Firewall: now it is possible to connect from one ipfire to a green network of another...

Please take care to put this into the docu! One can create DROP rules if
the remote ipfire should NOT be able to connect to the others internal
networks. Therefor you have to take the green interface IP as SOURCE!

diff --git a/src/initscripts/init.d/firewall b/src/initscripts/init.d/firewall
index f23f7f4eb485d78d594ef16ba33aecd39d848c48..be0c8b0227a5f22396c7c1522deee0c7d1da014c 100644 (file)
--- a/src/initscripts/init.d/firewall
+++ b/src/initscripts/init.d/firewall
@@ -99,7 +99,7 @@ iptables_init() {
 
        # Block OpenVPN transfer networks
        /sbin/iptables -N OVPNBLOCK
-       for i in INPUT FORWARD OUTPUT; do
+       for i in INPUT FORWARD; do
                /sbin/iptables -A ${i} -j OVPNBLOCK
        done