From 6bcd9b92d494f29de0d5d2bc41643d2d35ffc530 Mon Sep 17 00:00:00 2001
From: Matthias Schiffer <mschiffer@universe-factory.net>
Date: Tue, 28 Apr 2015 05:25:56 +0200
Subject: [PATCH] gluon-announced: allow announced queries on WAN (if
 mesh-on-wan is enabled)

---
 .../lib/gluon/upgrade/400-announced-firewall   | 18 ++++++++++++++++++
 1 file changed, 18 insertions(+)
 create mode 100755 package/gluon-announced/files/lib/gluon/upgrade/400-announced-firewall

diff --git a/package/gluon-announced/files/lib/gluon/upgrade/400-announced-firewall b/package/gluon-announced/files/lib/gluon/upgrade/400-announced-firewall
new file mode 100755
index 00000000..77acb1b9
--- /dev/null
+++ b/package/gluon-announced/files/lib/gluon/upgrade/400-announced-firewall
@@ -0,0 +1,18 @@
+#!/usr/bin/lua
+
+local uci = require('luci.model.uci').cursor()
+
+-- Allow announced port on WAN to allow resolving neighbours over mesh-on-wan
+uci:section('firewall', 'rule', 'wan_announced',
+  {
+    name = 'wan_announced',
+    src = 'wan',
+    src_ip = 'fe80::/64',
+    dest_port = '1001',
+    proto = 'udp',
+    target = 'ACCEPT',
+  }
+)
+
+uci:save('firewall')
+uci:commit('firewall')