From 583dc69961c187d3f39b73e219b455275e0ee168 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Maciej=20Kr=C3=BCger?= <mkg20001@gmail.com>
Date: Fri, 17 Jun 2022 08:52:37 +0200
Subject: [PATCH] gluon-l3roamd: add firewall rules

---
 .../lib/gluon/upgrade/320-firewall-l3roamd    | 20 +++++++++++++++++++
 1 file changed, 20 insertions(+)

diff --git a/package/gluon-l3roamd/luasrc/lib/gluon/upgrade/320-firewall-l3roamd b/package/gluon-l3roamd/luasrc/lib/gluon/upgrade/320-firewall-l3roamd
index b1b288446..e69a9d774 100755
--- a/package/gluon-l3roamd/luasrc/lib/gluon/upgrade/320-firewall-l3roamd
+++ b/package/gluon-l3roamd/luasrc/lib/gluon/upgrade/320-firewall-l3roamd
@@ -1,6 +1,26 @@
 #!/usr/bin/lua
+
 local uci = require('simple-uci').cursor()
 
+uci:section('firewall', 'zone', 'l3roamd', {
+	name = 'l3roamd',
+	input = 'ACCEPT',
+	output = 'ACCEPT',
+	forward = 'REJECT',
+	device = 'l3roam+',
+	log = '1',
+})
+
+uci:section('firewall', 'forwarding', 'flc', {
+	src = 'l3roamd',
+	dest = 'loc_client',
+})
+
+uci:section('firewall', 'forwarding', 'fcl', {
+	src = 'loc_client',
+	dest = 'l3roamd',
+})
+
 uci:section('firewall', 'rule',  'mesh_l3roamd', {
 	name = 'mesh_l3roamd',
 	src = 'mesh',
-- 
GitLab