]> git.ipfire.org Git - people/teissler/ipfire-2.x.git/blobdiff - src/initscripts/init.d/firewall
projects / people / teissler / ipfire-2.x.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Forward Firewall: BUGFIX: When editing a rule and changing position, no other changes...
[people/teissler/ipfire-2.x.git] / src / initscripts / init.d / firewall
diff --git a/src/initscripts/init.d/firewall b/src/initscripts/init.d/firewall
index 225d4827cf021f03346b5e2ec0e4fe21e7289786..af488b0d75b00c9577fbfa4af17e15d47995bca5 100644 (file)
--- a/src/initscripts/init.d/firewall
+++ b/src/initscripts/init.d/firewall
@@ -241,7 +241,14 @@ case "$1" in
        /sbin/iptables -t nat -A POSTROUTING -j REDNAT
 
        iptables_red
-
+       
+       # DMZ pinhole chain.  setdmzholes setuid prog adds rules here to allow
+       # ORANGE to talk to GREEN / BLUE.
+       /sbin/iptables -N DMZHOLES
+       if [ "$ORANGE_DEV" != "" ]; then
+               /sbin/iptables -A FORWARD -i $ORANGE_DEV -m state --state NEW -j FORWARDFW
+       fi
+       
        # PORTFWACCESS chain, used for portforwarding
        /sbin/iptables -N PORTFWACCESS
        /sbin/iptables -A FORWARD -m state --state NEW -j PORTFWACCESS
Timo's tree of IPFire 2.x