Firewall for mesh tunnel

src/freedombone-app-batman

@@ -169,7 +169,7 @@ function install_mesh_tunnel {
     echo '; IP address the broker will listen and accept tunnels on' >> $rootdir/opt/tunneldigger/broker/l2tp_broker.cfg
     echo 'address=127.0.0.1' >> $rootdir/opt/tunneldigger/broker/l2tp_broker.cfg
     echo '; Ports where the broker will listen on' >> $rootdir/opt/tunneldigger/broker/l2tp_broker.cfg
-    echo "port=53,123,8942" >> $rootdir/opt/tunneldigger/broker/l2tp_broker.cfg
+    echo 'port=53,8942' >> $rootdir/opt/tunneldigger/broker/l2tp_broker.cfg
     echo '; Interface with that IP address' >> $rootdir/opt/tunneldigger/broker/l2tp_broker.cfg
     echo 'interface=lo' >> $rootdir/opt/tunneldigger/broker/l2tp_broker.cfg
     echo '; Maximum number of tunnels that will be allowed by the broker' >> $rootdir/opt/tunneldigger/broker/l2tp_broker.cfg

src/freedombone-mesh-batman

@@ -158,6 +158,11 @@ function stop {
     # SSB/Patchwork
     iptables -D INPUT -p udp --dport 8008 -j ACCEPT
     iptables -D INPUT -p tcp --dport 8008 -j ACCEPT
+    # Tunnel over the internet
+    iptables -D INPUT -p tcp --dport 53 -j ACCEPT
+    iptables -D INPUT -p udp --dport 53 -j ACCEPT
+    iptables -D INPUT -p tcp --dport 8942 -j ACCEPT
+    iptables -D INPUT -p udp --dport 8942 -j ACCEPT
 
     systemctl restart network-manager
 }
@@ -313,6 +318,11 @@ function start {
     # SSB/Patchwork
     iptables -A INPUT -p udp --dport 8008 -j ACCEPT
     iptables -A INPUT -p tcp --dport 8008 -j ACCEPT
+    # Tunnel over the internet
+    iptables -A INPUT -p tcp --dport 53 -j ACCEPT
+    iptables -A INPUT -p udp --dport 53 -j ACCEPT
+    iptables -A INPUT -p tcp --dport 8942 -j ACCEPT
+    iptables -A INPUT -p udp --dport 8942 -j ACCEPT
 
     systemctl restart avahi-daemon