Forward Firewall: Finalize integration of OUTGOING into firewall
authorAlexander Marx <amarx@ipfire.org>
Mon, 18 Feb 2013 09:41:19 +0000 (10:41 +0100)
committerMichael Tremer <michael.tremer@ipfire.org>
Fri, 9 Aug 2013 12:08:21 +0000 (14:08 +0200)
config/forwardfw/firewall-policy
html/cgi-bin/forwardfw.cgi

index e96278a16570989b8a2fe9dd02eb20edddf2d4f0..90d8065aa1f57a9256da00399047d79517019d0f 100755 (executable)
@@ -22,7 +22,7 @@ if [ "$POLICY" == "MODE1" ]; then
                fi
 fi
 if [ "$POLICY1" == "MODE1" ]; then
-       /sbin/iptables -A OUTGOINGFW -m state --state ESTABLISHED,RELATED -j ACCEPT
+       /sbin/iptables -I OUTGOINGFW 1 -m state --state ESTABLISHED,RELATED -j ACCEPT
                if [ "$FWPOLICY1" == "REJECT" ]; then
                        if [ "$DROPOUTGOING" == "on" ]; then
                                /sbin/iptables -A POLICYOUT -m limit --limit 10/minute -j LOG --log-prefix "REJECT_OUTPUT"
index 460a08c4c83a0e6d3296f87fca9606f7bf03ec72..86fed83b98fc791a3917b761cd46f0704ecb6432 100755 (executable)
@@ -198,7 +198,7 @@ if ($fwdfwsettings{'ACTION'} eq 'saverule')
                #print"ALT: $fwdfwsettings{'oldgrp2a'} $fwdfwsettings{'oldgrp2b'}       NEU:    $fwdfwsettings{'grp2'} $fwdfwsettings{$fwdfwsettings{'grp2'}}<br>";
                #print"ALT: $fwdfwsettings{'oldgrp3a'} $fwdfwsettings{'oldgrp3b'}       NEU:    $fwdfwsettings{'grp3'} $fwdfwsettings{$fwdfwsettings{'grp3'}}<br>";
                #print"DIENSTE Checkalt:$fwdfwsettings{'oldusesrv'}  DIENSTE Checkneu:$fwdfwsettings{'USESRV'}    DIENST ALT:$fwdfwsettings{'oldgrp3a'},$fwdfwsettings{'oldgrp3b'}   DIENST NEU:$fwdfwsettings{'grp3'},$fwdfwsettings{$fwdfwsettings{'grp3'}}<br>";
-       }elsif($fwdfwsettings{$fwdfwsettings{'grp1'}} eq 'IPFire'){
+       }elsif($fwdfwsettings{$fwdfwsettings{'grp1'}} eq 'IPFire' ){
                # OUTGOING PART
                $fwdfwsettings{'config'}=$configoutgoing;
                $fwdfwsettings{'chain'} = 'OUTGOINGFW';