From 6c1cbb8e124a2a98b3144b822c6979ab171e2fd3 Mon Sep 17 00:00:00 2001
From: Simon Rettberg
Date: Fri, 9 Sep 2016 15:37:39 +0200
Subject: [pvs2] Add iptables-helper file so pvs still works when a lecture
 uses firewalling

---
 remote/modules/pvs2/data/opt/openslx/iptables/rules.d/10-pvs | 11 +++++++++++
 1 file changed, 11 insertions(+)
 create mode 100755 remote/modules/pvs2/data/opt/openslx/iptables/rules.d/10-pvs

diff --git a/remote/modules/pvs2/data/opt/openslx/iptables/rules.d/10-pvs b/remote/modules/pvs2/data/opt/openslx/iptables/rules.d/10-pvs
new file mode 100755
index 00000000..a24491fa
--- /dev/null
+++ b/remote/modules/pvs2/data/opt/openslx/iptables/rules.d/10-pvs
@@ -0,0 +1,11 @@
+#!/bin/ash
+
+# Allow PVS ports
+# Control connection - server and client perspective
+iptables -I ipt-helper-INPUT 1 -i br0 -p tcp --dport 5194 -j ACCEPT
+iptables -I ipt-helper-OUTPUT 1 -o br0 -p tcp --dport 5194 -j ACCEPT
+# UDP discovery - server and client perspective
+iptables -I ipt-helper-INPUT 1 -i br0 -p udp --dport 3492 -j ACCEPT
+iptables -I ipt-helper-OUTPUT 1 -o br0 -p udp --dport 3492 -j ACCEPT
+# VNC connection - incoming (client) only - small range as we use -autoport
+iptables -I ipt-helper-INPUT 1 -i br0 -p tcp --dport 54112:54122 -j ACCEPT
-- 
cgit v1.2.3-55-g7522