diff --git a/ip6t-firewall-gateway b/ip6t-firewall-gateway index cd85a26..16d376c 100755 --- a/ip6t-firewall-gateway +++ b/ip6t-firewall-gateway @@ -3214,20 +3214,20 @@ fi echononl "\t\tSkype for Business Online und Microsoft Teams" if $allow_ms_skype_teams_out \ - && ( [[ ${#ms_skype_teams_udp6_host_arr[@]} -gt 0 ]] && [[ ${#ms_skype_teams_udp_port_arr[@]} -gt 0 ]] ) \ + && ( [[ ${#ms_skype_teams_udp6_host_arr[@]} -gt 0 ]] && [[ ${#ms_skype_teams_udp6_port_arr[@]} -gt 0 ]] ) \ || [[ ${#ms_skype_teams_tcp_port_arr[@]} -gt 0 ]] ; then for _dev in ${ext_if_arr[@]} ; do - if [[ ${#ms_skype_teams_udp6_host_arr[@]} -gt 0 ]] && [[ ${#ms_skype_teams_udp_port_arr[@]} -gt 0 ]] ; then + if [[ ${#ms_skype_teams_udp6_host_arr[@]} -gt 0 ]] && [[ ${#ms_skype_teams_udp6_port_arr[@]} -gt 0 ]] ; then for _host in ${ms_skype_teams_udp6_host_arr[@]} ; do - for _port in ${ms_skype_teams_udp_port_arr[@]} ; do + for _port in ${ms_skype_teams_udp6_port_arr[@]} ; do - $ip6t -A OUTPUT -o $_dev -p udp -d $_host -dport $_port -m conntrack --ctstate NEW -j ACCEPT + $ip6t -A OUTPUT -o $_dev -p udp -d $_host --dport $_port -m conntrack --ctstate NEW -j ACCEPT if $kernel_forward_between_interfaces && ! $permit_local_net_to_inet ; then - $ip6t -A FORWARD -o $_dev -p udp -d $_host -dport $_port -m conntrack --ctstate NEW -j ACCEPT + $ip6t -A FORWARD -o $_dev -p udp -d $_host --dport $_port -m conntrack --ctstate NEW -j ACCEPT fi done @@ -3236,11 +3236,12 @@ if $allow_ms_skype_teams_out \ if [[ ${#ms_skype_teams_tcp_port_arr[@]} -gt 0 ]] ; then + for _port in ${ms_skype_teams_tcp_port_arr[@]} ; do - $ip6t -A OUTPUT -o $_dev -p udp -d $_host -dport $_port -m conntrack --ctstate NEW -j ACCEPT + $ip6t -A OUTPUT -o $_dev -p tcp --dport $_port -m conntrack --ctstate NEW -j ACCEPT if $kernel_forward_between_interfaces && ! $permit_local_net_to_inet ; then - $ip6t -A FORWARD -o $_dev -p udp -d $_host -dport $_port -m conntrack --ctstate NEW -j ACCEPT + $ip6t -A FORWARD -o $_dev -p tcp --dport $_port -m conntrack --ctstate NEW -j ACCEPT fi done diff --git a/ipt-firewall-gateway b/ipt-firewall-gateway index 8fcaeb8..dc3827c 100755 --- a/ipt-firewall-gateway +++ b/ipt-firewall-gateway @@ -3967,20 +3967,20 @@ fi echononl "\t\tSkype for Business Online und Microsoft Teams" if $allow_ms_skype_teams_out \ - && ( [[ ${#ms_skype_teams_udp4_host_arr[@]} -gt 0 ]] && [[ ${#ms_skype_teams_udp_port_arr[@]} -gt 0 ]] ) \ + && ( [[ ${#ms_skype_teams_udp4_host_arr[@]} -gt 0 ]] && [[ ${#ms_skype_teams_udp4_port_arr[@]} -gt 0 ]] ) \ || [[ ${#ms_skype_teams_tcp_port_arr[@]} -gt 0 ]] ; then for _dev in ${ext_if_arr[@]} ; do - if [[ ${#ms_skype_teams_udp4_host_arr[@]} -gt 0 ]] && [[ ${#ms_skype_teams_udp_port_arr[@]} -gt 0 ]] ; then + if [[ ${#ms_skype_teams_udp4_host_arr[@]} -gt 0 ]] && [[ ${#ms_skype_teams_udp4_port_arr[@]} -gt 0 ]] ; then for _host in ${ms_skype_teams_udp4_host_arr[@]} ; do - for _port in ${ms_skype_teams_udp_port_arr[@]} ; do + for _port in ${ms_skype_teams_udp4_port_arr[@]} ; do - $ipt -A OUTPUT -o $_dev -p udp -d $_host -dport $_port -m conntrack --ctstate NEW -j ACCEPT + $ipt -A OUTPUT -o $_dev -p udp -d $_host --dport $_port -m conntrack --ctstate NEW -j ACCEPT if $kernel_activate_forwarding && ! $permit_local_net_to_inet ; then - $ipt -A FORWARD -o $_dev -p udp -d $_host -dport $_port -m conntrack --ctstate NEW -j ACCEPT + $ipt -A FORWARD -o $_dev -p udp -d $_host --dport $_port -m conntrack --ctstate NEW -j ACCEPT fi done @@ -3991,9 +3991,9 @@ if $allow_ms_skype_teams_out \ for _port in ${ms_skype_teams_tcp_port_arr[@]} ; do - $ipt -A OUTPUT -o $_dev -p udp -d $_host -dport $_port -m conntrack --ctstate NEW -j ACCEPT + $ipt -A OUTPUT -o $_dev -p tcp --dport $_port -m conntrack --ctstate NEW -j ACCEPT if $kernel_activate_forwarding && ! $permit_local_net_to_inet ; then - $ipt -A FORWARD -o $_dev -p udp -d $_host -dport $_port -m conntrack --ctstate NEW -j ACCEPT + $ipt -A FORWARD -o $_dev -p tcp --dport $_port -m conntrack --ctstate NEW -j ACCEPT fi done