diff --git a/Shorewall/Perl/Shorewall/Tunnels.pm b/Shorewall/Perl/Shorewall/Tunnels.pm
index 06ecad64e..843164018 100644
--- a/Shorewall/Perl/Shorewall/Tunnels.pm
+++ b/Shorewall/Perl/Shorewall/Tunnels.pm
@@ -132,6 +132,13 @@ sub setup_tunnels() {
add_tunnel_rule $inchainref, p => 'tcp --dport 1723', @$source
}
+ sub setup_one_tinc {
+ my ( $inchainref, $outchainref, $kind, $source, $dest ) = @_;
+
+ add_tunnel_rule $inchainref, p => 'udp --dport 655', @$source;
+ add_tunnel_rule $outchainref, p => 'udp --dport 655', @$dest;
+ }
+
sub setup_one_openvpn {
my ($inchainref, $outchainref, $kind, $source, $dest) = @_;
@@ -154,7 +161,7 @@ sub setup_tunnels() {
}
add_tunnel_rule $inchainref, p => "$protocol --dport $port", @$source;
- add_tunnel_rule $outchainref, p => "$protocol --dport $port", @$dest;;
+ add_tunnel_rule $outchainref, p => "$protocol --dport $port", @$dest;
}
sub setup_one_openvpn_client {
@@ -263,6 +270,7 @@ sub setup_tunnels() {
'6in4' => { function => \&setup_one_other, params => [ \@source, \@dest , 41 ] } ,
'pptpclient' => { function => \&setup_pptp_client, params => [ $kind, \@source, \@dest ] } ,
'pptpserver' => { function => \&setup_pptp_server, params => [ $kind, \@source, \@dest ] } ,
+ 'tinc' => { function => \&setup_one_tinc, params => [ $kind, \@source, \@dest ] } ,
'openvpn' => { function => \&setup_one_openvpn, params => [ $kind, \@source, \@dest ] } ,
'openvpnclient' => { function => \&setup_one_openvpn_client, params => [ $kind, \@source, \@dest ] } ,
'openvpnserver' => { function => \&setup_one_openvpn_server, params => [ $kind, \@source, \@dest ] } ,
diff --git a/Shorewall/manpages/shorewall-tunnels.xml b/Shorewall/manpages/shorewall-tunnels.xml
index 7f31473a2..d47a4e560 100644
--- a/Shorewall/manpages/shorewall-tunnels.xml
+++ b/Shorewall/manpages/shorewall-tunnels.xml
@@ -70,7 +70,8 @@
openvpn - OpenVPN in point-to-point mode
openvpnclient - OpenVPN client runs on the firewall
openvpnserver - OpenVPN server runs on the firewall
- generic - Other tunnel type
+ generic - Other tunnel type
+ tinc - TINC (added in Shorewall 4.6.6)
If the type is ipsec, it may
be followed by :ah to indicate that
@@ -270,6 +271,19 @@
generic:udp:4444 net 4.3.99.124
+
+
+ Example 9:
+
+
+ TINC tunnel where the remote gateways are not specified. If
+ you wish to specify a list of gateways, you can do so in the GATEWAY
+ column.
+
+ #TYPE ZONE GATEWAY GATEWAY ZONES
+ tinc net 0.0.0.0/0
+
+
diff --git a/Shorewall6/manpages/shorewall6-tunnels.xml b/Shorewall6/manpages/shorewall6-tunnels.xml
index 7ff7766ab..0ea8180ab 100644
--- a/Shorewall6/manpages/shorewall6-tunnels.xml
+++ b/Shorewall6/manpages/shorewall6-tunnels.xml
@@ -65,7 +65,8 @@
openvpn - OpenVPN in point-to-point mode
openvpnclient - OpenVPN client runs on the firewall
openvpnserver - OpenVPN server runs on the firewall
- generic - Other tunnel type
+ generic - Other tunnel type
+ tinc - TINC (added in Shorewall 4.6.6)
If the type is ipsec, it may
be followed by :ah to indicate that
@@ -229,6 +230,19 @@
generic:udp:4444 net 2001:cec792b4:1::44
+
+
+ Example 9:
+
+
+ TINC tunnel where the remote gateways are not specified. If
+ you wish to specify a list of gateways, you can do so in the GATEWAY
+ column.
+
+ #TYPE ZONE GATEWAY GATEWAY ZONES
+ tinc net ::/0
+
+