openvpnctl: Flush BLOCK and SNAT chain when needed.

[people/pmueller/ipfire-2.x.git] / src / misc-progs / openvpnctrl.c

diff --git a/src/misc-progs/openvpnctrl.c b/src/misc-progs/openvpnctrl.c
index 3a4c6db806c34bcc8be625fd8cca7ae2d57d74e2..95027577eeb47110bccd1cb9881af9f42f78d68a 100644 (file)
--- a/src/misc-progs/openvpnctrl.c
+++ b/src/misc-progs/openvpnctrl.c
@@ -295,6 +295,10 @@ void deleteAllChains(void) {
        deleteChain(OVPNRED);
        deleteChain(OVPNBLUE);
        deleteChain(OVPNORANGE);
+
+       // Only flush chains that are created by the firewall
+       flushChain(OVPNBLOCK);
+       flushChainNAT(OVPNNAT);
 }
 
 void createChainReference(char *chain) {
@@ -458,6 +462,7 @@ void setFirewallRules(void) {
        flushChain(OVPNRED);
        flushChain(OVPNBLUE);
        flushChain(OVPNORANGE);
+       flushChain(OVPNBLOCK);
        flushChainNAT(OVPNNAT);
 
        // set firewall rules