diff --git a/src/freedombone b/src/freedombone index 45fddaa6..012d53b6 100755 --- a/src/freedombone +++ b/src/freedombone @@ -5810,6 +5810,23 @@ function configure_firewall_for_voip { echo 'configure_firewall_for_voip' >> $COMPLETION_FILE } +function configure_firewall_for_avahi { + if grep -Fxq "configure_firewall_for_avahi" $COMPLETION_FILE; then + return + fi + if [[ $ENABLE_CJDNS != "yes" && $ENABLE_BATMAN != "yes" && $ENABLE_BABEL != "yes" ]]; then + return + fi + iptables -A INPUT -p tcp -m state -m tcp --dport 548 --state NEW -j ACCEPT + iptables -A INPUT -p tcp -m state -m udp --dport 548 --state NEW -j ACCEPT + iptables -A INPUT -p tcp -m state -m tcp --dport 5353 --state NEW -j ACCEPT + iptables -A INPUT -p tcp -m state -m udp --dport 5353 --state NEW -j ACCEPT + iptables -A INPUT -p tcp -m state -m tcp --dport 5354 --state NEW -j ACCEPT + iptables -A INPUT -p tcp -m state -m udp --dport 5354 --state NEW -j ACCEPT + save_firewall_settings + echo 'configure_firewall_for_avahi' >> $COMPLETION_FILE +} + function configure_firewall_for_cjdns { if grep -Fxq "configure_firewall_for_cjdns" $COMPLETION_FILE; then return @@ -5832,8 +5849,6 @@ function configure_firewall_for_batman { fi # DHCP iptables -A INPUT -i eth0 -p udp --dport 547 -j ACCEPT - iptables -A INPUT -i $WIFI_INTERFACE -p udp --dport 5353 -d 224.0.0.251 -j ACCEPT - ip6tables -A INPUT -i $WIFI_INTERFACE -p udp --dport 5353 -j ACCEPT save_firewall_settings echo 'configure_firewall_for_batman' >> $COMPLETION_FILE @@ -5847,7 +5862,6 @@ function configure_firewall_for_babel { return fi iptables -A INPUT -i $WIFI_INTERFACE -p udp --dport $BABEL_PORT -j ACCEPT - iptables -A INPUT -i $WIFI_INTERFACE -p udp --dport 5353 -d 224.0.0.251 -j ACCEPT save_firewall_settings echo 'configure_firewall_for_babel' >> $COMPLETION_FILE } @@ -10126,6 +10140,7 @@ configure_firewall_for_dns configure_firewall_for_ftp configure_firewall_for_web_access configure_firewall_for_voip +configure_firewall_for_avahi remove_proprietary_repos change_debian_repos enable_backports