From afad59affecca98efe58f5a307a85d79c9d2e654 Mon Sep 17 00:00:00 2001
From: Maxb <bittmanmax@gmail.com>
Date: Sun, 16 Apr 2023 16:36:42 -0700
Subject: [PATCH] Update obfsvpn firewall port range

The hopping PT uses a range of tcp ports, so we need to just open that
range.
---
 config/roles/bridge/files/50obfsvpn.firewall | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/config/roles/bridge/files/50obfsvpn.firewall b/config/roles/bridge/files/50obfsvpn.firewall
index e3f3566f..84e8d4d8 100644
--- a/config/roles/bridge/files/50obfsvpn.firewall
+++ b/config/roles/bridge/files/50obfsvpn.firewall
@@ -1,2 +1,2 @@
-allow_port tcp 443
-allow_port udp 443
+allow_port tcp 443 # Normal non-hopping obfsvpn
+add_rule -I base-input -p tcp --match multiport --dports 49152:65535 -j ACCEPT # Port range for hopping
-- 
GitLab