From 507954d9480485740c00ca79164e05e8ad0cc18c Mon Sep 17 00:00:00 2001 From: Arne Fitzenreiter Date: Mon, 21 Dec 2009 02:38:05 +0100 Subject: [PATCH 1/1] Change name of IPSECPOSTROUTING to IPSECNAT. --- src/initscripts/init.d/firewall | 4 ++-- src/patches/openswan-2.6.23-updown-add_ipfire-snat.patch | 8 ++++---- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/src/initscripts/init.d/firewall b/src/initscripts/init.d/firewall index 1f400ad478..1cd2009399 100644 --- a/src/initscripts/init.d/firewall +++ b/src/initscripts/init.d/firewall @@ -167,8 +167,8 @@ case "$1" in /sbin/iptables -A INPUT -j OPENSSLVIRTUAL -m comment --comment "OPENSSLVIRTUAL INPUT" /sbin/iptables -A FORWARD -j IPSECVIRTUAL -m comment --comment "IPSECVIRTUAL FORWARD" /sbin/iptables -A FORWARD -j OPENSSLVIRTUAL -m comment --comment "OPENSSLVIRTUAL FORWARD" - /sbin/iptables -t nat -N IPSECPOSTROUTING - /sbin/iptables -t nat -A POSTROUTING -j IPSECPOSTROUTING + /sbin/iptables -t nat -N IPSECNAT + /sbin/iptables -t nat -A POSTROUTING -j IPSECNAT # Outgoing Firewall /sbin/iptables -A FORWARD -j OUTGOINGFW diff --git a/src/patches/openswan-2.6.23-updown-add_ipfire-snat.patch b/src/patches/openswan-2.6.23-updown-add_ipfire-snat.patch index 20f85605c5..1663bbe709 100644 --- a/src/patches/openswan-2.6.23-updown-add_ipfire-snat.patch +++ b/src/patches/openswan-2.6.23-updown-add_ipfire-snat.patch @@ -9,13 +9,13 @@ + +case "$PLUTO_VERB" in +"route-client") -+ logger -t "ipsec_updown" "iptables -t nat -A IPSECPOSTROUTING -o $PLUTO_INTERFACE -s $PLUTO_ME -d $PLUTO_PEER_CLIENT -j SNAT --to $src" -+ /sbin/iptables -t nat -A IPSECPOSTROUTING -o $PLUTO_INTERFACE -s $PLUTO_ME -d $PLUTO_PEER_CLIENT -j SNAT --to $src ++ logger -t "ipsec_updown" "iptables -t nat -A IPSECNAT -o $PLUTO_INTERFACE -s $PLUTO_ME -d $PLUTO_PEER_CLIENT -j SNAT --to $src" ++ /sbin/iptables -t nat -A IPSECNAT -o $PLUTO_INTERFACE -s $PLUTO_ME -d $PLUTO_PEER_CLIENT -j SNAT --to $src + ;; + +"unroute-client") -+ logger -t "ipsec_updown" "iptables -t nat -D IPSECPOSTROUTING -o $PLUTO_INTERFACE -s $PLUTO_ME -d $PLUTO_PEER_CLIENT -j SNAT --to $src" -+ /sbin/iptables -t nat -D IPSECPOSTROUTING -o $PLUTO_INTERFACE -s $PLUTO_ME -d $PLUTO_PEER_CLIENT -j SNAT --to $src ++ logger -t "ipsec_updown" "iptables -t nat -D IPSECNAT -o $PLUTO_INTERFACE -s $PLUTO_ME -d $PLUTO_PEER_CLIENT -j SNAT --to $src" ++ /sbin/iptables -t nat -D IPSECNAT -o $PLUTO_INTERFACE -s $PLUTO_ME -d $PLUTO_PEER_CLIENT -j SNAT --to $src + ;; +esac + -- 2.39.2