admin/gluetun
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Might fix #82

Browse Source 
- Allow any input traffic on Shadowsocks port if Shadowsocks is enabled
- Allow any input traffic on TinyProxy port if TinyProxy is enabled
This commit is contained in:
Quentin McGaw (desktop)
2020-02-16 23:58:03 +00:00
parent ded635bd56
commit 095623925a
3 changed files with 13 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
internal/firewall/firewall.go
View File

@@ -24,6 +24,7 @@ type Configurator interface {
AddRoutesVia(subnets []net.IPNet, defaultGateway net.IP, defaultInterface string) error
GetDefaultRoute() (defaultInterface string, defaultGateway net.IP, defaultSubnet net.IPNet, err error)
AllowInputTrafficOnPort(device models.VPNDevice, port uint16) error
AllowAnyIncomingOnPort(port uint16) error
}
type configurator struct {

8
internal/firewall/iptables.go
View File

@@ -128,3 +128,11 @@ func (c *configurator) AllowInputTrafficOnPort(device models.VPNDevice, port uin
fmt.Sprintf("-A INPUT -i %s -p udp --dport %d -j ACCEPT", device, port),
})
}
func (c *configurator) AllowAnyIncomingOnPort(port uint16) error {
c.logger.Info("%s: accepting any input traffic on port %d", logPrefix, port)
return c.runIptablesInstructions([]string{
fmt.Sprintf("-A INPUT -p tcp --dport %d -j ACCEPT", port),
fmt.Sprintf("-A INPUT -p udp --dport %d -j ACCEPT", port),
})
}