]> git.ipfire.org Git - ipfire-2.x.git/commitdiff
projects / ipfire-2.x.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (from parent 1: 843ca29)
firewall: fix disable MASQERADE in green only mode.
authorArne Fitzenreiter <arne_f@ipfire.org>
Sun, 1 Nov 2015 10:20:56 +0000 (11:20 +0100)
committerArne Fitzenreiter <arne_f@ipfire.org>
Sun, 1 Nov 2015 10:20:56 +0000 (11:20 +0100)
using MASQERADE_GREEN="off" will not work because "NETWORK_GREEN" is
not correctly defined in green only mode.

Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
src/initscripts/init.d/firewall patch | blob | blame | history

diff --git a/src/initscripts/init.d/firewall b/src/initscripts/init.d/firewall
index 2d462d786d1bf31cb82756d164cac4f7d6bf6abd..66220715306171a167cc6b65121ce73bc1f6fb05 100644 (file)
--- a/src/initscripts/init.d/firewall
+++ b/src/initscripts/init.d/firewall
@@ -352,8 +352,8 @@ iptables_red_up() {
                # Outgoing masquerading (don't masqerade IPSEC (mark 50))
                iptables -t nat -A REDNAT -m mark --mark 50 -o $IFACE -j RETURN
 
-               if [ "$IFACE" = "$GREEN_DEV" ]; then
-                       MASQUERADE_GREEN="off"
+               if [ "${IFACE}" = "${GREEN_DEV}" ]; then
+                       iptables -t nat -A REDNAT -i "${GREEN_DEV}" -o "${IFACE}" -j RETURN
                fi
 
                local NO_MASQ_NETWORKS
IPFire 2.x development tree