From 02e29f0239e4114bc850922148792eff5287d2bb Mon Sep 17 00:00:00 2001
From: Michael Tremer <michael.tremer@ipfire.org>
Date: Thu, 21 Mar 2024 16:51:39 +0100
Subject: [PATCH] firewall: Split OpenVPN INPUT chains for RW & N2N

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
---
 src/initscripts/system/firewall | 10 +++++++---
 1 file changed, 7 insertions(+), 3 deletions(-)

diff --git a/src/initscripts/system/firewall b/src/initscripts/system/firewall
index 139d94aa0..597519ba7 100644
--- a/src/initscripts/system/firewall
+++ b/src/initscripts/system/firewall
@@ -319,9 +319,13 @@ iptables_init() {
 	iptables -N WIRELESSFORWARD
 	iptables -A FORWARD -m conntrack --ctstate NEW -j WIRELESSFORWARD
 
-	# OpenVPN
-	iptables -N OVPNINPUT
-	iptables -A INPUT -j OVPNINPUT
+	# OpenVPN Roadwarrior
+	iptables -N OVPNINPUTRW
+	iptables -A INPUT -j OVPNINPUTRW
+
+	# OpenVPN N2N
+	iptables -N OVPNINPUTN2N
+	iptables -A INPUT -j OVPNINPUTN2N
 
 	# Tor (outbound)
 	iptables -N TOR_OUTPUT
-- 
2.39.5