My VHF and UHF repeaters are located at different sites. They are connected to a host site by VPN. Because of that, I run IRCDDBGateway at the host site that provides internet connectivity.
When you run a split system like this, IRCDDBGateway is not enabled on each repeater. The host site takes care of routing, etc.
In a configuration like this you must change the firewall rules in Pi-Star. This is accomplished by creating the file "root/ipv4.fw". The main rules file is overwritten during updates. This supplemental file is not changed and is automatically incorporated when updates occur. Mine looks like the following:
iptables -A INPUT -p tcp --dport 20010:20013 -j ACCEPT
iptables -A INPUT -p udp --dport 20010:20013 -j ACCEPT
iptables -A OUTPUT -p tcp --dport 20010:20013 -j ACCEPT
iptables -A OUTPUT -p udp --dport 20010:20013 -j ACCEPT
iptables -t mangle -A POSTROUTING -p udp --dport 20010:20013 -j DSCP --set-dscp 46
iptables -t mangle -A POSTROUTING -p udp --dport 20013:20013 -j DSCP --set-dscp 46
To create this file you run the command "rpi-rw", then create the file. After creating this file, you need to run the command "sudo pistar-firewall", followed by "rpi-ro". This will add these additional rules to iptables.
No comments:
Post a Comment