diff --git a/ip6t-firewall-gateway b/ip6t-firewall-gateway index 76b203d..cfdb4ea 100755 --- a/ip6t-firewall-gateway +++ b/ip6t-firewall-gateway @@ -2841,6 +2841,7 @@ if [[ ${#pcns_server_ip_arr[@]} -gt 0 ]] && [[ -n "$usv_ip" ]] ; then for _ip in ${pcns_server_ip_arr[@]} ; do if containsElement "$_ip" "${gateway_ipv6_address_arr[@]}" ; then + $ip6t -A OUTPUT -p tcp -s $_ip -d $usv_ip -m multiport --dports $http_ports -m conntrack --ctstate NEW -j ACCEPT $ip6t -A INPUT -p tcp -s $usv_ip --dport $pcns_tcp_port -m conntrack --ctstate NEW -j ACCEPT $ip6t -A INPUT -p udp -s $usv_ip --dport $pcns_udp_port -m conntrack --ctstate NEW -j ACCEPT $ip6t -A INPUT -p tcp --dport $pcns_web_port -m conntrack --ctstate NEW -j ACCEPT diff --git a/ipt-firewall-gateway b/ipt-firewall-gateway index ccbd2e5..cb7c4f0 100755 --- a/ipt-firewall-gateway +++ b/ipt-firewall-gateway @@ -3554,12 +3554,14 @@ if [[ ${#pcns_server_ip_arr[@]} -gt 0 ]] && [[ -n "$usv_ip" ]] ; then for _ip in ${pcns_server_ip_arr[@]} ; do if containsElement "$_ip" "${gateway_ipv4_address_arr[@]}" ; then + $ipt -A OUTPUT -p tcp -s $_ip -d $usv_ip -m multiport --dports $http_ports -m conntrack --ctstate NEW -j ACCEPT $ipt -A INPUT -p tcp -s $usv_ip --dport $pcns_tcp_port -m conntrack --ctstate NEW -j ACCEPT $ipt -A INPUT -p udp -s $usv_ip --dport $pcns_udp_port -m conntrack --ctstate NEW -j ACCEPT $ipt -A INPUT -p tcp --dport $pcns_web_port -m conntrack --ctstate NEW -j ACCEPT fi if $kernel_activate_forwarding && ! $permit_between_local_networks ; then + $ipt -A FORWARD -p tcp -s $_ip -d $usv_ip -m multiport --dports $http_ports -m conntrack --ctstate NEW -j ACCEPT $ipt -A FORWARD -p tcp -s $usv_ip -d $_ip --dport $pcns_tcp_port -m conntrack --ctstate NEW -j ACCEPT $ipt -A FORWARD -p udp -s $usv_ip -d $_ip --dport $pcns_udp_port -m conntrack --ctstate NEW -j ACCEPT $ipt -A FORWARD -p tcp -d $_ip --dport $pcns_web_port -m conntrack --ctstate NEW -j ACCEPT