mediatek: update to latest kernel patchset from v4.13-rc

[openwrt/openwrt.git] / target / linux / mediatek / base-files / etc / uci-defaults / 99-firewall

diff --git a/target/linux/mediatek/base-files/etc/uci-defaults/99-firewall b/target/linux/mediatek/base-files/etc/uci-defaults/99-firewall
new file mode 100755 (executable)
index 0000000..9a0dd9b
--- /dev/null
+++ b/target/linux/mediatek/base-files/etc/uci-defaults/99-firewall
@@ -0,0 +1,9 @@
+echo "iptables -t mangle -A FORWARD -i br-lan -o eth1 -p tcp -m mark --mark 0/0x7 -j MARK --set-mark 4/0x7" >> /etc/firewall.user
+echo "iptables -t mangle -A FORWARD -i br-lan -o eth1 -p udp -m mark --mark 0/0x7 -j MARK --set-mark 5/0x7" >> /etc/firewall.user
+echo "iptables -t mangle -A FORWARD -i eth1 -o br-lan -p tcp -m mark --mark 0/0x7 -j MARK --set-mark 4/0x7" >> /etc/firewall.user
+echo "iptables -t mangle -A FORWARD -i eth1 -o br-lan -p udp -m mark --mark 0/0x7 -j MARK --set-mark 5/0x7" >> /etc/firewall.user
+
+echo "iptables -t mangle -A FORWARD -p udp -m mark --mark 0/0xf8 -j MARK --or-mark 0x60" >> /etc/firewall.user
+echo "iptables -t mangle -A FORWARD -p tcp -m mark --mark 0/0xf8 -j MARK --or-mark 0xc0" >> /etc/firewall.user
+
+exit 0