From b44c69f9add94341bc41a1ab4a501b98e215a407 Mon Sep 17 00:00:00 2001
From: Daniel Landau <daniel@landau.fi>
Date: Mon, 29 Jun 2020 09:44:39 +0300
Subject: [PATCH] Enable Ethernet access

Fixes https://github.com/piwebcam/PiWebcam/issues/34
---
 PiWebcam/PiWebcam.sh | 20 +++++++++++++-------
 1 file changed, 13 insertions(+), 7 deletions(-)

diff --git a/PiWebcam/PiWebcam.sh b/PiWebcam/PiWebcam.sh
index 910abd3..d0eb50c 100644
--- a/PiWebcam/PiWebcam.sh
+++ b/PiWebcam/PiWebcam.sh
@@ -1204,13 +1204,19 @@ function configure_network {
 	# allow only specific inbound connections
 	iptables -F
 	iptables -A INPUT -i lo -j ACCEPT
-	iptables -A INPUT -i $IFACE -p tcp -m tcp --dport 22 -j ACCEPT
-	iptables -A INPUT -i $IFACE -p tcp -m tcp --dport 80 -j ACCEPT
-	iptables -A INPUT -i $IFACE -p icmp -j ACCEPT
-	iptables -A INPUT -i $IFACE -p udp --dport 67:68 --sport 67:68 -j ACCEPT
-	iptables -A INPUT -i $IFACE -p udp --dport 5353 -j ACCEPT
-	iptables -A INPUT -i $IFACE -p udp --dport 53 -j ACCEPT
-	iptables -A INPUT -i $IFACE -m state --state RELATED,ESTABLISHED -j ACCEPT
+  IFACE_OLD=$IFACE
+  # TODO: What if the user wants to access over VPN?
+  for IFACE in wlan0 eth0
+  do
+    iptables -A INPUT -i $IFACE -p tcp -m tcp --dport 22 -j ACCEPT
+    iptables -A INPUT -i $IFACE -p tcp -m tcp --dport 80 -j ACCEPT
+    iptables -A INPUT -i $IFACE -p icmp -j ACCEPT
+    iptables -A INPUT -i $IFACE -p udp --dport 67:68 --sport 67:68 -j ACCEPT
+    iptables -A INPUT -i $IFACE -p udp --dport 5353 -j ACCEPT
+    iptables -A INPUT -i $IFACE -p udp --dport 53 -j ACCEPT
+    iptables -A INPUT -i $IFACE -m state --state RELATED,ESTABLISHED -j ACCEPT
+  done
+  IFACE=$IFACE_OLD
 	iptables -P INPUT DROP
 	iptables -P OUTPUT ACCEPT
 }