X-Git-Url: http://git.ipfire.org/?p=people%2Fteissler%2Fipfire-2.x.git;a=blobdiff_plain;f=src%2Finitscripts%2Finit.d%2Ffirewall;h=844618a304161639f8c571ef5a143cadcc728104;hp=cc6b6190eb8ecb7c376934b1aa74968915c46c6c;hb=fcbf5eef0b6e557608340f5fd5a7ec1fc99943f3;hpb=cf4657e0091ccee44de0462c77bd64d08aa7b503

diff --git a/src/initscripts/init.d/firewall b/src/initscripts/init.d/firewall
index cc6b6190e..844618a30 100644
--- a/src/initscripts/init.d/firewall
+++ b/src/initscripts/init.d/firewall
@@ -183,7 +183,9 @@ case "$1" in
 	/sbin/iptables -A FORWARD -j IPSECFORWARD
 	/sbin/iptables -A FORWARD -j OPENSSLVIRTUAL -m comment --comment "OPENSSLVIRTUAL FORWARD"
 	/sbin/iptables -A OUTPUT -j IPSECOUTPUT
+	/sbin/iptables -t nat -N OVPNNAT
 	/sbin/iptables -t nat -N IPSECNAT
+	/sbin/iptables -t nat -A POSTROUTING -j OVPNNAT
 	/sbin/iptables -t nat -A POSTROUTING -j IPSECNAT
 
 	# Outgoing Firewall
@@ -252,9 +254,8 @@ case "$1" in
 	# upnp chain for our upnp daemon
 	/sbin/iptables -t nat -N UPNPFW
 	/sbin/iptables -t nat -A PREROUTING -j UPNPFW
-	/sbin/iptables -A FORWARD -m state --state NEW -j UPNPFW
-	# This chain only contains dummy rules.
 	/sbin/iptables -N UPNPFW
+	/sbin/iptables -A FORWARD -m state --state NEW -j UPNPFW
 
 	# Custom mangle chain (for port fowarding)
 	/sbin/iptables -t mangle -N PORTFWMANGLE