Fixed Outgoing FW ignoring Log Option in Mode1

[people/pmueller/ipfire-2.x.git] / config / outgoingfw / outgoingfw.pl

diff --git a/config/outgoingfw/outgoingfw.pl b/config/outgoingfw/outgoingfw.pl
index 482a963dda43f257f2e9b4285e15bd9aca5b7b18..15aaf012373870e3b065fb3fa0dd9a3f59799f11 100644 (file)
--- a/config/outgoingfw/outgoingfw.pl
+++ b/config/outgoingfw/outgoingfw.pl
@@ -213,6 +213,15 @@ if ($P2PSTRING) {
 }
 
 if ( $outfwsettings{'POLICY'} eq 'MODE1' ) {
+        if ( $outfwsettings{'MODE1LOG'} eq 'on' ) {
+                       $CMD = "/sbin/iptables -A OUTGOINGFW -o $netsettings{'RED_DEV'} -m limit --limit 10/minute -j LOG --log-prefix 'OUTGOINGFW '";
+               if ($DEBUG) {
+                       print "$CMD\n";
+               } else {
+                       system("$CMD");
+               }
+        }
+
        $CMD = "/sbin/iptables -A OUTGOINGFW -o $netsettings{'RED_DEV'} -j DROP -m comment --comment 'DROP_OUTGOINGFW'";
        if ($DEBUG) {
                print "$CMD\n";