From: Michael Tremer <michael.tremer@ipfire.org>
Date: Mon, 8 Jul 2013 13:53:30 +0000 (+0200)
Subject: iptables: Cleanup creating SNAT/DNAT chains.
X-Git-Tag: v2.15-beta1~290^2~11^2~21
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=bb12dd7b69825c7dfa88a4353e0bb39d179ae7a2;p=people%2Fms%2Fipfire-2.x.git

iptables: Cleanup creating SNAT/DNAT chains.
---

diff --git a/src/initscripts/init.d/firewall b/src/initscripts/init.d/firewall
index 772701eae1..3f181b1380 100644
--- a/src/initscripts/init.d/firewall
+++ b/src/initscripts/init.d/firewall
@@ -178,17 +178,19 @@ iptables_init() {
 	/sbin/iptables -t nat -A POSTROUTING -j REDNAT
 
 	iptables_red
-		
-	# Custom prerouting chains (for transparent proxy and port forwarding)
+
+	# Custom prerouting chains (for transparent proxy)
 	/sbin/iptables -t nat -N SQUID
 	/sbin/iptables -t nat -A PREROUTING -j SQUID
+
+	# DNAT rules
 	/sbin/iptables -t nat -N NAT_DESTINATION
-	/sbin/iptables -t nat -N NAT_SOURCE
 	/sbin/iptables -t nat -A PREROUTING -j NAT_DESTINATION
-	/sbin/iptables -t nat -I POSTROUTING 3 -j NAT_SOURCE
-	
-	
-	
+
+	# SNAT rules
+	/sbin/iptables -t nat -N NAT_SOURCE
+	/sbin/iptables -t nat -A POSTROUTING -j NAT_SOURCE
+
 	# upnp chain for our upnp daemon
 	/sbin/iptables -t nat -N UPNPFW
 	/sbin/iptables -t nat -A PREROUTING -j UPNPFW