# Check if this a net-to-net connection
[ "${type}" = "net" ] || continue
+ # Install permissions for GRE traffic
+ case "${interface_mode}" in
+ gre)
+ if [ -n "${remote}" ]; then
+ iptables -A IPSECINPUT -p gre \
+ -s "${remote}" -j ACCEPT
+
+ iptables -A IPSECOUTPUT -p gre \
+ -d "${remote}" -j ACCEPT
+ fi
+ ;;
+ esac
+
+ # Install firewall rules only for interfaces without interface
+ [ -n "${interface_mode}" ] && continue
+
# Split multiple subnets
rightsubnets="${rightsubnets//\|/ }"
projects / people / pmueller / ipfire-2.x.git / blobdiff