Initial Commit

Start new branch for development on new 64bit x75 platfom.

Belowx65Toolkit/simplefirewall/.rev

@@ -0,0 +1 @@
+2

Belowx65Toolkit/simplefirewall/simplefirewall.sh

@@ -0,0 +1,16 @@
+#!/bin/bash
+
+# Define the ports you want to block
+PORTS=("80" "443") # Default ports, will be modified by the install script
+
+# First, allow specified ports on bridge0, eth0, and tailscale0
+for port in "${PORTS[@]}"; do
+    iptables -A INPUT -i bridge0 -p tcp --dport $port -j ACCEPT
+    iptables -A INPUT -i eth0 -p tcp --dport $port -j ACCEPT
+    iptables -A INPUT -i tailscale0 -p tcp --dport $port -j ACCEPT
+done
+
+# Then, block specified ports on all other interfaces
+for port in "${PORTS[@]}"; do
+    iptables -A INPUT -p tcp --dport $port -j DROP
+done

Belowx65Toolkit/simplefirewall/systemd/simplefirewall.service

@@ -0,0 +1,11 @@
+[Unit]
+Description=Simple Firewall Setup
+After=network.target
+
+[Service]
+Type=oneshot
+ExecStart=/bin/bash /usrdata/simplefirewall/simplefirewall.sh
+RemainAfterExit=yes
+
+[Install]
+WantedBy=multi-user.target

Belowx65Toolkit/simplefirewall/systemd/ttl-override.service

@@ -0,0 +1,12 @@
+[Unit]
+Description=TTL Override
+After=ql-netd.service
+DefaultDependencies=no
+
+[Service]
+Type=oneshot
+ExecStart=/usrdata/simplefirewall/ttl-override start
+User=root
+
+[Install]
+WantedBy=multi-user.target

Belowx65Toolkit/simplefirewall/ttl-override

@@ -0,0 +1,53 @@
+#! /bin/bash
+
+# Adapted from https://github.com/natecarlson/quectel-rgmii-configuration-notes/blob/main/files/ttl-override
+# Uses ttlvalue file to read what ttl should be set to
+
+
+if [ -f /usrdata/simplefirewall/ttlvalue ];
+then
+	ttlfile=$(</usrdata/simplefirewall/ttlvalue)
+    TTLVALUE=$(echo $ttlfile | grep -o "[0-9]\{1,3\}")
+    
+    if [ -z "${TTLVALUE}" ]; then
+        echo "Couldnt get proper ttl value from file" >&2
+        exit 1
+    fi
+else
+    # Couldnt find ttlvalue file, lets generate one with 0 ttlvalue (0 = disabled)
+    touch /usrdata/simplefirewall/ttlvalue && echo '0' > /usrdata/simplefirewall/ttlvalue
+    exit 1
+fi
+
+case "$1" in
+start)
+    if (( $TTLVALUE > 0 )); then
+        echo "Adding TTL override rules: "
+        iptables -t mangle -I POSTROUTING -o rmnet+ -j TTL --ttl-set ${TTLVALUE}
+        ip6tables -t mangle -I POSTROUTING -o rmnet+ -j HL --hl-set ${TTLVALUE}
+    else
+        echo "TTLVALUE set to 0, nothing to do..."
+    fi
+    echo "done"
+    ;;
+  stop)
+    if (( $TTLVALUE > 0 )); then
+        echo "Removing TTL override rules: "
+        iptables -t mangle -D POSTROUTING -o rmnet+ -j TTL --ttl-set ${TTLVALUE} &>/dev/null || true
+        ip6tables -t mangle -D POSTROUTING -o rmnet+ -j HL --hl-set ${TTLVALUE} &>/dev/null || true
+    else   
+        echo "TTLVALUE set to 0, nothing to do..."
+    fi
+    echo "done"
+    ;;
+  restart)
+    $0 stop
+    $0 start
+    ;;
+  *)
+    echo "Usage ttl-override { start | stop | restart }" >&2
+    exit 1
+    ;;
+esac
+
+exit 0

Belowx65Toolkit/simplefirewall/ttlvalue

@@ -0,0 +1 @@
+0