From c0f99754df9ad6cbdc4675d5568ac94a6ede20c3 Mon Sep 17 00:00:00 2001
From: Alexander Marx <amarx@ipfire.org>
Date: Mon, 23 Dec 2013 11:05:04 +0100
Subject: [PATCH] Firewall: now it is possible to connect from one ipfire to a
 green network of another openvpn connected ipfire

Please take care to put this into the docu! One can create DROP rules if
the remote ipfire should NOT be able to connect to the others internal
networks. Therefor you have to take the green interface IP as SOURCE!
---
 src/initscripts/init.d/firewall | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/initscripts/init.d/firewall b/src/initscripts/init.d/firewall
index f23f7f4eb4..be0c8b0227 100644
--- a/src/initscripts/init.d/firewall
+++ b/src/initscripts/init.d/firewall
@@ -99,7 +99,7 @@ iptables_init() {
 
 	# Block OpenVPN transfer networks
 	/sbin/iptables -N OVPNBLOCK
-	for i in INPUT FORWARD OUTPUT; do
+	for i in INPUT FORWARD; do
 		/sbin/iptables -A ${i} -j OVPNBLOCK
 	done
 
-- 
2.39.2