commit c7b39d19cab74bcdcbaee8ac6432a88c0fd60c0f
author Will Angley <willangley@google.com> Tue Jan 17 18:10:28 2017 -0500
committer Will Angley <willangley@google.com> Wed Jan 18 16:04:55 2017 -0500
tree 5ac8bfdcdda7abfafc151c6503e2da2fec649649
parent 1bcc8f9410c19ae9006c8e855e0b7d1946e4c236

firewall: allow frobnicast again.

Change-Id: I6814751bb281dd74817ec0d0004ca9adac3dbf9d

fs/skeleton/etc/init.d/firewall

diff --git a/fs/skeleton/etc/init.d/firewall b/fs/skeleton/etc/init.d/firewall
index 77378ba..8261889 100755
--- a/fs/skeleton/etc/init.d/firewall
+++ b/fs/skeleton/etc/init.d/firewall
@@ -167,9 +167,14 @@
       iptables -t nat -N MINIUPNPD
       ip46tables -t nat -N wan-nat
 
-      ip46tables -A INPUT -i wan0+ -j wan-input
-      ip46tables -A FORWARD -i wan0+ -j wan-forward
-      ip46tables -A FORWARD -i br0 -o wan0+ -j ACCEPT
+      for ifc in "wan0+" "frob+"; do
+        ip46tables -A INPUT -i "$ifc" -j wan-input
+        ip46tables -A FORWARD -i "$ifc" -j wan-forward
+        ip46tables -t nat -A PREROUTING -i "$ifc" -j wan-nat
+
+        ip46tables -A FORWARD -i br0 -o "$ifc" -j ACCEPT
+      done
+
       ip46tables -A FORWARD -i br1 -o wan0+ -j captive-portal-guests
       ip46tables -A FORWARD -i br1 -o wan0+ -j captive-portal-filter
 
@@ -181,8 +186,6 @@
       ip46tables -A INPUT -i br1 -j acs-captive-portal-input
       ip46tables -A INPUT -i br1 -j sniproxy-input
 
-      ip46tables -t nat -A PREROUTING -i wan0+ -j wan-nat
-
       # multicast (fiber TV, EAS)
       ip46tables -A wan-input -m pkttype --pkt-type multicast -j ACCEPT
       ip46tables -A wan-forward -m pkttype --pkt-type multicast -j ACCEPT