X-Git-Url: http://git.rohieb.name/openwrt.git/blobdiff_plain/3d007394805916ceb2214bfd7e06d8a4899262c5..4b908797b0d55eafa684bf8fe369f2887e7f257d:/openwrt/package/base-files/default/etc/firewall.user

diff --git a/openwrt/package/base-files/default/etc/firewall.user b/openwrt/package/base-files/default/etc/firewall.user
index 1781bd4ea..5774f0c64 100755
--- a/openwrt/package/base-files/default/etc/firewall.user
+++ b/openwrt/package/base-files/default/etc/firewall.user
@@ -1,5 +1,7 @@
 #!/bin/sh
 . /etc/functions.sh
+. /etc/network.overrides
+[ "$FAILSAFE" != "true" -a -e /etc/config/network ] && . /etc/config/network
 
 WAN=$(nvram get wan_ifname)
 LAN=$(nvram get lan_ifname)
@@ -14,7 +16,7 @@ iptables -t nat -F postrouting_rule
 ### The "-i $WAN" literally means packets that came in over the $WAN interface;
 ### this WILL NOT MATCH packets sent from the LAN to the WAN address.
 
-### Allow SSH from WAN
+### Allow SSH on the WAN interface
 # iptables -t nat -A prerouting_rule -i $WAN -p tcp --dport 22 -j ACCEPT 
 # iptables        -A input_rule      -i $WAN -p tcp --dport 22 -j ACCEPT