077acd8e04
Signed-off-by: Jonathan Bennett <jbscience87@gmail.com> git-svn-id: svn://svn.openwrt.org/openwrt/packages@31824 3c298f89-4303-0410-b956-a3cf2f4a3e73
33 lines
1.3 KiB
Diff
33 lines
1.3 KiB
Diff
--- a/server/fwknopd.conf
|
|
+++ b/server/fwknopd.conf
|
|
@@ -29,7 +29,12 @@
|
|
# Define the ethernet interface on which we will sniff packets.
|
|
# Default if not set is eth0.
|
|
#
|
|
-#PCAP_INTF eth0;
|
|
+
|
|
+# The following line is changed specifically for Openwrt.
|
|
+# Openwrt defaults to using eth1 as its wan port. If using PPPoE,
|
|
+# Then this needs to be set to pppoe-wan.
|
|
+
|
|
+PCAP_INTF eth1;
|
|
|
|
# By default fwknopd does not put the pcap interface into promiscuous mode.
|
|
# Set this to 'Y' to enable promiscuous sniffing.
|
|
@@ -252,8 +257,13 @@
|
|
# The IPT_FORWARD_ACCESS variable is only used if ENABLE_IPT_FORWARDING is
|
|
# enabled.
|
|
#
|
|
-#IPT_FORWARD_ACCESS ACCEPT, filter, FORWARD, 1, FWKNOP_FORWARD, 1;
|
|
-#IPT_DNAT_ACCESS DNAT, nat, PREROUTING, 1, FWKNOP_PREROUTING, 1;
|
|
+
|
|
+# These two lines are changed specifically for Openwrt, due to
|
|
+# different naming conventions. IPT_FORWARD is still disabled
|
|
+# by default, and must be enabled earlier in this file to be used.
|
|
+
|
|
+IPT_FORWARD_ACCESS ACCEPT, filter, zone_wan_forward, 1, FWKNOP_FORWARD, 1;
|
|
+IPT_DNAT_ACCESS DNAT, nat, zone_wan_prerouting, 1, FWKNOP_PREROUTING, 1;
|
|
|
|
# The IPT_SNAT_ACCESS variable is not used unless both ENABLE_IPT_SNAT and
|
|
# ENABLE_IPT_FORWARDING are enabled. Also, the external static IP must be
|