From 7fba24452da702d2afceffee528a797378dc5c9f Mon Sep 17 00:00:00 2001
From: TommyTran732 <57488583+tommytran732@users.noreply.github.com>
Date: Thu, 17 Sep 2020 04:51:48 -0400
Subject: [PATCH] Allow UDP packets from Cloudflare

Allow UDP to support http3
---
 cloudflare.sh | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/cloudflare.sh b/cloudflare.sh
index 5427e8b..99d7872 100644
--- a/cloudflare.sh
+++ b/cloudflare.sh
@@ -48,6 +48,7 @@ if [ "$lsb_dist" =  "ubuntu" ] || [ "$lsb_dist" =  "debian" ]; then
         for port in "${ports[@]}";
         do
             ufw allow from $ips to any proto tcp port $port
+            ufw allow from $ips to any proto udp port $port
         done
      done
      
@@ -56,6 +57,7 @@ if [ "$lsb_dist" =  "ubuntu" ] || [ "$lsb_dist" =  "debian" ]; then
         for port in "${ports[@]}";
         do
             ufw allow from $ips to any proto tcp port $port
+            ufw allow from $ips to any proto udp port $port
         done
      done
      
@@ -69,6 +71,7 @@ elif [ "$lsb_dist" =  "fedora" ] || [ "$lsb_dist" =  "rhel" ] || [ "$lsb_dist" =
         for port in "${ports[@]}";
         do
           firewall-cmd --permanent --add-rich-rule='rule family="ipv4" source address='"$ips"' port port='"$port"' protocol="tcp" accept'
+          firewall-cmd --permanent --add-rich-rule='rule family="ipv4" source address='"$ips"' port port='"$port"' protocol="udp" accept'
         done
      done
      
@@ -77,6 +80,7 @@ elif [ "$lsb_dist" =  "fedora" ] || [ "$lsb_dist" =  "rhel" ] || [ "$lsb_dist" =
         for port in "${ports[@]}";
         do
           firewall-cmd --permanent --add-rich-rule='rule family="ipv6" source address='"$ips"' port port='"$port"' protocol="tcp" accept'
+          firewall-cmd --permanent --add-rich-rule='rule family="ipv6" source address='"$ips"' port port='"$port"' protocol="udp" accept'
         done
      done
      firewall-cmd --reload