dan82840 · April 17, 2020 06:03
diff --git a/rogervpn-firewall-setup.sh b/rogervpn-firewall-setup.sh
 #/bin/sh
 #
 # ref: https://gist.github.com/braian87b/64440dec125d2b2f0ddc600c490988db
 #

 # a new network interface for tun:
 uci set network.rogervpn=interface
 uci set network.rogervpn.proto='none' #dhcp #none
 uci set network.rogervpn.ifname='tun0'

 # a new firewall zone (for VPN):
 uci add firewall zone
 uci set firewall.@zone[-1].name='vpn'
 uci set firewall.@zone[-1].input='REJECT'
 uci set firewall.@zone[-1].output='ACCEPT'
 uci set firewall.@zone[-1].forward='REJECT'
 uci set firewall.@zone[-1].masq='1'
 uci set firewall.@zone[-1].mtu_fix='1'
 uci add_list firewall.@zone[-1].network='rogervpn'

 # enable forwarding from LAN to VPN:
 uci add firewall forwarding
 uci set firewall.@forwarding[-1].src='lan'
 uci set firewall.@forwarding[-1].dest='vpn'

 # Finally, you should commit UCI changes:
 uci commit

 /etc/init.d/firewall restart
	#/bin/sh
	#
	# ref: https://gist.github.com/braian87b/64440dec125d2b2f0ddc600c490988db
	#

	# a new network interface for tun:
	uci set network.rogervpn=interface
	uci set network.rogervpn.proto='none' #dhcp #none
	uci set network.rogervpn.ifname='tun0'

	# a new firewall zone (for VPN):
	uci add firewall zone
	uci set firewall.@zone[-1].name='vpn'
	uci set firewall.@zone[-1].input='REJECT'
	uci set firewall.@zone[-1].output='ACCEPT'
	uci set firewall.@zone[-1].forward='REJECT'
	uci set firewall.@zone[-1].masq='1'
	uci set firewall.@zone[-1].mtu_fix='1'
	uci add_list firewall.@zone[-1].network='rogervpn'

	# enable forwarding from LAN to VPN:
	uci add firewall forwarding
	uci set firewall.@forwarding[-1].src='lan'
	uci set firewall.@forwarding[-1].dest='vpn'

	# Finally, you should commit UCI changes:
	uci commit

	/etc/init.d/firewall restart