avahi ports

src/freedombone

@@ -5810,6 +5810,23 @@ function configure_firewall_for_voip {
   echo 'configure_firewall_for_voip' >> $COMPLETION_FILE
 }
 
+function configure_firewall_for_avahi {
+  if grep -Fxq "configure_firewall_for_avahi" $COMPLETION_FILE; then
+      return
+  fi
+  if [[ $ENABLE_CJDNS != "yes" && $ENABLE_BATMAN != "yes" && $ENABLE_BABEL != "yes" ]]; then
+      return
+  fi
+  iptables -A INPUT -p tcp -m state -m tcp --dport 548 --state NEW -j ACCEPT
+  iptables -A INPUT -p tcp -m state -m udp --dport 548 --state NEW -j ACCEPT
+  iptables -A INPUT -p tcp -m state -m tcp --dport 5353 --state NEW -j ACCEPT
+  iptables -A INPUT -p tcp -m state -m udp --dport 5353 --state NEW -j ACCEPT
+  iptables -A INPUT -p tcp -m state -m tcp --dport 5354 --state NEW -j ACCEPT
+  iptables -A INPUT -p tcp -m state -m udp --dport 5354 --state NEW -j ACCEPT
+  save_firewall_settings
+  echo 'configure_firewall_for_avahi' >> $COMPLETION_FILE
+}
+
 function configure_firewall_for_cjdns {
   if grep -Fxq "configure_firewall_for_cjdns" $COMPLETION_FILE; then
       return
@@ -5832,8 +5849,6 @@ function configure_firewall_for_batman {
   fi
   # DHCP
   iptables -A INPUT -i eth0 -p udp --dport 547 -j ACCEPT
-  iptables -A INPUT -i $WIFI_INTERFACE -p udp --dport 5353 -d 224.0.0.251 -j ACCEPT
-  ip6tables -A INPUT -i $WIFI_INTERFACE -p udp --dport 5353 -j ACCEPT
 
   save_firewall_settings
   echo 'configure_firewall_for_batman' >> $COMPLETION_FILE
@@ -5847,7 +5862,6 @@ function configure_firewall_for_babel {
       return
   fi
   iptables -A INPUT -i $WIFI_INTERFACE -p udp --dport $BABEL_PORT -j ACCEPT
-  iptables -A INPUT -i $WIFI_INTERFACE -p udp --dport 5353 -d 224.0.0.251 -j ACCEPT
   save_firewall_settings
   echo 'configure_firewall_for_babel' >> $COMPLETION_FILE
 }
@@ -10126,6 +10140,7 @@ configure_firewall_for_dns
 configure_firewall_for_ftp
 configure_firewall_for_web_access
 configure_firewall_for_voip
+configure_firewall_for_avahi
 remove_proprietary_repos
 change_debian_repos
 enable_backports