Skip to content
Permalink
Browse files

rc: firewall: define VUPNP and PUPNP chains in default nat_rules

Otherwise, a router booting and staying in redirect mode due to
failing WAN would fail to configure the default redirection rules.
  • Loading branch information...
RMerl committed Jun 12, 2019
1 parent 4520e3f commit 4e9181553253e6028ebd68678c41002d1d438025
Showing with 6 additions and 2 deletions.
  1. +6 −2 release/src/router/rc/firewall.c
@@ -1204,7 +1204,9 @@ void redirect_nat_setting(void)
fprintf(fp, "*nat\n"
":PREROUTING ACCEPT [0:0]\n"
":POSTROUTING ACCEPT [0:0]\n"
":OUTPUT ACCEPT [0:0]\n");
":OUTPUT ACCEPT [0:0]\n"
":PUPNP - [0:0]\n"
":VUPNP - [0:0]\n");
#ifdef RTCONFIG_WIFI_SON
if(sw_mode() == SW_MODE_AP && nvram_match("cfg_master", "1")){
fprintf(fp, "-A PREROUTING -p udp --dport 53 -i %s -j DNAT --to-destination %s:53\n",BR_GUEST, APMODE_BRGUEST_IP);
@@ -1238,7 +1240,9 @@ void repeater_nat_setting(){
fprintf(fp, "*nat\n"
":PREROUTING ACCEPT [0:0]\n"
":POSTROUTING ACCEPT [0:0]\n"
":OUTPUT ACCEPT [0:0]\n");
":OUTPUT ACCEPT [0:0]\n"
":PUPNP - [0:0]\n"
":VUPNP - [0:0]\n");

fprintf(fp, "-A PREROUTING -d 10.0.0.1 -p tcp --dport 80 -j DNAT --to-destination %s:%d\n", lan_ip, lan_port);
fprintf(fp, "-A PREROUTING -d %s -p tcp --dport 80 -j DNAT --to-destination %s:%d\n", nvram_default_get("lan_ipaddr"), lan_ip, lan_port);

0 comments on commit 4e91815

Please sign in to comment.
You can’t perform that action at this time.