]> git.ipfire.org Git - ipfire-2.x.git/commitdiff
projects / ipfire-2.x.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 8139398)
Forward Firewall: adapted initscripts/firewall and wirelessctrl.c
authorAlexander Marx <amarx@ipfire.org>
Thu, 10 Jan 2013 11:55:56 +0000 (12:55 +0100)
committerMichael Tremer <michael.tremer@ipfire.org>
Fri, 9 Aug 2013 12:08:09 +0000 (14:08 +0200)
Now the Wirelesschains should work with new firewall.

src/initscripts/init.d/firewall patch | blob | blame | history
src/misc-progs/wirelessctrl.c patch | blob | blame | history

diff --git a/src/initscripts/init.d/firewall b/src/initscripts/init.d/firewall
index 66dba642486aa571077f671d7f1dc68fe193b54d..225d4827cf021f03346b5e2ec0e4fe21e7289786 100644 (file)
--- a/src/initscripts/init.d/firewall
+++ b/src/initscripts/init.d/firewall
@@ -226,7 +226,7 @@ case "$1" in
        /sbin/iptables -N WIRELESSINPUT
        /sbin/iptables -A INPUT -m state --state NEW -j WIRELESSINPUT
        /sbin/iptables -N WIRELESSFORWARD
-       /sbin/iptables -A FORWARDFW -m state --state NEW -j WIRELESSFORWARD
+       /sbin/iptables -A FORWARD -m state --state NEW -j WIRELESSFORWARD
 
        # OPenSSL
        /sbin/iptables -N OPENSSLPHYSICAL
diff --git a/src/misc-progs/wirelessctrl.c b/src/misc-progs/wirelessctrl.c
index be6f967c48b5ea3158d806e0efdee07d250f888d..90f602d5f4d7eb38d0e862c3fac54fed70f043a8 100644 (file)
--- a/src/misc-progs/wirelessctrl.c
+++ b/src/misc-progs/wirelessctrl.c
@@ -156,8 +156,8 @@ int main(void)
                                                                        safe_system(command);
                                                                        snprintf(command, STRING_SIZE-1, "/sbin/iptables -A WIRELESSFORWARD -m mac --mac-source %s -s %s -i %s ! -o %s -j ACCEPT", macaddress, ipaddress, blue_dev, green_dev);
                                                                        safe_system(command);
-                                                                       /*snprintf(command, STRING_SIZE-1, "/sbin/iptables -A WIRELESSFORWARD -m mac --mac-source %s -s %s -i %s -j DMZHOLES", macaddress, ipaddress, blue_dev);
-                                                                       safe_system(command);*/
+                                                                       snprintf(command, STRING_SIZE-1, "/sbin/iptables -A WIRELESSFORWARD -m mac --mac-source %s -s %s -i %s -j FORWARDFW", macaddress, ipaddress, blue_dev);
+                                                                       safe_system(command);
                                                        } else {
 
                                                                        /* correctly formed mac address is 17 chars */
@@ -166,8 +166,8 @@ int main(void)
                                                                                                        safe_system(command);
                                                                                                        snprintf(command, STRING_SIZE-1, "/sbin/iptables -A WIRELESSFORWARD -m mac --mac-source %s -i %s ! -o %s -j ACCEPT", macaddress, blue_dev, green_dev);
                                                                                                        safe_system(command);
-                                                                                                       /*snprintf(command, STRING_SIZE-1, "/sbin/iptables -A WIRELESSFORWARD -m mac --mac-source %s -i %s -j DMZHOLES", macaddress, blue_dev);
-                                                                                                       safe_system(command);*/
+                                                                                                       snprintf(command, STRING_SIZE-1, "/sbin/iptables -A WIRELESSFORWARD -m mac --mac-source %s -i %s -j FORWARDFW", macaddress, blue_dev);
+                                                                                                       safe_system(command);
                                                                        }
 
                                                                        if (VALID_IP_AND_MASK(ipaddress)) {
@@ -175,8 +175,8 @@ int main(void)
                                                                                                        safe_system(command);
                                                                                                        snprintf(command, STRING_SIZE-1, "/sbin/iptables -A WIRELESSFORWARD -s %s -i %s ! -o %s -j ACCEPT", ipaddress, blue_dev, green_dev);
                                                                                                        safe_system(command);
-                                                                                                       /*snprintf(command, STRING_SIZE-1, "/sbin/iptables -A WIRELESSFORWARD -s %s -i %s -j DMZHOLES", ipaddress, blue_dev);
-                                                                                                       safe_system(command);*/
+                                                                                                       snprintf(command, STRING_SIZE-1, "/sbin/iptables -A WIRELESSFORWARD -s %s -i %s -j FORWARDFW", ipaddress, blue_dev);
+                                                                                                       safe_system(command);
                                                                        }
                                                        }
                                                        }
IPFire 2.x development tree