From cee542700bac0457929f6afe61e25ec5ca37e72c Mon Sep 17 00:00:00 2001
From: Felix Fietkau <nbd@openwrt.org>
Date: Tue, 22 Mar 2005 13:05:35 +0000
Subject: [PATCH] allow GRE protocol in default firewall settings

SVN-Revision: 416
---
 openwrt/target/default/target_skeleton/etc/init.d/S45firewall | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/openwrt/target/default/target_skeleton/etc/init.d/S45firewall b/openwrt/target/default/target_skeleton/etc/init.d/S45firewall
index 49b9df0004..9bcb11a3f2 100755
--- a/openwrt/target/default/target_skeleton/etc/init.d/S45firewall
+++ b/openwrt/target/default/target_skeleton/etc/init.d/S45firewall
@@ -12,7 +12,8 @@ done
 
 $IPT -t filter -A INPUT -m state --state INVALID -j DROP
 $IPT -t filter -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT 
-$IPT -t filter -A INPUT -p icmp -j ACCEPT 
+$IPT -t filter -A INPUT -p icmp -j ACCEPT
+$IPT -t filter -A INPUT -p 47 -j ACCEPT 	# allow GRE
 $IPT -t filter -A INPUT -i $WAN -p tcp -j REJECT --reject-with tcp-reset 
 $IPT -t filter -A INPUT -i $WAN -j REJECT --reject-with icmp-port-unreachable 
 $IPT -t filter -A FORWARD -m state --state INVALID -j DROP