From d9b78f72ce932fff58c4b031f35f8722d8dbae33 Mon Sep 17 00:00:00 2001
From: Ian Kelling <ian@iankelling.org>
Date: Sun, 7 Aug 2016 20:35:02 -0700
Subject: [PATCH] update firewall rules for http server

---
 wrt-disabled-firewall-rules | 42 -------------------------------------
 wrt-setup                   | 27 ++++++++++++++++++++++++
 2 files changed, 27 insertions(+), 42 deletions(-)

diff --git a/wrt-disabled-firewall-rules b/wrt-disabled-firewall-rules
index 18630cd..a0041d7 100644
--- a/wrt-disabled-firewall-rules
+++ b/wrt-disabled-firewall-rules
@@ -3,20 +3,6 @@ firewall rules, temporarily disabled until I get them working
 
 #### begin port forwarding rules ####
       # each port forward needs corresponding forward in the vpn server
-config redirect
-    option name ssh
-    option src              wan
-    # example of  using a non-standard port
-    # and comment out the 22 port line
-    #   option src_dport        63321
-    #   option dest_port        22  # already default
-    option src_dport        22
-    option dest_ip          192.168.1.2
-    option dest             lan
-config rule
-    option src              wan
-    option target           ACCEPT
-    option dest_port        22
 
 
 config redirect
@@ -71,32 +57,4 @@ config rule
 
 
 
-# http server
-      # for https
-      # config redirect
-      #        option src              wan
-      #        option src_dport        443
-      #        option dest             lan
-      #        option dest_ip          192.168.1.2
-      #        option proto            tcp
-
-      # config rule
-      #        option src              wan
-      #        option target           ACCEPT
-      #        option dest_port        443
-      #        option proto            tcp
-
-      # config redirect
-      #        option src                      wan
-      #        option src_dport        80
-      #        option dest                     lan
-      #        option dest_ip          192.168.1.2
-      #        option proto            tcp
-
-      # config rule
-      #        option src              wan
-      #        option target           ACCEPT
-      #        option dest_port        80
-      #        option proto            tcp
-
 #### end port forwarding rules ####
diff --git a/wrt-setup b/wrt-setup
index 4d208c0..044bf82 100755
--- a/wrt-setup
+++ b/wrt-setup
@@ -169,6 +169,33 @@ config rule
     option src              wan
     option target           ACCEPT
     option dest_port        22
+
+
+#http/https
+config redirect
+       option src              wan
+       option src_dport        443
+       option dest             lan
+       option dest_ip          192.168.1.2
+       option proto            tcp
+config rule
+       option src              wan
+       option target           ACCEPT
+       option dest_port        443
+       option proto            tcp
+
+config redirect
+       option src              wan
+       option src_dport        80
+       option dest             lan
+       option dest_ip          192.168.1.2
+       option proto            tcp
+config rule
+       option src              wan
+       option target           ACCEPT
+       option dest_port        80
+       option proto            tcp
+
 EOF
 
 
-- 
2.30.2