Forward Firewall: deleted creation of OVPNFORWARD and the accept rule.

author Alexander Marx <amarx@ipfire.org>

Fri, 1 Mar 2013 09:43:25 +0000 (10:43 +0100)

committer Alexander Marx <amarx@ipfire.org>

Thu, 8 Aug 2013 05:35:28 +0000 (07:35 +0200)
author Alexander Marx <amarx@ipfire.org>
Fri, 1 Mar 2013 09:43:25 +0000 (10:43 +0100)
committer Alexander Marx <amarx@ipfire.org>
Thu, 8 Aug 2013 05:35:28 +0000 (07:35 +0200)
diff --git a/src/misc-progs/openvpnctrl.c b/src/misc-progs/openvpnctrl.c

index e366294b572ab796e54fc6deb196e920af27365d..4b098a696a320419cf966915b74640ca5d3f0bc9 100644 (file)
--- a/src/misc-progs/openvpnctrl.c
+++ b/src/misc-progs/openvpnctrl.c
@@ -255,8 +255,8 @@ void setChainRules(char *chain, char *interface, char *protocol, char *port)
         executeCommand(str);
         sprintf(str, "/sbin/iptables -A %sINPUT -i tun+ -j ACCEPT", chain);
         executeCommand(str);
-       sprintf(str, "/sbin/iptables -A %sFORWARD -i tun+ -j ACCEPT", chain);
-       executeCommand(str);
+       //sprintf(str, "/sbin/iptables -A %sFORWARD -i tun+ -j ACCEPT", chain);
+       //executeCommand(str);
  }
  
  void flushChain(char *chain) {
@@ -264,8 +264,8 @@ void flushChain(char *chain) {
  
         sprintf(str, "/sbin/iptables -F %sINPUT", chain);
         executeCommand(str);
-       sprintf(str, "/sbin/iptables -F %sFORWARD", chain);
-       executeCommand(str);
+       //sprintf(str, "/sbin/iptables -F %sFORWARD", chain);
+       //executeCommand(str);
         safe_system(str);
  }
  
@@ -282,8 +282,8 @@ void deleteChainReference(char *chain) {
         sprintf(str, "/sbin/iptables -D INPUT -j %sINPUT", chain);
         executeCommand(str);
         safe_system(str);
-       sprintf(str, "/sbin/iptables -D FORWARD -j %sFORWARD", chain);
-       executeCommand(str);
+       //sprintf(str, "/sbin/iptables -D FORWARD -j %sFORWARD", chain);
+       //executeCommand(str);
         safe_system(str);
  }
  
@@ -292,8 +292,8 @@ void deleteChain(char *chain) {
  
         sprintf(str, "/sbin/iptables -X %sINPUT", chain);
         executeCommand(str);
-       sprintf(str, "/sbin/iptables -X %sFORWARD", chain);
-       executeCommand(str);
+       //sprintf(str, "/sbin/iptables -X %sFORWARD", chain);
+       //executeCommand(str);
  }
  
  void deleteAllChains(void) {
@@ -313,16 +313,16 @@ void createChainReference(char *chain) {
         char str[STRING_SIZE];
         sprintf(str, "/sbin/iptables -I INPUT %s -j %sINPUT", "14", chain);
         executeCommand(str);
-       sprintf(str, "/sbin/iptables -I FORWARD %s -j %sFORWARD", "12", chain);
-       executeCommand(str);
+       //sprintf(str, "/sbin/iptables -I FORWARD %s -j %sFORWARD", "12", chain);
+       //executeCommand(str);
  }
  
  void createChain(char *chain) {
         char str[STRING_SIZE];
         sprintf(str, "/sbin/iptables -N %sINPUT", chain);
         executeCommand(str);
-       sprintf(str, "/sbin/iptables -N %sFORWARD", chain);
-       executeCommand(str);
+       //sprintf(str, "/sbin/iptables -N %sFORWARD", chain);
+       //executeCommand(str);
  }
  
  void createAllChains(void) {
author	Alexander Marx <amarx@ipfire.org>
	Fri, 1 Mar 2013 09:43:25 +0000 (10:43 +0100)
committer	Alexander Marx <amarx@ipfire.org>
	Thu, 8 Aug 2013 05:35:28 +0000 (07:35 +0200)