From 5effcae08b605749952fe178649b508fa33bd877 Mon Sep 17 00:00:00 2001 From: HimbeerserverDE Date: Mon, 14 Aug 2023 09:08:04 +0200 Subject: allow mgmt / trusted traffic to modem --- src/main.rs | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/src/main.rs b/src/main.rs index 1d91419..013aee3 100644 --- a/src/main.rs +++ b/src/main.rs @@ -204,6 +204,9 @@ fn filter() -> Result<()> { let allow_established = Rule::new(&forward)?.established()?.accept(); batch.add(&allow_established, MsgType::Add); + let allow_mgmt_to_modem = Rule::new(&forward)?.iface("eth0")?.oface("eth1")?.accept(); + batch.add(&allow_mgmt_to_modem, MsgType::Add); + let allow_mgmt_to_wan = Rule::new(&forward)?.iface("eth0")?.oface("ppp0")?.accept(); batch.add(&allow_mgmt_to_wan, MsgType::Add); @@ -219,6 +222,12 @@ fn filter() -> Result<()> { .accept(); batch.add(&allow_mgmt_to_wan6in4, MsgType::Add); + let allow_trusted_to_modem = Rule::new(&forward)? + .iface("eth0.10")? + .oface("eth1")? + .accept(); + batch.add(&allow_trusted_to_modem, MsgType::Add); + let allow_trusted_to_wan = Rule::new(&forward)? .iface("eth0.10")? .oface("ppp0")? -- cgit v1.2.3