From 5a9c9ff3127e3266b4dd00dd0a57f9774647db27 Mon Sep 17 00:00:00 2001
From: Michael Tremer <michael.tremer@ipfire.org>
Date: Thu, 29 Nov 2018 16:00:52 +0000
Subject: [PATCH] ipsec-policy: Don't install any block rules for connections
 with an interface

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
---
 config/firewall/ipsec-policy | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/config/firewall/ipsec-policy b/config/firewall/ipsec-policy
index 32d171f353..e2048844a8 100644
--- a/config/firewall/ipsec-policy
+++ b/config/firewall/ipsec-policy
@@ -95,6 +95,9 @@ install_policy() {
 				;;
 		esac
 
+		# Install firewall rules only for interfaces without interface
+		[ -n "${interface_mode}" ] && continue
+
 		# Split multiple subnets
 		rightsubnets="${rightsubnets//\|/ }"
 
-- 
2.39.5