This is not necessary and gets in the way if users have SNAT rules or
other things that make the check be in the wrong place.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
local subnet="${1}"
local action="${2}"
+ # Nothing to be done if no action is requested
+ if [ "${action}" = "none" ]; then
+ return 0
+ fi
+
# Don't block a wildcard subnet
if [ "${subnet}" = "0.0.0.0/0" ] || [ "${subnet}" = "0.0.0.0/0.0.0.0" ]; then
return 0
case "${route}" in
route)
- action="drop"
+ action="none"
;;
*)
action="reject"
srv/web/ipfire/cgi-bin/traffic.cgi
srv/web/ipfire/cgi-bin/vpnmain.cgi
srv/web/ipfire/html/images/apple.png
+usr/lib/firewall/ipsec-policy
var/ipfire/backup/bin/backup.pl
var/ipfire/countries.pl
var/ipfire/general-functions.pl