From 32eee30170230fc9a1723cf4e33a38c5a256c032 Mon Sep 17 00:00:00 2001 From: Bob Mottram Date: Sun, 23 Aug 2015 22:23:18 +0100 Subject: [PATCH] Stateless mDNS --- src/freedombone | 36 ++++++++++++++++++------------------ 1 file changed, 18 insertions(+), 18 deletions(-) diff --git a/src/freedombone b/src/freedombone index c3bbb4ef..fb2d78dd 100755 --- a/src/freedombone +++ b/src/freedombone @@ -1972,12 +1972,12 @@ function mesh_batman_bridge { echo ' ifconfig $BRIDGE up' >> $batman_script echo ' fi' >> $batman_script echo '' >> $batman_script - echo ' iptables -A INPUT -p tcp -m state -m tcp --dport 548 --state NEW -j ACCEPT' >> $batman_script - echo ' iptables -A INPUT -p udp -m state -m udp --dport 548 --state NEW -j ACCEPT' >> $batman_script - echo ' iptables -A INPUT -p tcp -m state -m tcp --dport 5353 --state NEW -j ACCEPT' >> $batman_script - echo ' iptables -A INPUT -p udp -m state -m udp --dport 5353 --state NEW -j ACCEPT' >> $batman_script - echo ' iptables -A INPUT -p tcp -m state -m tcp --dport 5354 --state NEW -j ACCEPT' >> $batman_script - echo ' iptables -A INPUT -p udp -m state -m udp --dport 5354 --state NEW -j ACCEPT' >> $batman_script + echo ' iptables -A INPUT -p tcp --dport 548 -j ACCEPT' >> $batman_script + echo ' iptables -A INPUT -p udp --dport 548 -j ACCEPT' >> $batman_script + echo ' iptables -A INPUT -p tcp --dport 5353 -j ACCEPT' >> $batman_script + echo ' iptables -A INPUT -p udp --dport 5353 -j ACCEPT' >> $batman_script + echo ' iptables -A INPUT -p tcp --dport 5354 -j ACCEPT' >> $batman_script + echo ' iptables -A INPUT -p udp --dport 5354 -j ACCEPT' >> $batman_script echo '' >> $batman_script echo ' systemctl restart avahi-daemon' >> $batman_script echo '}' >> $batman_script @@ -2005,12 +2005,12 @@ function mesh_batman_bridge { echo ' ifconfig $IFACE down' >> $batman_script echo ' iwconfig $IFACE mode managed' >> $batman_script echo '' >> $batman_script - echo ' iptables -D INPUT -p tcp -m state -m tcp --dport 548 --state NEW -j ACCEPT' >> $batman_script - echo ' iptables -D INPUT -p udp -m state -m udp --dport 548 --state NEW -j ACCEPT' >> $batman_script - echo ' iptables -D INPUT -p tcp -m state -m tcp --dport 5353 --state NEW -j ACCEPT' >> $batman_script - echo ' iptables -D INPUT -p udp -m state -m udp --dport 5353 --state NEW -j ACCEPT' >> $batman_script - echo ' iptables -D INPUT -p tcp -m state -m tcp --dport 5354 --state NEW -j ACCEPT' >> $batman_script - echo ' iptables -D INPUT -p udp -m state -m udp --dport 5354 --state NEW -j ACCEPT' >> $batman_script + echo ' iptables -D INPUT -p tcp --dport 548 -j ACCEPT' >> $batman_script + echo ' iptables -D INPUT -p udp --dport 548 -j ACCEPT' >> $batman_script + echo ' iptables -D INPUT -p tcp --dport 5353 -j ACCEPT' >> $batman_script + echo ' iptables -D INPUT -p udp --dport 5353 -j ACCEPT' >> $batman_script + echo ' iptables -D INPUT -p tcp --dport 5354 -j ACCEPT' >> $batman_script + echo ' iptables -D INPUT -p udp --dport 5354 -j ACCEPT' >> $batman_script echo '' >> $batman_script echo ' systemctl restart network-manager' >> $batman_script echo '}' >> $batman_script @@ -5935,12 +5935,12 @@ function configure_firewall_for_avahi { if [[ $ENABLE_CJDNS != "yes" && $ENABLE_BATMAN != "yes" && $ENABLE_BABEL != "yes" ]]; then return fi - iptables -A INPUT -p tcp -m state -m tcp --dport 548 --state NEW -j ACCEPT - iptables -A INPUT -p udp -m state -m udp --dport 548 --state NEW -j ACCEPT - iptables -A INPUT -p tcp -m state -m tcp --dport 5353 --state NEW -j ACCEPT - iptables -A INPUT -p udp -m state -m udp --dport 5353 --state NEW -j ACCEPT - iptables -A INPUT -p tcp -m state -m tcp --dport 5354 --state NEW -j ACCEPT - iptables -A INPUT -p udp -m state -m udp --dport 5354 --state NEW -j ACCEPT + iptables -A INPUT -p tcp --dport 548 -j ACCEPT + iptables -A INPUT -p udp --dport 548 -j ACCEPT + iptables -A INPUT -p tcp --dport 5353 -j ACCEPT + iptables -A INPUT -p udp --dport 5353 -j ACCEPT + iptables -A INPUT -p tcp --dport 5354 -j ACCEPT + iptables -A INPUT -p udp --dport 5354 -j ACCEPT save_firewall_settings echo 'configure_firewall_for_avahi' >> $COMPLETION_FILE }