summaryrefslogtreecommitdiffstats
path: root/src/arm/openwrt_demo/1_buildimage/resources/config/firewall.user
diff options
context:
space:
mode:
Diffstat (limited to 'src/arm/openwrt_demo/1_buildimage/resources/config/firewall.user')
-rw-r--r--src/arm/openwrt_demo/1_buildimage/resources/config/firewall.user9
1 files changed, 9 insertions, 0 deletions
diff --git a/src/arm/openwrt_demo/1_buildimage/resources/config/firewall.user b/src/arm/openwrt_demo/1_buildimage/resources/config/firewall.user
new file mode 100644
index 0000000..ab61136
--- /dev/null
+++ b/src/arm/openwrt_demo/1_buildimage/resources/config/firewall.user
@@ -0,0 +1,9 @@
+# This file is interpreted as shell script.
+# Put your custom iptables rules here, they will
+# be executed with each firewall (re-)start.
+
+# Internal uci firewall chains are flushed and recreated on reload, so
+# put custom rules into the root chains e.g. INPUT or FORWARD or into the
+# special user chains, e.g. input_wan_rule or postrouting_lan_rule.
+iptables -t nat -A POSTROUTING -s 192.168.10.0/24 -o eth0 -m policy --pol ipsec --dir out -j ACCEPT
+iptables -t nat -A POSTROUTING -s 192.168.10.0/24 -o eth0 -j MASQUERADE