From: Michael Tremer <michael.tremer@ipfire.org>
Date: Tue, 9 Mar 2010 21:25:03 +0000 (+0100)
Subject: firewall: Allow all classes of traffic outgoing from orange.
X-Git-Tag: v2.9-beta1~412^2~38
X-Git-Url: http://git.ipfire.org/?p=people%2Fpmueller%2Fipfire-2.x.git;a=commitdiff_plain;h=139a9b4fa189c63c94544a556e593e8c83c07a05

firewall: Allow all classes of traffic outgoing from orange.

Currently only tcp and udp are allowed but why are not
gre, icmp, etc.?!
---

diff --git a/src/initscripts/init.d/firewall b/src/initscripts/init.d/firewall
index bc511832df..55ab624a71 100644
--- a/src/initscripts/init.d/firewall
+++ b/src/initscripts/init.d/firewall
@@ -101,8 +101,7 @@ iptables_red() {
 		# This rule enables a host on ORANGE network to connect to the outside
 		# (only if we have a red connection)
 		if [ "$IFACE" != "" ]; then
-			/sbin/iptables -A REDFORWARD -i $ORANGE_DEV -p tcp -o $IFACE -j ACCEPT
-			/sbin/iptables -A REDFORWARD -i $ORANGE_DEV -p udp -o $IFACE -j ACCEPT
+			/sbin/iptables -A REDFORWARD -i $ORANGE_DEV -o $IFACE -j ACCEPT
 		fi
 	fi