- if [ "${DROPFORWARD}" = "on" ]; then
- iptables -A POLICYFWD -i "${BLUE_DEV}" ! -o "${IFACE}" -m limit --limit 10/minute -j LOG --log-prefix "DROP_FORWARD "
- fi
- iptables -A POLICYFWD -i "${BLUE_DEV}" ! -o "${IFACE}" -j DROP
- fi
- if [ "${HAVE_ORANGE}" = "true" ] && [ -n "${ORANGE_DEV}" ]; then
- if [ "${DROPFORWARD}" = "on" ]; then
- iptables -A POLICYFWD -i "${ORANGE_DEV}" ! -o "${IFACE}" -m limit --limit 10/minute -j LOG --log-prefix "DROP_FORWARD "
- fi
- iptables -A POLICYFWD -i "${ORANGE_DEV}" ! -o "${IFACE}" -j DROP