]> git.ipfire.org Git - people/pmueller/ipfire-2.x.git/blobdiff - src/initscripts/system/firewall
projects / people / pmueller / ipfire-2.x.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Merge remote-tracking branch 'stevee/next-suricata' into next
[people/pmueller/ipfire-2.x.git] / src / initscripts / system / firewall
diff --git a/src/initscripts/system/firewall b/src/initscripts/system/firewall
index f738757d7a500cef1d6a49a9705094593238ee44..be6c9169f36ff42c125e860b8d9be87c88663a4b 100644 (file)
--- a/src/initscripts/system/firewall
+++ b/src/initscripts/system/firewall
@@ -300,9 +300,11 @@ iptables_init() {
        iptables -N OVPNINPUT
        iptables -A INPUT -j OVPNINPUT
 
-       # Tor
+       # Tor (inbound and outbound)
        iptables -N TOR_INPUT
        iptables -A INPUT -j TOR_INPUT
+       iptables -N TOR_OUTPUT
+       iptables -A OUTPUT -j TOR_OUTPUT
        
        # Jump into the actual firewall ruleset.
        iptables -N INPUTFW
@@ -366,8 +368,8 @@ iptables_init() {
        iptables -t nat -N REDNAT
        iptables -t nat -A POSTROUTING -j REDNAT
 
-       # Populate IPsec block chain
-       /usr/lib/firewall/ipsec-block
+       # Populate IPsec chains
+       /usr/lib/firewall/ipsec-policy
 
        # Apply OpenVPN firewall rules
        /usr/local/bin/openvpnctrl --firewall-rules
Peter's tree of IPFire 2.x