ipsec-policy: Don't install any block rules for connections with an interface

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

diff --git a/config/firewall/ipsec-policy b/config/firewall/ipsec-policy
index 32d171f353e48f23add9c659eb530bb01b6a19c6..e2048844a837220cfeb282c2ec3a5bbfa403ca5f 100644 (file)
--- a/config/firewall/ipsec-policy
+++ b/config/firewall/ipsec-policy
@@ -95,6 +95,9 @@ install_policy() {
                                ;;
                esac
 
+               # Install firewall rules only for interfaces without interface
+               [ -n "${interface_mode}" ] && continue
+
                # Split multiple subnets
                rightsubnets="${rightsubnets//\|/ }"