openvpnctl: Flush BLOCK and SNAT chain when needed.

author Michael Tremer <michael.tremer@ipfire.org>

Wed, 12 Jun 2013 10:50:33 +0000 (12:50 +0200)

committer Alexander Marx <amarx@ipfire.org>

Thu, 8 Aug 2013 05:51:18 +0000 (07:51 +0200)
author Michael Tremer <michael.tremer@ipfire.org>
Wed, 12 Jun 2013 10:50:33 +0000 (12:50 +0200)
committer Alexander Marx <amarx@ipfire.org>
Thu, 8 Aug 2013 05:51:18 +0000 (07:51 +0200)
diff --git a/src/misc-progs/openvpnctrl.c b/src/misc-progs/openvpnctrl.c

index 311b6bf2bf0e98b45cb5f51842716a831dc3906f..576e57fcd081d57d612f92ea4e09bfabe225a155 100644 (file)
--- a/src/misc-progs/openvpnctrl.c
+++ b/src/misc-progs/openvpnctrl.c
@@ -295,6 +295,10 @@ void deleteAllChains(void) {
         deleteChain(OVPNRED);
         deleteChain(OVPNBLUE);
         deleteChain(OVPNORANGE);
+
+       // Only flush chains that are created by the firewall
+       flushChain(OVPNBLOCK);
+       flushChainNAT(OVPNNAT);
  }
  
  void createChainReference(char *chain) {
@@ -454,6 +458,7 @@ void setFirewallRules(void) {
         flushChain(OVPNRED);
         flushChain(OVPNBLUE);
         flushChain(OVPNORANGE);
+       flushChain(OVPNBLOCK);
         flushChainNAT(OVPNNAT);
  
         // set firewall rules
author	Michael Tremer <michael.tremer@ipfire.org>
	Wed, 12 Jun 2013 10:50:33 +0000 (12:50 +0200)
committer	Alexander Marx <amarx@ipfire.org>
	Thu, 8 Aug 2013 05:51:18 +0000 (07:51 +0200)