Remove the possibility of commissioning from Cellular for security purposes

author: John Klug <john.klug@multitech.com> 2025-05-21 21:16:03 +0000
committer: John Klug <john.klug@multitech.com> 2025-05-21 21:16:03 +0000
commit: c3b91d44d29b23384f59a0debad906f0de063a18 (patch)
tree: 6f1f46f7ca08bcbfb3b64b0afae4e1cafaf4513e /usr/libexec/commission/nfon.sh
parent: de5d5585f1db309b4faf4167b6e7965748649bb6 (diff)
download: commissioning-c3b91d44d29b23384f59a0debad906f0de063a18.tar.gz
commissioning-c3b91d44d29b23384f59a0debad906f0de063a18.tar.bz2
commissioning-c3b91d44d29b23384f59a0debad906f0de063a18.zip
1 files changed, 6 insertions, 0 deletions
diff --git a/usr/libexec/commission/nfon.sh b/usr/libexec/commission/nfon.sh
new file mode 100755
index 0000000..92d3cb2
--- /dev/null
+++ b/usr/libexec/commission/nfon.sh
@@ -0,0 +1,6 @@
+#!/bin/bash
+nft add table inet filter
+nft add chain inet filter input { type filter hook input priority 0 \; }
+nft add rule inet filter input iifname "wwan0" drop
+echo 'Blocking wwan0 in commissioning mode'
+nft -a list table inet filter
author	John Klug <john.klug@multitech.com>	2025-05-21 21:16:03 +0000
committer	John Klug <john.klug@multitech.com>	2025-05-21 21:16:03 +0000
commit	c3b91d44d29b23384f59a0debad906f0de063a18 (patch)
tree	6f1f46f7ca08bcbfb3b64b0afae4e1cafaf4513e /usr/libexec/commission/nfon.sh
parent	de5d5585f1db309b4faf4167b6e7965748649bb6 (diff)
download	commissioning-c3b91d44d29b23384f59a0debad906f0de063a18.tar.gz commissioning-c3b91d44d29b23384f59a0debad906f0de063a18.tar.bz2 commissioning-c3b91d44d29b23384f59a0debad906f0de063a18.zip