >> $batman_script
   echo '' >> $batman_script
-  echo '    iptables -A INPUT -i $IFACE -p udp --dport 5353 -j ACCEPT' >> $batman_script
+  echo '    iptables -A INPUT -p tcp -m state -m tcp --dport 548 --state NEW -j ACCEPT' >> $batman_script
+  echo '    iptables -A INPUT -p tcp -m state -m udp --dport 548 --state NEW -j ACCEPT' >> $batman_script
+  echo '    iptables -A INPUT -p tcp -m state -m tcp --dport 5353 --state NEW -j ACCEPT' >> $batman_script
+  echo '    iptables -A INPUT -p tcp -m state -m udp --dport 5353 --state NEW -j ACCEPT' >> $batman_script
+  echo '    iptables -A INPUT -p tcp -m state -m tcp --dport 5354 --state NEW -j ACCEPT' >> $batman_script
+  echo '    iptables -A INPUT -p tcp -m state -m udp --dport 5354 --state NEW -j ACCEPT' >> $batman_script
   echo '' >> $batman_script
   echo '    if [ -f /bin/systemctl ]; then' >> $batman_script
   echo '        systemctl restart avahi-daemon' >> $batman_script
@@ -295,7 +300,12 @@ function mesh_batman {
   echo '    ifconfig $IFACE down' >> $batman_script
   echo '    iwconfig $IFACE mode managed' >> $batman_script
   echo '' >> $batman_script
-  echo '    iptables -D INPUT -i $IFACE -p udp --dport 5353 -j ACCEPT' >> $batman_script
+  echo '    iptables -D INPUT -p tcp -m state -m tcp --dport 548 --state NEW -j ACCEPT' >> $batman_script
+  echo '    iptables -D INPUT -p tcp -m state -m udp --dport 548 --state NEW -j ACCEPT' >> $batman_script
+  echo '    iptables -D INPUT -p tcp -m state -m tcp --dport 5353 --state NEW -j ACCEPT' >> $batman_script
+  echo '    iptables -D INPUT -p tcp -m state -m udp --dport 5353 --state NEW -j ACCEPT' >> $batman_script
+  echo '    iptables -D INPUT -p tcp -m state -m tcp --dport 5354 --state NEW -j ACCEPT' >> $batman_script
+  echo '    iptables -D INPUT -p tcp -m state -m udp --dport 5354 --state NEW -j ACCEPT' >> $batman_script
   echo '' >> $batman_script
   echo '    if [ -f /bin/systemctl ]; then' >> $batman_script
   echo '        systemctl restart network-manager' >> $batman_script