]> git.ipfire.org Git - people/pmueller/ipfire-2.x.git/commitdiff
projects / people / pmueller / ipfire-2.x.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 05d4f13)
openvpnctl: Flush BLOCK and SNAT chain when needed.
authorMichael Tremer <michael.tremer@ipfire.org>
Wed, 12 Jun 2013 10:50:33 +0000 (12:50 +0200)
committerMichael Tremer <michael.tremer@ipfire.org>
Fri, 9 Aug 2013 12:15:28 +0000 (14:15 +0200)
src/misc-progs/openvpnctrl.c patch | blob | blame | history

diff --git a/src/misc-progs/openvpnctrl.c b/src/misc-progs/openvpnctrl.c
index 3a4c6db806c34bcc8be625fd8cca7ae2d57d74e2..95027577eeb47110bccd1cb9881af9f42f78d68a 100644 (file)
--- a/src/misc-progs/openvpnctrl.c
+++ b/src/misc-progs/openvpnctrl.c
@@ -295,6 +295,10 @@ void deleteAllChains(void) {
        deleteChain(OVPNRED);
        deleteChain(OVPNBLUE);
        deleteChain(OVPNORANGE);
+
+       // Only flush chains that are created by the firewall
+       flushChain(OVPNBLOCK);
+       flushChainNAT(OVPNNAT);
 }
 
 void createChainReference(char *chain) {
@@ -458,6 +462,7 @@ void setFirewallRules(void) {
        flushChain(OVPNRED);
        flushChain(OVPNBLUE);
        flushChain(OVPNORANGE);
+       flushChain(OVPNBLOCK);
        flushChainNAT(OVPNNAT);
 
        // set firewall rules
Peter's tree of IPFire 2.x