net/fwknop/patches/001-fix_config.patch

   1 --- a/server/fwknopd.conf
   2 +++ b/server/fwknopd.conf
   3 @@ -30,7 +30,12 @@
   4  # Define the ethernet interface on which we will sniff packets.
   5  # Default if not set is eth0.
   6  #
   7 -#PCAP_INTF                   eth0;
   8 +
   9 +# The following line is changed specifically for Openwrt.
  10 +# Openwrt defaults to using eth1 as its wan port. If using PPPoE,
  11 +# Then this needs to be set to pppoe-wan.
  12 +
  13 +PCAP_INTF                   eth1;
  14
  15  # By default fwknopd does not put the pcap interface into promiscuous mode.
  16  # Set this to 'Y' to enable promiscuous sniffing.
  17 @@ -239,8 +244,13 @@
  18  # The IPT_FORWARD_ACCESS variable is only used if ENABLE_IPT_FORWARDING is
  19  # enabled.
  20  #
  21 -#IPT_FORWARD_ACCESS      ACCEPT, filter, FORWARD, 1, FWKNOP_FORWARD, 1;
  22 -#IPT_DNAT_ACCESS         DNAT, nat, PREROUTING, 1, FWKNOP_PREROUTING, 1;
  23 +
  24 +# These two lines are changed specifically for Openwrt, due to
  25 +# different naming conventions. IPT_FORWARD is still disabled
  26 +# by default, and must be enabled earlier in this file to be used.
  27 +
  28 +IPT_FORWARD_ACCESS      ACCEPT, filter, zone_wan_forward, 1, FWKNOP_FORWARD, 1;
  29 +IPT_DNAT_ACCESS         DNAT, nat, zone_wan_prerouting, 1, FWKNOP_PREROUTING, 1;
  30
  31  # The IPT_SNAT_ACCESS variable is not used unless both ENABLE_IPT_SNAT and
  32  # ENABLE_IPT_FORWARDING are enabled.  Also, the external static IP must be