aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorHimbeer <himbeer@disroot.org>2024-08-17 21:15:43 +0200
committerHimbeer <himbeer@disroot.org>2024-08-17 21:15:43 +0200
commite2cb3efab50561d764bc55a28333c3fade5790c9 (patch)
tree6b7e671cee11aeae6d1024a2543fba6e1535fa35
parent9c20ce911351d36af02f6f5566a8351c06c68264 (diff)
Allow VoIP access Exposed -> Trusted
Diffstat
-rw-r--r--src/main.rs16
1 files changed, 7 insertions, 9 deletions
diff --git a/src/main.rs b/src/main.rs
index 895e0c1..1436a5f 100644
--- a/src/main.rs
+++ b/src/main.rs
@@ -296,6 +296,13 @@ fn filter() -> Result<()> {
.accept();
batch.add(&allow_exposed_to_wan6in4, MsgType::Add);
+ let allow_exposed_to_trusted_sip = Rule::new(&forward)?
+ .iface("eth0.40")?
+ .oface("eth0.10")?
+ .dport(5060, Protocol::UDP)
+ .accept();
+ batch.add(&allow_exposed_to_trusted_sip, MsgType::Add);
+
let allow_exposed_to_vpn_sip = Rule::new(&forward)?
.iface("eth0.40")?
.oface("wg0")?
@@ -303,15 +310,6 @@ fn filter() -> Result<()> {
.accept();
batch.add(&allow_exposed_to_vpn_sip, MsgType::Add);
- for port in 16384..=16482 {
- let allow_exposed_to_vpn_rtp = Rule::new(&forward)?
- .iface("eth0.40")?
- .oface("wg0")?
- .dport(port, Protocol::UDP)
- .accept();
- batch.add(&allow_exposed_to_vpn_rtp, MsgType::Add);
- }
-
let allow_vpn_to_modem = Rule::new(&forward)?.iface("wg0")?.oface("eth1")?.accept();
batch.add(&allow_vpn_to_modem, MsgType::Add);
generated by cgit v1.2.3 (git 2.39.1) at 2025-05-09 12:56:21 +0000